Rediff.com« Back to articlePrint this article

Personal Data Protection

August 28, 2023 09:24 IST

Ajit Balakrishnan offers a thinking person’s guide.

Illustration: Dominic Xavier/Rediff.com
 

Last week, I was sitting in the rear seat of my car, deeply immersed in my Kindle, reading about recent breakthroughs in machine learning techniques (which is what my friends think is boring about me), being driven by my long-serving driver from the Mumbai airport to home when I felt the car slowing down suddenly.

When I looked up, I saw a traffic policeman in front of our car, waving us to stop. When we did, he appeared at the driver's window, and demanded to see his driving licence. He then tapped on a gadget he had in his palm, obviously entering data from the licence.

When my driver asked what we had done wrong, he said, in a contemptuous tone in Marathi: "Your car moved while the yellow light was still on and the green light had not come on. The CCTV camera at this traffic light says so."

My driver and I sat politely, not wanting to argue with a Mumbai traffic policeman. The policeman then went in front of the car and used his gadget to take a picture of the car's number plate. He then stepped aside and waved us on, and we resumed our journey to my home in Colaba.

Next morning I got an SMS from the Mumbai traffic police that I, as the registered owner of my car, had been fined Rs 500 for a traffic light violation.

That's when I realised something: My car number is linked to my mobile number and my Aadhar Card number, which in turn is linked to my income tax return number and god knows what else!

Numbers came flashing to my mind: Mumbai has some 170 surveillance cameras per square mile, watching all of us.

This is the 18th highest for any city in the world, but New Delhi has 1,900, the highest in the world, far ahead of London, New York, and even Beijing or Shanghai.

Usually, when I read these stats, I, as a person devoted to tech, usually feel satisfied. These stats are a signal for how modern India is, but now I started wondering.

Then came the news a few days ago that our Parliament had passed the Digital Personal Data Protection Bill, 2023.

Normally, my reaction would have been: 'Great idea! Another step in showing India is a leader in everything technological!' But after the traffic police incident, I found myself deep in thought: Is collecting all this data good, or can this data be misused by people in authority?

Much of the enthusiasm in India for 'data protection' comes from a puzzling set of bedfellows: Nasscom (the trade association of IT services companies), the Internet and Mobile Association of India (now representing Google, Microsoft, and other foreign Big Tech companies), and, surprisingly, major Indian pharma companies.

Then there are social activists like the 'Internet Freedom Foundation' and online media companies passionately debating risks of any kind of data-protection legislation.

Part of our bewilderment arises because we, as citizens, have a centuries-old concept of 'privacy'.

Privacy to us has meant, for example, no strangers peep into our homes and intrude into our 'private life'.

Privacy has meant people being not too inquisitive about how much money you make, what caste you come from, or what health issues you may have.

Our normal response to such inquisitive questions has historically been: 'It's none of your business!'

That normally ends the inquisitiveness.

The world of computers, data, and the Internet lived through many years without too much questioning of what possible negative uses any of the user data was being put to till the 'Cambridge Analytica Scandal' in 2018.

It was discovered that the British company had used its app on Facebook to collect profiles of 87 million people and used it to help Donald J Trump in his 2016 election campaign.

These anxieties were seen earlier in 2013, when Edward Snowden revealed how US intelligence agencies were using personal data to do surveillance on private citizens.

Further anxiety was generated when the European authorities fined Google $50 million and Amazon $800 million for misusing citizens' private data.

But don't worry, in the past there have been innovations that have given us major benefits but at the risk of our 'privacy'.

An amusing example is when postal companies in the 19th century introduced postcards, there were widespread negative reactions: Why would I use a postcard when anyone, including the postman, can read everything in it!

But with time, because of the low cost and speed of delivery, postcards became a hit.

These events have created a new and complex view of 'personal data' and 'privacy' and governments all over the world are rushing to enact data protection laws.

In doing this, governments are finding that they are caught in a dual role: The first role is where they must mediate between business firms and citizens about the use of personal data and at another level in the role of a State competing with other sovereign States in the use of their citizens' data for national defence and other geostrategic ends.

In meeting our cherished goal of being the world's best democracy as well as an economic leader, no policy initiative will be as important as the Data Protection Board as envisaged in the recently enacted Digital Personal Data Protection Act. So let's work all out to get our wisest and deepest-thinking tech folks on it.

Ajit Balakrishnan (ajitb@rediffmail.com), founder and CEO, Rediff.com, is an Internet entrepreneur.

Ajit Balakrishnan
Source: source image