Ever since the dawn of the internet, most of the tech giants have built a lean business model that not only uses the customer’s data but also aggregates & analyzes it to benefit their business. Amazon is a prime example of how the company turn customer’s interest into targeted ads on broad daylight. It has been more than 30 years since the creation of the World Wide Web (www) but the right to privacy is something that’s still being debated among ourselves. While some people claim that it is completely illegal to collect any private information from the customers, there are a group of individuals who goes against saying that the data collected could be put to our own good use.
Transparency & Privacy
The Facebook-Cambridge Analytica scandal which was used to mitigate the US Presidential election is not new to the mass public. A private firm collected information from millions of users; their interest, their personal data so as to utilize the same in manoeuvring the US election and is still one of the most widespread scandals in history. What might come as a shocker is how the Indian political parties used Facebook as a platform to deliver targeted ads during the 2019 Lok Sabha elections. Now ads itself is not, per se, illegal, however, the nature of which the content was delivered to the voters is something to be looked upon.
Nayantara Ranganathan, a lawyer who is also the founder of New Delhi-based “Internet Democracy Project” said in an interview that the political parties that competed in the 2019 Lok Sabha elections spent more than 10 crore rupees in targeted ads via Facebook & other social media platforms. What’s alarming is that the way these ads were delivered. For instance, voters between the age 18 to 21, received personal messages stating that their vote for a particular party can aid in providing low-cost internet when the respective leader comes to power. The idea behind this message is that teenagers tend to spend more time on the internet when compared to the rest of us. These messages were carefully crafted by professionals so as to sound appealing as well as not to look like spam. Another example is when Indian IT professionals received personal messages with promises to restructure tax slabs so as to benefit the maximum employees.
How do these political campaigns know you? How do they know whether you are 18 or 30 years old? And most importantly how do they know your personal mobile number? While there are many organisations involved, the obvious culprit is tech giants such as Facebook. While you first sign-up Facebook, your automatically providing them with the liberty to use your data to accelerate their business. The problem is that companies like Facebook look at Privacy and Transparency as two different entities. Facebook should provide manual control for each user over their own respective data. However, the said model is next to impossible since Facebook is a free-to-use software and their primary source of revenue is via targeted ads.
Government Regulated Privacy Attacks
The bitter truth is that government-aided public surveillance is legal upto certain extent. The parliament clearly states that the Indian government is empowered by the law to intercept, decrypt any information stored, received or transmitted via an individual. In other words, the government can spy on any person at a given time legally under certain restrictions. The problem is that we, as a citizen of the country do not have the luxury to know even if the said law is being misused. The irony is that Article 14, 19 and 21 of our constitution directly states that privacy is a fundamental right of all citizens of the country. Now, how do we protect our personal information from government-aided searches?
The government should elect regulatory bodies for each business verticals in the nation. For example, the HIPAA (Health Insurance Portability and Accountability Act) is United States legislation that provides data privacy and security provisions for safeguarding medical information. In other words, the information gathered by government and private funded hospitals from the patients are safeguarded under the HIPAA legislation of 1996. These regulatory bodies ensure that the information we share with the providers (doctors, hospitals) are in-fact safeguarded and is never used against us without our approval. The issue here is that only certain business verticals such as Healthcare, Defence, Insurance & Aviation are constantly looked after by the government-regulated legislations. Areas such as retail, banking and travel are still vulnerable to risks of a privacy breach and misuse of public information.
How to report a Privacy Breach?
Be it an organisation or an individual using a personal computer, it lies on our shoulders to report the possible security breach that could affect our information. The government of Canada enforced strict laws to govern the use of public data by private companies. The PIPEDA (Personal Information Protection and Electronic Documents Act) form is readily available on the Government of Canada’s website for its citizens and organisations to report a potential security breach that is capable of disrupting one’s business as well as their personal lives. Even though the Government of India doesn’t have such readily accessible report mechanism, the government-aided and private organisations are forced to mandate regular audits throughout the infrastructure to identify a potential data breach.
Best Practices to ensure Data Privacy
Have a backup email address which can be used to sign up on websites which send you targeted ads and unnecessary newsletters.
Make sure to retain bank-issued gift cards. It can be used to sign up for a free 30-day trial in most of the modern applications thereby protecting your actual credit card details.
Use tools such as Evernote to take notes and save sensitive information since the company doesn’t sell your data for ads.
Make sure the website you visit adheres to the Right to Privacy Act enacted by the respective governments.
A privacy breach is not a new topic in this fast-growing digital world. However, the mass population’s understanding of this subject is very limited. The “Right to Privacy” is something to be taught in schools since pre-school teenagers are some of the easy targets susceptible to data breach. Similar to the “Internet Democracy Project” there are many organisations that closely examine the potential data thefts and publish them for the general public’s reference. The government should enforce statutory groups in different areas of the business to ensure that a common man’s data is not being misused without his knowledge.
In the end, it all comes down to the question; Is Right to Privacy really an option provided for a country’s citizens? Or Is it still a myth used by some governments to bring in more revenue? Coming from a common man’s perspective, we can never be sure.