Privacy in Digital World: How to Encode it?

The government should implement the Aarogya Setu app, as it is very useful and the primary contact tracing tool, but through a strict law, which India currently lacks. A law authorising the compulsory use of this app should be implemented as per the need laid down by the Supreme Court.

1 412
Arogya Setu 100 million downloads

Life has become easy and exciting with new devices and thrilling applications, as we live in a digital world today. We can shop and bank online. However, our unchecked love affair with all things technological has an evil twin; an unstoppable infringement on our privacy.

The Facebook–Cambridge Analytica scandal is the biggest example of privacy infringement and data leak of about 50 million users before the Trump Campaign to target political advertising and tool a Psychographic profiling. Video communications app, ZOOM, has been under inquiry for leaking personal information of users and allowing strangers to start a video call with them, according to a report on vice.

This shows that the user data is used without their permission and for purposes that neither of them signed up for. With more than 600 million internet subscribers, India is one of the largest and fastest-growing markets for digital consumers. The digitisation of the economy has not only given a boost to core sectors like IT and digital communication, but also transformed several other areas of the economy—agriculture, education, and financial services.


Also Read : Privacy Or Security Covid 19 Forces To Make A Tough Choice

The threat to individual privacy has never been greater than in the current digital age. As pointed out by Alasdair Allan, privacy is a new concept, only 150 years old; child of the industrial revolution.

The digital realm is not like the physical world; it has no rules or barriers. The digital network enters the most proximate spaces and challenges the acknowledged notions of the private. In Puttaswamy vs. Union of India case in August 2017, the Supreme Court recognised the fundamental Right to Privacy under the Indian Constitution. However, it needs to be noted that until 2019, India still lacked independent data privacy and protection legislation.

The government acknowledged the need for data privacy and protection through the Draft Data Protection Bill, which was introduced in July 2018. On 4 December 2019, the Union Cabinet cleared the Personal Data Protection Bill (PDPB).

With most organisations being data-hungry, this Bill might prove to be a beacon of light in the digital diffusion scenario. PDPB seeks to set up an all-encompassing data privacy outline by standardising the collection, usage, storage, and spread of personal data, thereby ensuring the passable guard of personal data. The Bill also establishes an independent authority, the Data Protection Authority of India (DPAI), which may supervise the enactment of the law. However, the government has exempted itself from this Bill.

Big data is watching you/Photo credit:ev/@ev

The recent study published by the Centre for Internet & Society (CIS), titled – Internet Privacy in India, brings to light the unlawful tapping of 1371 phones by the government in Himachal Pradesh, while the Home Ministry had given a verbal sanction of intercepting only 170 phones. The extent to which our government intercepts communication is ambiguous.

The Government of India launched a Bluetooth-based tracker application, called Aarogya Setu, to reach out to the users of the app and update them about the risks, best practices, self-assessment measures and applicable advisories about the containment of COVID-19. It keeps the user informed if he/she has crossed paths with the positive COVID-19 case within 6-feet proximity. The app comes equipped with a chatbot that answers all the questions about COVID-19. The users can also find the helpline numbers for each state in India. About 10 crore people have downloaded the app so far.

However, the app exists in the vacuum of privacy law. According to a report, no legislation of the app caters to the concern of how the privacy of Indians is to be protected. Also, the app gives a static unique identification number to each user which increases the probability of identity breaches. It uses both Bluetooth and GPS, which can prove to be a double disadvantage. The users have to accept the privacy policy provided by the government. The policy goes into some detail on where and how long the data will be taken, but leaves the language around who will have access to it uncertain.

People may be forced to download this app in exchange for government benefits. This voluntary app can violate our right to autonomy and privacy. The situation is similar to Aadhaar, which was designed as an optional program, but later made compulsory for services such as banking and mobile registrations.

The government should implement the app, as it is very useful and the primary contact tracing tool, but through a strict law, which India currently lacks.


Also Read : The New Aadhaar Amendment Bill Whither Right To Privacy

A law authorising the compulsory use of this app should be implemented as per the need laid down by the Supreme Court in K.S Puttaswamy case.

The government should also make public, the inner workings of the app.

Nonetheless, we have to protect ourselves from online forgery and keep our identity safe. The Guardian  has published some tips to protect our privacy online. The mobile tower can find our approximate location using cell towers; firstly, we have to make sure that we keep GPS, Wi-Fi, and Bluetooth disabled until we need them. Enabling them will give access to a whole range of other entities; secondly, consider using a pseudonym on social media and make yourself more difficult to find on social media; thirdly, always guard your date of birth and phone number. Another handy tip can be using password managers to have a unique password for every site. This might cost a bit, but it will make you less vulnerable. Last, but not the least, always keep your work and personal services different, whether it is e-mail account or social media. All our social media accounts are connected, which create a chain of access for the data-mining firms. Professional websites like LinkedIn can be connected to Facebook, which gives access to a lot of data to both service providers. End-to-end encryption can also encode privacy. Options are available for encryption in all services.

All this will guard your identity and keep you safe online. However, as Helen Keller has said, “Alone we can do so little, together we can do so much”, we need collective action on this issue. The citizens of the world should demand the implementation of the 13 principles under the International principles on the application of human rights to communications surveillance, which will contextualise the surveillance practices within a realm of human rights. We need to go forward into this new era of digitalisation with a deeper understanding of how to make sure privacy rights are upheld and valued.

(Slider Photo credit: Casper Camille Rubin/ @casparrubin)