NIXI wants to store your Aadhaar through EKYC details in a “perfect manner and a decent way”

R

rootyme

Gold is old
Galvanizer
As per this notification by the National Internet Exchange of India, registrants applying for registration of domains have to share their Aadhaar details for E-KYC verification. It also provides alternatives like PAN Card, Passport and Election Cards.

68f6b43629ef2ccf79f7f0448f1a0672b802bc8c.jpeg


Such linking is without a clear legal basis, violates the Supreme Court’s privacy decision and could be cited as a precedent for linking social media accounts with Aadhaar. The result? Violation of privacy and a chilling effect on free speech online. The Result? Systematic abuse and life threats coupled with relentless stalking on the web. The result? All the concerned authorities linking my Aadhaar with my TechEnclave account. The result? DISGUSTING SCAMMERS LIKE MITSU.IN SENDING ME REPEATED JAIL THREATS AS WELL AS LIFE THREATS AFTER RECEIVING MY AADHAAR CARD.

.IN Registry and NIXI are just as responsible for what I am currently going through. I'll not leave this without bringing a change. If KYC is mandatory, only NIXI/.IN Registry can have access to it. NOBODY ELSE. NOBODY ELSE.

.IN Registry must create a centrally managed KYC verification portal and employ staff on its own to handle EKYC in any form or manner. No Registrar can be allowed to access any KYC document of any Registrant. I will not leave this without making that happen.

Also, nobody can own more than two .IN Domains without personally contacting NIXI's CEO and seeking his permission:

1. https://www.medianama.com/2022/01/223-nixi-domain-bulk-buying-guidelines/
2. https://archive.internetfreedom.in/post/nixis-domain-cap/
3. RTI filed by IFF for this:
i) https://drive.google.com/file/d/1BLozj0qSBaGKSLySrY8j4IANuBhzk6E3/view
ii) https://drive.google.com/file/d/1Yi2xjGR0QtRVz0yMzgnInK6NO21Xo_0n/view
 
Last edited:
  • Sad
  • Like
Reactions: Kaleen Bhaiya, lockhrt999 and TEUser2K1
so you have to disclose the domain name first to them so they can front run and book the domain themselves and sell it to you at higher prices. Nice. May it is done to safe guard .IN from domineers. .uk .de also does it but I think there is no permission thingy, you just need to have local address.
 
  • Like
Reactions: rootyme
I need answers to the following.

What exactly is NIXI trying here? If KYC is mandatory, then it makes the procedure of owning a domain the exact same as creating a SBI Bank Account/Passbook.

In that case, how does NIXI allow random no-name third party Registrars to collect KYC documents from registrants? Does NIXI take the responsibility for what these registrars do? If no, how did they pass that "KYC mandatory" resolution?

Another question is, if "KYC IS MANDATORY" why aren't registrants asked for KYC photocopy during sign up? What's the goal here? To suspend accounts/domains after sign up and subsequently threaten users to submit KYC? I don't understand a thing here.
 
I'm not familiar with this field, so correct me if I'm wrong in assuming : We don't NEED a third party registrar; meaning we're free to do the job by ourselves.

rootyme said:
how does NIXI allow random no-name third party Registrars to collect this KYCs from registrants?
Click to expand...
If my assumption is correct, technically we are the ones allowing third party registrars to do so. Just like how we allow similar representations in, say applying for driver's license, legal representation, etc.

rootyme said:
Does it take the responsibility for what these registrars do? If no, how did they pass that "KYC mandatory" resolution?
Click to expand...
No and the bitter short answer for the 2nd question is : couldn't be bothered.

rootyme said:
I don't understand a thing here.
Click to expand...
Me neither; but I'm certain I'm about to learn a lot from the totally civil conversation that's about to take place!
 
BullettuPaandi said:
If my assumption is correct, technically we are the ones allowing third party registrars to do so. Just like how we allow similar representations in, say applying for driver's license, legal representation, etc.
Click to expand...
Note that you can't purchase a domain directly from NIXI or .IN Registry. NIXI provides "accreditation" to these companies who are then authorised to sell domains. You can view the list of such "Accredited Registrars" here- https://www.registry.in/accredited-registrars. You're not allowing them at your free will. It's being forced upon you by NIXI. For your DL, you submit your KYC to the Regional Transport Office which is an Indian government authority. If I am to trust anybody with my KYC, it'd be either the government itself or the Government bodies.

