Monday, April 16, 2012

Googling in India- A take on the latest Google Privacy Policy

Prepared by Madhu.S, Team Lead, Centre for Public Policy Research

Google has set the revolution, led the revolution and might kill the revolution. That's what is predicted from the latest Google Privacy Policy woes. UK has asked the search engine (a bigger state entity indeed!!) to revisit few of the privacy provisions in terms of the UK Data Protection laws. Brazil have issued notice on them stating direct infringement of the privacy of their individuals, while other non-US state entities are increasingly worried of protecting their privacy than protecting their citizens. India which does not have a Privacy or a Data Protection policy of its own, still owes allegiance to the Supreme Court rulings on Privacy as a constitutional and fundamental right. The Indian Government has now approved the privacy policy without any riders The latest censure notice by the Government on Google, Facebook, Yahoo etc, had created enough virtual criticism to the government, that Kapil Sibal, IT Minister had to retract and rely on safe harbour principles. The Indian case scenario is interesting for the matter that, as a sovereign, secular democratic republic, censure let alone screening is really difficult in the democratic setup. At the same time, overzealous citizens might cry foul on any one incident of privacy intrusion that can happen. From phone tapping to Overhead cameras in traffic junctions, the matter has been debated and discussed with no specific conclusions typical of a democratic setup. Google privacy policy therefore might not stir as much debate as Radia tapes or Wikileaks. Even if one feels impinged or infringed, he will have to read up US and EU decisions on data privacy and protection, as Google is subject to US jurisdiction. He will get a feel on how difficult it would be to damage Google’s goggles.

The recent Google Privacy policy is an improved version of its earlier ones with emphasis on customised service delivery or in google’s word “a new experience
 to show you more relevant search results and ads, to help you connect with people or to make sharing with others quicker and easier”. Google Adsense and Google Street view (which has still not come live after Karnataka government didnt give clearance in Bangalore) were created with a purpose of offering personalised service delivery to its users. The present policy was considered to be vague as it did not mention how the data is been used to improve its services, as claimed by Google. While it confined to explain how it will done and what improvements will be made. So when a person searches for Samsung Galaxy, he will get repeated offers from various online shopping sites on similar phones next time he searches in the google. This is a good case of marketing, but a bad case for data protection, as it is assumed that google can get personal information on its users which can be used against him. If we are in war with U.S and as long as Google is in US, we need to fear :). The latest case of a facebook user filing suit against them for not deleting his 14 years wall postings which contain information on how he behaved is an interesting scenario that can arise often.
Google's video sharing site YouTube has 20 million unique users in India, while Gmail penetration in India stands at 62 percent helping the newly launched Google+ to get 2.8 million users, not bad compared to low internet penetration in India (but which is increasing at the rate of 200 percent), where as US with 5.3 million users is the clear leader. As long as India remains the largest democracy with the largest number of ‘search heads’ with the largest increase in internet usage, google has reasons to cheer about. What the government would therefore needs to keep in mind is how to tap the potential of google while preserving and protecting its data users. Aadhar has set the tone, and with latest Data Sharing and Remote Sensing policies, we have started to rely more on data than conviction, which is definitely the way forward. The ministries endeavour should therefore be in devising a liberal data protection strategy with guidelines on screening and censure unlike the China example. At the same time we are liberty to ask Google to frame a Privacy policy in tune with the Indian laws. This shall include a clear direction as to the manner in which information of Indian citizens is used, with a checklist for ‘where and how’. Further the remedies available to Indian citizens in case of infringement and violation of privacy, data protection, security etc. The vast experience of google can be utilized to create data security systems where India is struggling.

Therefore, if we want to address any complaints of violation of privacy or infringement, the laws need to be clear and convention set right. The internet shall neither be regulated nor controlled but monitored. The Government of India needs to be proactive in passing this message to Google. Once cloud computing becomes a practice, we will require our governance to be above cloud and provide relief to its citizens.


D Dhanuraj said...

Is Privacy a fundamental right in India?? From my readings about this issue, privacy as fundamental right is the solution every one suggests.. that means it is not a fundamental right yet..

Madhu said...

Right to privacy is not a fundamental right currently, with the Right to Privacy Bill, 2011 yet to get the final nod. However, the courts have at some instance gone to the extent of recognising it as a fundamental right.