Privacy Impact Assessment

Given the Indian government’s increased use of technology, concerns around personal privacy necessitate the conduct of privacy impact assessments and the implementation of appropriate safeguards, such as a government privacy office, to balance the benefits of the technology with the potential harms to privacy.

This article was first published in The Mint. You can read the original at this link.

On 15 February 2021, the government made it mandatory for highway tolls to be paid through its FASTag system. After a few weeks of confusion, the country adapted to this new requirement. Vehicles of all description procured RFID stickers and affixed them on their windshields so that they could drive through FASTag lanes where tolls were automatically deducted from their electronic wallets.

FASTag has greatly improved wait-times and convenience of travel all over the country. Where, in 2017-18, it accounted for just ₹3,532 crore of the country’s total ₹21,948 crore in toll collection, last year it accounted for as much as ₹33,274 crore of the overall ₹34,535 crore collected. Wait times have reduced as paying tolls requires vehicles to slow down, but not stop.

GPS Tolling

But the government believes we can do even better. It is looking to replace the RFID-based FASTag with a GPS-based system that will calculate (and charge) tolls based on the distance that the vehicle traverses down a geo-fenced path. If this system works as advertised, not only will cars no longer have to slow down at a toll plaza, it will allow us to radically redesign our approach to toll collection by establishing tolls for any section of a road that we choose.

My first thought, when I first heard about the plan to roll out this system, was the risk it posed to personal privacy. Even though the system is primarily being designed to make road travel smoother, once deployed it will make it easier than ever before to build personal profiles based on travel patterns.

This, you might argue, is already possible. Your FASTag is already linked to your electronic wallet, which means that each time you pay the toll you are already dropping a pin on the map indicating where you were when you paid it. All someone needs to do in order to generate a personal travel profile of you is aggregate all these locations and arrange them in chronological order.

While that might be true, the fact is that the FASTag system is constrained by the infrastructure required to deploy it. As long as toll collection depends on being within close physical proximity of an RFID chip, we can only establish the infrastructure required to collect it at limited locations - in order for the cost of the infrastructure to be justified by the toll collected. A GPS-based tolling system, on the other hand, requires no physical collection infrastructure. Vehicles equipped with GPS transmitters will automatically be charged based on the distance they traverse along a set of defined geo-fenced routes.

While these geo-fences will initially coincide with the FASTag tolled highways they are designed to replace, going forward, there is nothing to stop the ministry of road transport from establishing similar geo-fences over other stretches of road to fund the cost of its maintenance and upkeep. Once that happens, can we still be as sanguine about the impact of this new technology on our privacy?

Privacy Safeguards

I must, at this stage, hasten to mention that I am not making a case for the withdrawal of the GPS tolling solution. To the contrary, I believe such a system will significantly improve the flow of traffic through some of the worst choke-points on our roads. If we do not implement these measures now, we will be compelled to at some point anyway.

As regular readers of this column will attest, I am loath to shun technology simply because it might be misused. I believe that all new innovations bring with them downsides and benefits in equal measure. We should not shy away from adopting a new technology simply because we fear that it could, in the wrong hands, cause harm—just as we should not blindly embrace new technology without evaluating what could befall us if we are not careful.

We need to view this new GPS tolling technology through this lens. While the benefits it offers cannot be denied, we need to appreciate that, once implemented at scale throughout the country, it has the potential to create such vast data sets of travel information that it could cause considerable harm if disclosed. And while this might not warrant shelving the plan in its entirety, the government would be remiss in its constitutional obligations if it fails to at least assess the harms that could result.

Assessing the Impact

Most modern privacy laws stipulate that before any new technology is deployed, the entity responsible for rolling it out should conduct a privacy impact assessment to evaluate the implications, if any, that it will have on personal privacy.

Where harms are identified, the technology should not be rolled out until appropriate mitigation measures have been put in place. I see no reason why new technologies deployed by the government should not be subject to the same standard. Just as all new legislative proposals are subject to a pre-legislative consultation process, new technology projects should undergo privacy impact assessments before they go live.

That said, we should not shy away from creating large data sets simply because of all that could go wrong. Instead, we should put in place measures to prevent that from happening.

This could include the establishment of a privacy office within the government tasked with ensuring that all technology projects that process personal data comply with the standards set out in the Right to Privacy judgement of the Supreme Court.

As the government uses technology in an increasing number of areas of governance, measures like this will be necessary to ensure that it strikes the right balance between harm and benefit.