Going back to my Mitsu thread, I was hesitant to share my confidential data with a non-govt entity thus I asked the company to tell me if this is enforced by all Registrars. The rest is history.

Point is, I got to know about Mitsu and trusted them only because I found them on this page - https://www.registry.in/accredited-registrars. So there is responsibility on them, a lot of it.

BullettuPaandi said:
No and the bitter short answer for the 2nd question is : couldn't be bothered.
Click to expand...
They would have to. And the answer is not as simple as that. Private data is not just random bits of information. It carries a lot of weight. They have to be very bothered.
 
  • Like
Reactions: TEUser2K1
rootyme said:
It's being forced upon you by NIXI.
Click to expand...
rootyme said:
Note that you can't purchase a domain directly from NIXI or .IN Registry. NIXI provides "accreditation" to these unknown companies who are then authorised to sell domains.
Click to expand...
Oh, so basically my assumption is wrong.

Edit Just wanted to verify and decided to lookup. The very first line that I read alone told me enough - that NIXI is a non-profit.
 
Last edited by a moderator:
  • Like
Reactions: rootyme
And, .in domains were already bad as they lack privacy protection. Plus, domestic registrar like BigRock verify your mobile, so you can't even get to lie.
 
  • Like
Reactions: rootyme
lockhrt999 said:
And, .in domains were already bad as they lack privacy protection. Plus, domestic registrar like BigRock verify your mobile, so you can't even get to lie.
Click to expand...
I wasn't even trying to lie. Yet I have been abused and harassed so much by an "Accredited Registrar".

I have never heard of company support calling a consumer and abusing while screaming. In this case, the support guy never revealed his name. The call literally started with him screaming that I am going to jail. Which was followed by a 500 rupee demand.
 
  • Sad
Reactions: TEUser2K1 and lockhrt999
rootyme said:
As per this notification by the National Internet Exchange of India, registrants applying for registration of domains have to share their Aadhaar details for E-KYC verification. It also provides alternatives like PAN Card, Passport and Election Cards.

View attachment 192018

Such linking is without a clear legal basis, violates the Supreme Court’s privacy decision and could be cited as a precedent for linking social media accounts with Aadhaar. The result? Violation of privacy and a chilling effect on free speech online. The Result? Systematic abuse and life threats coupled with relentless stalking on the web. The result? All the concerned authorities linking my Aadhaar with my TechEnclave account. The result? DISGUSTING SCAMMERS LIKE MITSU.IN SENDING ME REPEATED JAIL THREATS AS WELL AS LIFE THREATS AFTER RECEIVING MY AADHAAR CARD.

.IN Registry and NIXI are just as responsible for what I am currently going through. I'll not leave this without bringing a change. If KYC is mandatory, only NIXI/.IN Registry can have access to it. NOBODY ELSE. NOBODY ELSE.

.IN Registry must create a centrally managed KYC verification portal and employ staff on its own to handle EKYC in any form or manner. No Registrar can be allowed to access any KYC document of any Registrant. I will not leave this without making that happen.

Also, nobody can own more than two .IN Domains without personally contacting NIXI's CEO and seeking his permission:

1. https://www.medianama.com/2022/01/223-nixi-domain-bulk-buying-guidelines/
2. https://archive.internetfreedom.in/post/nixis-domain-cap/
3. RTI filed by IFF for this:
i) https://drive.google.com/file/d/1BLozj0qSBaGKSLySrY8j4IANuBhzk6E3/view
ii) https://drive.google.com/file/d/1Yi2xjGR0QtRVz0yMzgnInK6NO21Xo_0n/view
Click to expand...
OKAY, why do you want us to sign in google to view the docs on drive ?
 
EHH said:
OKAY, why do you want us to sign in google to view the docs on drive ?
Click to expand...
Those are not hosted on my Drive. The RTI files are hosted by IFF who actually filed them with NIXI.

Edit: No sign in was required back when I had created this thread. The RTI PDFs were already publicly posted on their site. Not sure why they have enforced this sign in requirement now.
 
Last edited:
Top Bottom