How a back-and-forth between the MHA and Wipro delayed a crime and criminal tracking system
A stand-off between the ministry of home affairs (MHA) and software development firm Wipro seems to have long held up the Rs 2,000 crore crime and criminal tracking network and systems (CCTNS) project, conceptualised ten years ago. The project aims to digitise and connect all police stations in the country to create a national searchable database of crime and criminals.
The project has two components: central and state. The state component involves digitisation of all police records and computerisation of work at the police station level. Most of the financial allocation went into funding the massive digitisation of police stations and system integration in states and UTs. The central component included (a) development of a software solution called state core application software (CAS) which facilitates computerisation of police stations and (b) creation of a software solution known as central CAS to fetch data from all states and UTs and create a national database of crime and criminals with real-time search facility. It also included setting up a national data centre (NDC) to host the central database.
In 2010, Wipro won the contract for executing the central component. The MHA and Wipro, however, ran into a contractual stalemate that lasted about seven years, and it primarily owed to the framing of a clause on ‘real-time’ search of crime and criminals as and when a crime is reported through the CCTNS system.
READ: “Key milestones achieved in Assam”
According to the contract, Wipro had to set up the NDC, which would provide real-time fetching of data from one corner of the country to another. “Wipro’s solution was not compatible and workable,” a former senior national crime records bureau (NCRB) official of the IPS cadre said. “The software applications Wipro used were incompatible. They failed to provide a solution which would provide real-time exchange of data. The firm could have procured solutions which could have facilitated real-time exchange of data but they didn’t, as it would have overshot their bid amount,” said the former NCRB official.
He said Wipro’s bid amount was so low that it could not make profit. “So it started dilly-dallying. Wipro’s payment was withheld as it failed to cover the milestones,” the official said. The low bid – of about Rs 22 crore – was aimed at winning the contract, he added.
A former home ministry official, speaking on condition of anonymity, added that the solution Wipro delivered initially was obsolete. “RR Verma, the NCRB chief in 2015-16, had written to [Wipro chief] Azim Premji and former executive vice chairman TK Kurien about this but didn’t get an encouraging response,” the official said.
At the same time, the home ministry, too, didn’t take concrete action to push forward the project. The MHA officials didn’t take decision on the CCTNS files for a few years.
It was only in February 2018 that the MHA signed and approved the software requirements specification (SRS), a document prepared by the implementing agency detailing the functionalities of the software solution as per the contract. The SRS is usually signed at the very beginning of the project, preceding the development of software solution. According to some MHA officials, who spoke on condition of anonymity, the final delivery of software (the central CAS) and its certification is expected in another couple of months.
Over the years, the home ministry has sought three extensions from the cabinet committees headed by the prime minister – the third ended on March 31, 2018. The ministry has decided to not seek further extension and consider the process as over, said a senior MHA official. Most of states and UTs are in advanced stages of implementation. The MHA has approved SRS and is expecting the rollout of application on the NDC soon. Hence, it has decided to close the implementation.
Under CCTNS, the government aimed to connect over 15,605 police stations and 6,000 police head offices across the country. The idea behind the project was that the records of an accused named in a first information report (FIR) at a police station should be accessible to cops in another police station anywhere else in the country – speeding up police investigations and nabbing of criminals. The project provided for electronic registration of FIR and offering of various citizen services online. It is all done with the help of state core application software (CAS).
The work under the state component is almost over, an MHA official said. The state CAS is deployed in all 15,605 police stations (PS) across the country except 80. The number of remaining police stations should reduce considerably in a few months, the official said. Except 1,000, all police stations are connected, the official said. “We have provided funds to connect these 1,000 PSs over the next year. We have formed a committee of officers to suggest ways to connect the police stations. We have also asked BSNL to revisit those locations,” he said.
According to the NCRB, the nodal agency overseeing the implementation under the MHA, of the 15,605 police stations, 14,606 are using the CAS – constituting 94 percent of the police stations. Eighty-nine percent of the police stations have migrated ‘legacy data’ – paper records – to the new electronic system. Of 36 states and UTs, 27 are using CCTNS for generating daily crime and status reports. The NCRB also claims that 35 states and UTs have launched state citizen portal services.
In the absence of a central software solution which would aggregate data from states, the massive digitisation of police stations fails its purpose. Here is an account of how a project which was conceptualised to strengthen national security could not be completed all these years.
How did the delay happen?
After year-long deliberations by the MHA, CCTNS was approved by the cabinet committee on economic affairs in June 2009. The cabinet had approved it as a hundred percent centrally sponsored scheme. On September 18, 2009, P Chidambaram, then home minister, while addressing a gathering of entrepreneurs in Delhi, said that the project will boost India’s ability to deal with internal security challenges and will become operational by 2011-12.
According to the approved timeline, Wipro had to deliver the application by March 31, 2012. The cabinet committee thus gave an extension of three years and the new timeline for the project was March 31, 2015. On November 18, same year, the cabinet committee on economic affairs gave another extension till March 2017. Yet again, the ministry sought another extension, and was given time till March 2018.
Initially, Wipro had submitted the central CAS in 2013. “But the solution it had put in place didn’t fetch data from state data centre to NDC in real time – as it was mentioned in the request for proposal (RFP). The ministry had rejected the SRS then,” said a consultant who is aiding the ministry in project monitoring.
The vision statement in the RFP document used the term ‘real-time’. However, a pre-bid document stated that ‘real-time’ scenario will be agreed in discussion with the ministry. This became a major point of contention between the ministry and Wipro, sources said.
“According to the RFP, the data should be fed in the NDC in real time or ‘near real time’ – meaning whenever an FIR is registered electronically using CCTNS system in any police station, it should appear at the NDC simultaneously. However, ‘near real-time’ was not defined in the project document,” said a senior manager who was close to the project. (Wipro didn’t respond to a questionnaire sent by Governance Now.)
