In early 1800s America, credit was based on personal familiarity. Lewis Tappan revolutionized this by selling credit ratings, leading to the birth of credit reporting agencies. Today, these agencies hold extensive personal data, influencing major life decisions. India, formulating its first privacy legislation, faces a similar choice: regulate data collectors or empower individuals to control their data usage.
The RBI Committee on Household Finance recommends the use of fintech to build the customisable, scalable solutions we need to benefit households.
The Supreme Court of India’s decision in Puttuswamy v. Union of India affirmed the fundamental right to privacy, resolving inconsistencies in previous rulings. While the judgment is celebrated for its nuance, I am concerned that the consent-based framework might hinder the benefits of modern technology.
We rely on technology for daily tasks - from timely reminders to personalized entertainment suggestions. While this personalization offers convenience and informed decision-making, it raises privacy concerns. The proposed privacy law shifts responsibility from individual consent to data controllers, ensuring no harm from data processing. This includes financial, reputational, or choice-related harms, especially from biased machine learning algorithms. The law suggests regular data audits by learned intermediaries, moving towards privacy compliance through incentives rather than penalties.
In “Homo Deus”, Yuval Noah Harari suggests that Homo sapiens’ success is due to our unique ability to believe in myths, like nation-states, which unite individuals under a common identity. This concept is crucial in modern society, where identity systems like India’s Aadhaar balance social responsibilities with personal privacy, highlighting the need for privacy laws to maintain this equilibrium.
The Indian government’s recent mandate to link Aadhaar numbers with tax returns and mobile numbers highlights the urgent need for a privacy law. Current proposals suggest a law based on OECD principles, emphasizing consent. However, given the complexity of data use today, the responsibility should shift from individual consent to holding data controllers accountable, ensuring fair and non-discriminatory data processing. India has the chance to create a forward-thinking privacy framework suitable for today’s data-intensive world.
2016 was a transformative year, marked by the e-commerce sector’s challenges following the Indian government’s Press Note 3. This led to innovative business models and growth in related industries like logistics and warehousing. The year also saw Aadhaar enrolment surpass 1 billion, laying the foundation for India’s digital transformation. The introduction of India Stack, particularly the Unified Payment Interface (UPI), revolutionized digital payments. However, the focus shifted towards including the larger, underserved population in the digital economy, highlighting the need for a balanced policy framework that respects privacy while leveraging data-driven decision-making.
Privacy is an aberration from the mutual surveillance (coveillance) society that we have always been a part of. With greater tensions being felt between new technologies and the need for greater privacy the solution is to embrace covaillance so that we can reduce the information asymmetry between the watcher and the watched.
Wearable devices are increasingly common, tracking various physical activities and even finding their way into legal evidence. The future of medicine may lie in this quantified personal measurement, allowing for customized treatment tailored to individual patients. However, to reach this future, changes to regulatory frameworks and a rethinking of privacy notions are needed to allow for more patient-centric medical treatment and algorithmic diagnosis.
India has the potential to use data innovatively for enhancing healthcare outcomes. However, it’s crucial to balance patient privacy with public good, defining clear grounds for data access and stringent punishments for misuse. The draft EHR legislation suggests patients “own” their medical data, but a nuanced approach focusing on access and control is needed. India has a unique opportunity to leverage technology for healthcare, but must strike the right balance between personal privacy and public good.
