The Digital Fortress or a House of Cards? The Growing Threat of Identity Fraud and Administrative Apathy

In the age of Digital India, the Aadhaar card stands as the cornerstone of a citizen’s identity. It is the key to subsidies, banking, and virtually every essential service. However, as the infrastructure for digital identity grows, so does the sophistication of cybercriminals. A recent grievance filed by Yogi M. P. Singh (Registration Number: GOVUP/E/2025/0001030) highlights a chilling reality: it isn’t just the criminals we should fear, but the systemic indifference of the institutions sworn to protect us.

The case involves repeated, unauthorized attempts to authenticate an Aadhaar number via OTP, followed by a failure of the state’s grievance redressal mechanism to recognize a potential cybercrime in the making.

---

1. The Anatomy of an Attempted Fraud

The ordeal began when the complainant received notifications from the Unique Identification Authority of India (UIDAI) informing him that his Aadhaar (ending in 9009) had failed authentication via OTP. These attempts were not initiated by the user, suggesting that a fraudulent element was actively trying to bypass security protocols.

According to the complainant, these attempts were linked to efforts to verify KYC (Know Your Customer) details at Axis Bank. This is a classic precursor to identity theft—where a criminal attempts to open a fraudulent bank account or hijack an existing identity to facilitate money laundering or financial fraud.

2. The Failure of the Digital Safety Net

When the UIDAI system detects suspicious activity, it automatically advises the user to contact their helpdesk at help@uidai.gov.in. However, when Mr. Singh followed these instructions, he was met with a “Delivery Incomplete” error.

This represents a critical failure in public infrastructure. If the primary contact point for the world’s largest biometric ID system is non-functional during a security breach, the citizen is left defenseless. A public email address failing to receive reports of fraud is not just a technical glitch; it is a breach of trust between the state and the taxpayer.

---

3. “Not Our Concern”: The Bureaucratic Shrug

Perhaps the most alarming aspect of this case is the response from the Government of Uttar Pradesh. Upon filing a grievance with the state, the case was closed within four days with the following remark:

“The applicant has informed regarding Aadhaar Card OTP. No action is expected from the Home Department, U.P. Government in this matter.”

This response highlights a dangerous gap in understanding cybercrime. By labeling the issue as a “UIDAI matter,” the state authorities ignored the criminal intent behind the act. The complainant rightly pointed out that Law and Order is a state subject. If an individual is attempting to commit fraud or identity theft within the jurisdiction of Uttar Pradesh, it is a police matter, regardless of whether the tool used was a central government ID.

4. Why Attempted Identity Theft is a State Issue

Identity theft does not happen in a vacuum. It is often the first step in a larger criminal enterprise.

• The Intent to Defraud: Attempting to use someone else’s Aadhaar for banking KYC is a clear violation of the Information Technology Act and the Indian Penal Code.
• The Prevention Factor: By dismissing the grievance, the authorities missed an opportunity to trace the device ID or IP address of the fraudulent actor before a financial crime could actually be completed.
• Public Safety: If the administration waits for money to be stolen before acting, they are practicing “reactive” rather than “proactive” policing.

---

5. The Concept of “Good Governance”

The complainant’s frustration echoes a sentiment felt by many: “Where is good governance if common people are facing problems because of criminal elements and police fail to take action?”

Good governance is not merely the digitization of records; it is the responsiveness of the system when those digital records are compromised. When a Joint Secretary-level officer closes a case of potential identity theft with a “not our concern” remark, it signals to criminals that the digital landscape is a “no man’s land” where they can operate with impunity.

6. Recommendations for Reform

To prevent such lapses in the future, several steps are necessary:

1. Inter-Departmental Coordination: There must be a seamless bridge between UIDAI and State Cyber Cells. A complaint filed with one should automatically trigger an alert for the other.
2. Sensitization of Grievance Officers: Officials handling portals like IGRS (Jansunwai) need training to recognize that digital irregularities (like unauthorized OTPs) are often evidence of physical crimes.
3. Redundancy in Helpdesks: Government departments must ensure that their communication channels (emails and helplines) have 100% uptime, especially those dealing with security.

