Data Protection Regulation in India

By Anonymous

By Ragavi R
(Imae source: echalliance.com)


Jeremy Bentham, a utilitarian philosopher in the 18 th century invented the institutional form of surveillance model called “Panopticon”. Panopticon is a model where the inmates in a prison are watched by a single guard and the inmates are unaware that they are being watched. What is the link between Panopticon and Data Protection Regulation? Well, the answer lies in the way how the 21 st century business and its ecosystem functions.

‘Uber’, one of the largest taxi companies, owns no cars.
‘Facebook’, the popular media owner, owns no content.
‘Alibaba’, the most valuable retailer, has no inventory.

Even though the statement sounds pessimistic, it provides an insight into the fact that we are racing towards a “data world”. The collection, organisation and processing of data have become ubiquitous. According to the Information Technology Act 2000, the definition of “data”, is the representation of knowledge, information, facts, concepts, instructions which are being prepared or have been prepared in a formalised manner, and it is intended to be processed in a computer system or network, and may be in any form (including computer printouts, magnetic or optical storage media, punched cards, punched tapes, etc) or stored internally in the memory of a computer. Data protection law is a comprehensive set of privacy laws, policies and regulations that aims to minimise the intrusion. India does not have a comprehensive Data protection Regulation Act.

Personal Data Protection Bill, 2018
The emergence of a data protection bill in India is predominantly contributed to the Justice K S Puttaswamy (retd) vs Union of India case. The nine-judge bench declared Right to Privacy as one of the fundamental rights and intrinsic part of the Article 21. Justice D Y Chandrachud stated that, “Informational Privacy is a facet of the right to privacy. The creation of a regime needs to balance between individual interest and legitimate concerns of the state”. A committee headed by Justice Srikrishna was formed in drafting the Data Protection Bill, 2018. The main objective of the data protection regulation in India is to ensure that the growth of digital economy does not happen at the cost of individual’s privacy. The bill also tries to define the responsibility of the state and to ensure a trust-based relationship between the data fiduciaries and data principles.

Means of the Data Protection Regulation
Personal Data Protection Regulation Bill is a comprehensive bill that takes into account the dynamics of information privacy. It has defined what data is and has bifurcated the data into personal data and sensitive data. The critical data (no mention of what is “critical data”) will be stored within India. There are several other cyber agencies like National Technical Research Organization, Defense Intelligence Agency and National Critical Information Infrastructure Protection Centre that perform cyber protection function in India.

Data Localisation
Data localisation is the act of storing the data on a domestic device, which is physically present within the borders of a specific country where the data is generated. A study by Gartner in the year 2015 revealed that India had only about 1.2 per cent of the world’s data centre infrastructure, which is insufficient. The cloud Infrastructure in India is substandard compared to other countries.

What is the road ahead?
As far as data localisation is concerned, it is not favourable in the international arena. Many researchers are suggesting alternatives like Mutual Legal Assistance Treaties (MLATs). India has already signed MLATs with 39 countries. However, the scope of this treaty is ambiguous. There is a provision in the data protection bill, which states, “Personal Information that doesn’t serve ‘public activity or interest’ cannot be disclosed unless it is deemed to be of public interest”. This particular provision is in conflict with the Section 8(1) of Right to Information Act, 2005. The argument boils down to transparency and privacy. If transparency is necessary, privacy is affected and if privacy is required transparency should be withheld. 
The data world, in which we are existing, is an asymmetric battleground. In a similar way how a central guard watches his inmates, we are also being watched without our knowledge. On the one hand, we trade off our privacy for some other utility (popularly called as “privacy paradox”) and on the other hand, we are constantly involved in debating on data protection. Can public policy initiatives tackle this sensitive issue?

(Ragavi R is a Research Intern at Centre for Public Policy Research. Views expressed by the author are personal and need not reflect or represent the views of Centre for Public Policy Research)

Comments

Post a Comment

Popular posts from this blog

Latin Catholic community of Kerala: Role in 2016 Assembly Elections

By Anonymous
Image
By Dr D Dhanuraj & Sambhavi Ganesh Latin Catholics (LC) in Kerala number about 20 lakhs with 2 Archdioceses (Verapoly and Trivandrum), and 9 Dioceses. They have a significant presence in Ernakulam, Thiruvananthapuram, Kollam, Alleppey, and Thrissur districts. This community is politically influential, which, through its socio-political wing Kerala Latin Catholic Association (KLCA) and Christian Service Society (CSS), protects its interests. Traditionally, Christians in Kerala have supported the UDF alliance and same is the case with the LC also. The major reasons for support are- The professed atheism of the communist party-backed LDF. The involvement of the church in health and education sectors, which the LDF opposes due to its anti-commercialization view. The ‘abstinence’ stance taken by the LDF over alcohol prohibition unlike the clear pro-ban position of the Congress. Even though the LC continued to support UDF during the early yea
Read more

CPPR's social media presence on Blockathon makes a mark!

By Anonymous
Image
by Shonit Nayan US Consulate General, Chennai; with Centre for Public Policy Research (CPPR), Maker Village and Kerala Startup Mission (KSUM) organized 'Blockathon for Change' to address the societal issues of migrant labourers using blockchain technology. Migrant labourers are often a disadvantaged and vulnerable group because of associated socio-economic and cultural issues. In India, massive interstate migration of labourers poses serious predicaments warranting immediate attention both at the ground level and policy level. The first-of-its-kind hackathon in India was designed to beneficially employ the blockchain technology for offering comprehensive solutions to mitigate problems related to migrant labour. While interning at CPPR, I got an opportunity to be a part of my first hackathon. I learned how social media platforms were extensively used to create buzz for the Blockathon and blockchain technology. CPPR
Read more

Street Food Vending Policy- A case study of Kochi

By Anonymous
                      Prepared by Sidharth. S. Kumar, intern at Centre for Public Policy Research Street food vendors have been a part of Kochi’s food culture since time immemorial. These vendors run street eateries which are popularly known among the inhabitants as ‘thattukada’. Thattukadas serve palatable indigenous flavours. They daily feed several thousands of customers belonging to various segments of the society and age groups. Street food is a treasure house of local culinary traditions and is increasingly playing an important role as an enhancer and force multiplier of tourism sector. [1] These vendors operate, mostly, at evenings or nights. They cater to the needs of night travellers, labourers and immigrant bachelors and were even successful in promoting the fast food culture in the city. The youth of the city also choose to eat out at a street eatery due to the night ambience available there. They provide easy access to food for the inhabitants at reasonable prices
Read more