“The expectation from MHA was that there is noting like near real-time. There is only real-time,” he said. According to him, the initial solution proposed by Wipro fetched data from states data centre with over six hours’ gap. The key reason why Wipro couldn’t deliver the ‘real-time’ solution as demanded in the contract was its wrong selection of technology – it was proposed by the pre-sales team of Wipro.
What went wrong
The pre-sales team chose a gamut of software solution to connect state data centres with NDC and fetch data on a real-time basis. The solution proposed included NetVault (for taking backup of data from state data centres), Sybase ETL (extract data, transfer it and load it onto NDC) and Sybase IQ (database and data ware housing). When the project was envisaged the NDC servers were on Solaris, an open source operating system. Sybase ETL was compatible with Solaris. But to connect and extract data from state data centres, some of which were using proprietary software, Sybase ETL required additional connection drivers, which were not available freely.
Sybase was taken over by SAP in 2012. SAP had its own ETL tool. When SAP took over, it stopped support for that Sybase ETL tool. That product was made end-of-life by SAP. “When it became end-of-life, Wipro didn’t do anything about it,” the senior manager said. The logical thing to do here was to purchase software tools from SAP. But the Wipro management didn’t approve it.
NetVault, which was used for taking back up at NDC, was not compatible with other software solutions. “The pre-sales team thought that they understood well the compatibility matrix of the product. The database they proposed was Sybase IQ. But NetVault didn’t have the API to take the back up of the Sybase IQ,” the senior manager said. NetVault was taking back-up of Sybase ASE (adaptive server enterprise, another type of database from the parent company), but not of Sybase IQ. “They seemed to be in a hurry. They didn’t go into the question whether NetVault is compatible with Sybase IQ or Sybase ASE. It was wrong to propose NetVault as a solution. That’s why, for two and a half years, the project didn’t move,” the senior manager said.
Wipro had purchased the hardware for setting up NDC only in 2013. “The hardware was reinstated and commissioned in NDC only in 2013. But the software that had to be deployed on NDC was not developed due to the constraints related to software tools – Sybase ETL, Sybase IQ and NetVault. The hardware was of no use. In 2017, it was lying idle. In five years, it has got obsolete,” the person close to the project said. As of now the software is hosted on cloud servers owned by National Informatics Centre (NIC).
He also said the scope of work was never finalised by MHA, the client, and the timelines were ambitious.
The SRS (requirements documentation) is usually matched against the RFP clauses. Once SRS is approved, the software is developed, tested (user acceptance test), certified, audited and then rolled out. In CCTNS, the SRS for central CAS was never finalised. “The first SRS came in 2012. The application was supposed to be delivered in 11 months. We had to get SRS from 36 states,” the person close to the project said. The scope of work was too vast for that deadline.
Wipro released state CAS version 2.7.8 in 2013. “Around that time, all 36 states/UTs gave more requirements. So another version was released – a 3.0 version. Then, again requirements came pouring in. In 2016, anther 4.5 version was released. Wipro offered version 5.0 in November 2017. But again there were a few contractual obligations (items mentioned in RFP) which were not included in the application,” the technology professional said. “All those changes have been taken into consideration and now Wipro will be releasing version 5.0.” He said a thorough matching of the SRS with the RFP wasn’t done.
Resolution
In February 2015, Wipro released the revised central CAS, wherein it did some patchwork to achieve “near real-time” transfer of data. The ministry approved the deviation in early 2016. “In August 2016 we proposed a proof of concept (POC) based on Wipro’s revised solution. It was replicating data in a few minutes (a drastic reduction from the six hours’ time lag). We found it reasonable. Finally, we were able to come out of the ‘contractual stalemate’,” said the project consultant.
Unlike in the past, the ministry doesn’t have a problem with the near real-time solution proposed by Wipro. So far the ministry has released Rs 10 crore to Wipro. In a few months, the official said, the ministry may release the remaining payment.
A better way?
According to the developer, the MHA made the complex task even more challenging. When initially the solution didn’t work out, Wipro revised the technology and offered an alternate solution – which was a deviation from what was finalised in the contract – to offer a near real-time search. However, the MHA officials didn’t approve of the deviations.
“The stakeholders (joint secretary in charge of the project at MHA) kept changing and no one wanted to take ownership. Because it is on paper, they won’t deviate from it even if they want to because of the existing norms. They are ready to work with old technology, rather than taking decision and shifting to a new technology,” said the senior manager.
“For example, we wanted to give a new solution for Sybase. It took two and half years to get this new solution rolled out because no one was ready to take a decision. Because the tech which was there in 2010 in BoM (bill of material) is old and now we are in 2018. Now we should move to technology which is more open source.”
According to the consultant, the project could have been implemented in a timely manner if the following things were kept in mind: faster decision making, internal capacity, clear specification and not being too ambitious about cost and time.
As of now, the search facility has been made available to all central investigation agencies – the CBI, NIA and IB, among others – and all states – but access limited to state nodal officers; investigation officers (IO) at police station level don’t have the access yet – where it was originally envisaged. The IOs have access to the searchable database in only 13 states/UTs which are Chandigarh, Chhattisgarh, Delhi, Jharkhand, Karnataka, Kerala, Madhya Pradesh, Maharashtra, Odisha, Punjab, Telangana, Uttar Pradesh and Assam. NetVault back-up solution has still not been resolved. The final solution – central CAS – has not been delivered yet. Once it is ready, then it has to be hosted on the NDC servers (and not the NIC cloud servers). For the MHA, however, the CCTNS implementation is over! The government has so far spent Rs 1,796 crore on the project.
feedback@governancenow.com
(The article appears in the June 30, 2018 issue)