---

Conclusion

The case of Yogi M. P. Singh is a wake-up call. We are living in an era where our “digital self” is as valuable as our physical self. If the state refuses to protect our digital identity from fraudulent elements, the vision of a “Secure Digital India” remains an elusive dream. Justice requires more than just a registration number; it requires an administration that is willing to listen and act before the damage is done.

The frustration with administrative apathy is a significant challenge in modern governance. When government functionaries dismiss a potential crime as “not their department,” it creates a dangerous vacuum where fraudulent elements can operate without fear.

Under Indian law and the principles of Good Governance, inaction or “dereliction of duty” by a public servant is a serious matter.¹ Below is a structured guide on the legal and administrative steps you can take to compel action against both the fraudsters and the negligent officials.

---

1. Legal Recourse Against “Dereliction of Duty”

If a government official refuses to take action or closes a case without a proper inquiry, it is considered Dereliction of Duty.² You have specific legal tools to challenge this:

• Writ of Mandamus: Under Article 226 (High Court) or Article 32 (Supreme Court) of the Constitution, you can file a writ of Mandamus. This is a court order that commands a public authority to perform their legal duty which they have failed to do.
• The IT Act & IPC: Since this involves an attempt to misuse Aadhaar for bank KYC, it falls under Section 66C (Identity Theft) and Section 66D (Cheating by Personation) of the Information Technology Act.^{3 State police are legally obligated to investigate cyber-related identity theft.4}
• Neglect of Duty (Section 4): Under certain specific acts (like the SC/ST Act, if applicable), public servants can be punished for “willful neglect of duties.” Generally, administrative rules allow for departmental inquiries if an official acts in a manner “unbecoming of a government servant.”⁵

---

2. Escalation Steps for Uttar Pradesh (IGRS/Jansunwai)

Since the grievance GOVUP/E/2025/0001030 was closed with a poor rating, you should not stop there. The UP Government’s Jansunwai (IGRS) portal has specific escalation tracks:

• Feedback/Appeal: Use the “Your Feedback” (आपकी प्रतिक्रिया) option on the Jansunwai portal. If you rate the disposal as “Poor,” the system allows for an Appeal to be filed within 30 days. This appeal is reviewed by a senior officer (often at the District Magistrate or Special Secretary level).
• Send a Reminder (Anusmarak): If a case is closed incorrectly, you can send a formal “Reminder” through the portal citing the previous registration number and explaining why the “Case Closed” remark is legally flawed.
• Direct Complaint to the CM’s Secretariat: Since Shri Arvind Mohan (Joint Secretary) is the officer concerned, you can escalate the matter to the Directorate of Public Grievances in the Chief Minister’s Secretariat, Lucknow (Room No. 321), specifically mentioning the official’s failure to recognize a cybercrime.

---

3. Immediate Action for Cybercrime

Since the state authorities are dismissing the Aadhaar issue, bypass the general grievance portal and use the dedicated criminal reporting infrastructure:

Platform	Action Required
National Cybercrime Portal	File a formal complaint at cybercrime.gov.in. This goes directly to the Cyber Cell, not just a general administrative officer.
National Helpline 1930	Report the unauthorized KYC attempt at Axis Bank. This creates a record of “Attempted Financial Fraud.”
Sanchar Saathi (Chakshu)	Report the fraudulent communication/OTP attempts at sancharsaathi.gov.in under the “Chakshu” facility for suspected fraud.

---

4. Holding Officials Accountable

To fight the “bureaucratic shrug,” you can use the following strategy:

1. File an RTI (Right to Information): Ask the Home Department for the “Standard Operating Procedure (SOP)” regarding identity theft complaints. Ask specifically why an unauthorized OTP attempt was deemed “no action expected.”
2. Lokayukta: In Uttar Pradesh, if you believe there is “maladministration” or “corruption of duty,” a complaint can be filed with the U.P. Lokayukta.

Summary of Next Step

The system often relies on the citizen’s fatigue to close cases. Would you like me to help you draft the text for a “Formal Appeal” to be submitted on the Jansunwai portal, specifically challenging the Joint Secretary’s remark?