Chandigarh: The cybersecurity of Chandigarh administration’s digital infrastructure has come under the scanner of the Punjab and Haryana high court, with a PIL challenging the continued use of unsecured govt websites and alleging violations of citizens’ right to privacy and secure digital access.The PIL, filed by advocate and digital privacy lawyer Rajavikrant Sharma, stems from an RTI response which revealed that much of the infrastructure at the Chandigarh UT Data Centre has reached its End of Life (EOL). During proceedings, the Chandigarh administration informed the court that 33 of its 127 official websites are operating without HTTPS encryption, including portals linked to the police, transport, health, higher education and finance departments.The petitioner contended that citizens are being compelled to submit personal and financial information on unsecured govt websites, exposing them to avoidable cybersecurity risks and running contrary to the govt’s own cyber safety advisories.Among the key concerns raised in the PIL is the department of higher education’s centralised admissions portal, which has allegedly been operating on an unsecured HTTP connection since 2020 despite processing admissions of thousands of undergraduate aspirants every year.Students upload sensitive personal documents on the portal, including Aadhaar details, Class X and XII marksheets, migration certificates, category certificates, photographs and signatures. The admissions process also requires candidates to provide mobile numbers, email addresses and other personal information.Unlike HTTPS websites, HTTP connections do not offer standard transport-layer encryption between a user’s browser and the website, making data transmission potentially more vulnerable.The RTI response also stated that procurement of new infrastructure for the Chandigarh UT Data Centre is currently under process with the department of information technology.Sharma, who filed both the RTI application and the PIL, described the prolonged use of an unsecured admissions portal as a serious governance concern. He argued that citizens should not have to compromise data security while accessing essential public services or higher education.The PIL further points to cybersecurity advisories issued by the ministry of home affairs and the ministry of electronics and information technology, which advise citizens to share confidential information only on HTTPS-enabled websites.Responding to the concerns, Chandigarh administration’s director, information technology, Avikesh Gupta, said citizen data remains protected through internal security safeguards. He added that the State Data Centre is being upgraded and that all govt websites are expected to be migrated to HTTPS-enabled platforms within the next two to three months.BOX:YBER SECURITY CONCERNS33 UT Websites Still Without HTTPSChandigarh administration admits 33 of 127 official websites are operating without HTTPS encryptionPortals linked to police, transport, health, higher education and finance are among those flaggedAdmissions Portal Under ScannerHigher education department’s centralised admissions portal allegedly running on HTTP since 2020Thousands of undergraduate applicants upload Aadhaar details, marksheets, certificates and contact information annuallyUT Data Centre Infrastructure AgeingRTI response says much of the Chandigarh UT Data Centre infrastructure has reached End of Life (EOL)Procurement of upgraded infrastructure is currently under process.Administration’s AssuranceIT director says citizen data remains protected through internal security mechanismsAll govt websites likely to be migrated to HTTPS-enabled platforms within 2-3 months
