The journalists had applied for cards and vehicle stickers through the EC’s online system
Election Commission building at Agargaon in the capital. Photo: Rajib Dhar/TBS
“>
Election Commission building at Agargaon in the capital. Photo: Rajib Dhar/TBS
Personal information of at least 14,000 journalists was exposed yesterday through an online system introduced by the Election Commission (EC) ahead of the 13th national parliamentary election.
A technical issue in the system caused journalists’ sensitive data to remain publicly accessible for around two hours. Although, the EC has yet to confirm matter.
The exposed information included photographs, signatures, national identity card (NID) details, office ID cards, and media-related documents submitted by journalists while applying through the EC’s website.
The applications also contained institution-related information, including lists of journalists approved by media organisations.
Tanvir Hasan Joha, International Crimes Tribunal prosecutor and information technology expert, described the incident as direct evidence of irresponsibility by a state institution, reports Prothom Alo.
“How can a constitutional body launch a system that has no data protection, access control or even basic security testing? The most important question is whether the personal data of these 14,000 journalists has been copied or accessed by any third party,” he said.
He further said that those who often speak publicly about journalists’ data protection, digital security and personal privacy are, in reality, the ones handing over such information to the most insecure systems.
Ahead of the election and an upcoming referendum, the EC revised the rules for issuing cards to journalists and observers.
For the first time, it made online application through pr.ecs.gov.bd mandatory for obtaining journalists’ cards and vehicle stickers.
However, following demands from journalists, the EC withdrew the decision on Thursday and opted to issue cards manually.
Before the decision was reversed, nearly 14,000 journalists had already applied for cards and stickers through the online system.
Yesterday (31 January), after 4pm, the personal information of journalists who had applied became publicly accessible on the EC’s website.
By replacing “user” with “admin” in the website URL, complete applications and related information could be viewed.
The website’s homepage displayed a list of applicants, along with names, NID numbers, mobile phone numbers and options to open full applications.
By the evening, the website was no longer accessible.
Election Commission Secretariat Senior Secretary Akhtar Ahmed told Prothom Alo around 9pm that he was not aware of the issue.
“This is not within my knowledge. I was in the office until 2:30pm today [Saturday], and nothing was known about it then. Since the afternoon, a few people have called to ask about the matter. It would not be right to comment without knowing what information was leaked and how. I will find out after going to the office tomorrow,” he said.
IT experts have stressed the need for proper security testing and verification of sensitive data protection mechanisms before launching any digital system under state management.
Director of the Institute of Information Technology at Dhaka University, BM Mainul Hossain, told Prothom Alo that digital systems primarily operate on trust.
He warned that if state institutions fail to build that trust, people will lose confidence in digital systems, putting the country’s broader digital transformation process at risk.
About The Author
