Widespread Data Collection Raises Fear of Privacy Breach in India

Over the past several months, there has been a lot of debate and discussions regarding data privacy and security in India and the rest of the world. There is a valid reason behind the concerns that people have about various companies collecting their data and using it for undisclosed purposes.

Everyone Does It

Almost every business that deals with consumers collects some form of their data. From names and addresses to identification details like social security number and credit card number, even the smallest piece of data isn’t safe these days.

In many countries, such fears have led to the formation of data privacy laws to protect the interests of the ordinary people. But not so in India.

Behind the Times

Unlike many nations in the West, India is still quite behind when it comes to data protection laws. In fact, there is no such law in existence and no plans for any in the coming days. In the absence of any such law to protect the data of the ordinary public, various government agencies are freely collecting data by various means.

The reason stated behind such data collection is usually something to do with improving services or getting feedback.

However, such widespread data collection across the country has raised concerns that there may be some political motive behind it. Because there is no data protection law in the country, the public is helpless against such data collection. 

Purpose Limitation

When it comes to data protection, one of the key principles is purpose limitation. This means that there must be a few set reasons for which data can be collected.

But since there is no such data protection law in India, there is no purpose limitation either. This has resulted in various government agencies collecting data for vague reasons without any evidence.

The case in point is the personal data collection of employees by various public sector oil refiners over the last few weeks. The reason stated for this data collection is for a skill development program.

But there has still been widespread concern regarding this exercise because the stated reason isn’t believable and there is no convulsive evidence as to how the data will be used. The data collected include the employee’s religion, caste, Aadhaar number and bank account details.

It isn’t clear how such personal details can be of any use for a skill development program. This has also led many to grow suspicious about the true intention behind this data collection – and it is of course political.

Such exercises have been conducted in various states across the country, including Telangana and Andhra Pradesh. This is a violation of privacy, all right, but also poses a cybersecurity threat for the public.

Multiple Risks

With such data collection exercises come various risks and threats. There is always the fear of the data being used for purposes that violate privacy and make the public more vulnerable, but aside from that, there’s also the risk of data breach.

It is well known that in India all government arms have very low security and a weak technological infrastructure. The structure of the law has been borrowed from the General Data Protection Regulation and has been combined with the Information Technology Act.

The Bill has 112 sections and proposes amendments to the Right to Information Act and the Information Technology Act. There are several other proposals made in the bill, but they have to be reviewed and modified before they can be passed.

No Respect

However, what poses a problem for true data protection in India is the disregard for rules and regulations. There are several laws in the country, but not many people have any regard for them. Laws with no teeth it seems.

There is little guarantee of data protection in India when a large section of the population doesn’t even know the meaning of personal data and how its rampant collection could pose a risk.

With literacy levels low in several parts of the country and a vast majority of children still without proper access to education, there is little concern for data protection in India. It explains why there is no hype ever regarding data privacy and Internet security in India. India has other issues to consider.

Apathy

While other nations have become more aware and conscious about data collection – even China wants privacy now – India has been laid back about this whole issue.

This doesn’t mean there are no online threats here. The threats here are quite similar to what they are in other countries. India needs its citizens to be more upbeat and vocal about data protection.

Even though a regulation is in the making, it is going to be of no use if the people of the country don’t care enough about the data collected online. There needs to be more awareness surrounding data collection and data protection, to make people rise up against the risks involved in sharing sensitive information with others.