There is no need for India to adopt GDPR-like data protection laws as it will hinder local innovation. Historically speaking countries took their time to arrive at a standardised approach to IP law and we need to follow a similar approach - taking a tailored approach to data regulation that balances protection with fostering its burgeoning data industry.
That consent to the Facebook privacy policy could be used as a defence against the consequences of the Cambridge Analytica incident is an indication that consent cannot be our primary safeguard. The accountability framework is the only effective alternative to consent.
In early 1800s America, credit was based on personal familiarity. Lewis Tappan revolutionized this by selling credit ratings, leading to the birth of credit reporting agencies. Today, these agencies hold extensive personal data, influencing major life decisions. India, formulating its first privacy legislation, faces a similar choice: regulate data collectors or empower individuals to control their data usage.
The RBI Committee on Household Finance recommends the use of fintech to build the customisable, scalable solutions we need to benefit households.
The Supreme Court of India’s decision in Puttuswamy v. Union of India affirmed the fundamental right to privacy, resolving inconsistencies in previous rulings. While the judgment is celebrated for its nuance, I am concerned that the consent-based framework might hinder the benefits of modern technology.
We rely on technology for daily tasks - from timely reminders to personalized entertainment suggestions. While this personalization offers convenience and informed decision-making, it raises privacy concerns. The proposed privacy law shifts responsibility from individual consent to data controllers, ensuring no harm from data processing. This includes financial, reputational, or choice-related harms, especially from biased machine learning algorithms. The law suggests regular data audits by learned intermediaries, moving towards privacy compliance through incentives rather than penalties.
In “Homo Deus”, Yuval Noah Harari suggests that Homo sapiens’ success is due to our unique ability to believe in myths, like nation-states, which unite individuals under a common identity. This concept is crucial in modern society, where identity systems like India’s Aadhaar balance social responsibilities with personal privacy, highlighting the need for privacy laws to maintain this equilibrium.
The Indian government’s recent mandate to link Aadhaar numbers with tax returns and mobile numbers highlights the urgent need for a privacy law. Current proposals suggest a law based on OECD principles, emphasizing consent. However, given the complexity of data use today, the responsibility should shift from individual consent to holding data controllers accountable, ensuring fair and non-discriminatory data processing. India has the chance to create a forward-thinking privacy framework suitable for today’s data-intensive world.
2016 was a transformative year, marked by the e-commerce sector’s challenges following the Indian government’s Press Note 3. This led to innovative business models and growth in related industries like logistics and warehousing. The year also saw Aadhaar enrolment surpass 1 billion, laying the foundation for India’s digital transformation. The introduction of India Stack, particularly the Unified Payment Interface (UPI), revolutionized digital payments. However, the focus shifted towards including the larger, underserved population in the digital economy, highlighting the need for a balanced policy framework that respects privacy while leveraging data-driven decision-making.
Privacy is an aberration from the mutual surveillance (coveillance) society that we have always been a part of. With greater tensions being felt between new technologies and the need for greater privacy the solution is to embrace covaillance so that we can reduce the information asymmetry between the watcher and the watched.
