Digital Privacy – UPSC GS3

Concerns of Online privacy
  • In India, the total number of Internet subscribers stood at 391.50 million at the end of 2016, reflecting an 18.04% change over the previous quarter.
  • With the increase in digitalisation, more and more of our data is being captured and how this data is used and held is becoming increasingly important.
  • The simple act of browsing a website can now be used by a third party and strangers for assessing age, profession, and salary package with the help of tracker cookies which can be used to build and share an accurate profile of internet user based on the sites  visited, and deliver tailored advertisements.
  • While generating high volumes of data there is no proper framework to regulate data retention by the platforms collecting it.
  • The various government schemes like Adhaar, digi locker and DBT are increasing the availability of large-scale sensitive data online which leaves citizens exposed as in 2013, when the Maharashtra government simply lost the personal data of 300,000 Aadhaar card applicants.
  • The Information Technology Act has limited scope to penalize government agencies against contravention of their privacy in the data ecosystem.
  • The new fundamental right to privacy has to contend with the paradoxical behavior of citizens who value informational privacy but at the same time share it “at the drop of a hat” on everyday transaction if they stand to benefit from it.
Way forward
While balancing the right to privacy with what it is up against online, the Supreme Court mentioned the nine principles suggested by the 2012 report of the government’s expert group on privacy headed by Justice A.P. Shah. These include:
  1. Notice to be given to users while collecting data.
  2. Choice and consent of users while collecting data from them,
  3. Collection limitation to keep user data collected at the minimum necessary.
  4. Purpose limitation to keep the purpose as adequately defined and narrow as possible.
  5. Access and correction for end users to correct or delete their personal data as may be necessary.
  6. Disclosure of information: private data should not be disclosed without explicit consent of end user.
  7. Security: defining responsibility to ensure technical, administrative and physical safeguards for data collected.
  8. Openness: informing end users of possible collection and utilization of personal data.
  9. Accountability: institutionalize accountability for adherence to these principles.
Conclusion
  • The government has appointed a commission headed by Justice B.N. Srikrishna to review data protection norms which is still to make its recommendations.
  • Until the recommendations are established by law, it will be necessary to adopt mechanisms that ensure compliance towards use of privacy enhancing technologies (PET).
  • The government needs to take into account the uncertainty around the current regulations and develop frameworks to align future legislation with our modern data footprint.
  • The government needs to spread awareness and encourage the citizens to take voluntary steps towards safeguarding themselves by inculcating digital privacy principles.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top