India is a developing country. Economically and strategically India is emerging as a global player in the international scenario. Data privacy is hence emerging as an important requirement. India has one of the largest consumer base and outsourcing industry and therefore there is an immediate requirement of privacy law for all sectors. Privacy laws would ensure better governance and accountability.
India leads in mobile phone penetration, social networking and internet, yet surprisingly India lacks comprehensive regulation on privacy. Citizen awareness also in this regard is very low.
Few decades back privacy was not a major issue. The cost of simple violation of privacy was high. Paper data records were prevalent, there was no internet, e-data or gps. But today technology has advanced. Digital devices and seamless connectivity between devices have aided in easy sharing and broadcasting of information. Hence the opportunity of a privacy breach has increased manifold. The advancing economy and the largest consumer base is making India more vulnerable to the menace of privacy breach.
Everyone needs privacy to a certain extent. And by nature we expect bodies and organisations to protect our privacy without us asking for it.
Not long ago the honourable Supreme Court of India asked TRAI and telecom operators to stop sharing mobile numbers with telemarketers without the consent of the owner.
The bodies who collect data or process data should only use data for the intended purpose and ensure that they are not disclosing it to unwanted audience.
These days we talk about women safety. However a reservation chart put up by railways displays name, sex and age along with the seat details and destination. Unaccompanied women can become susceptible to crime due to this.
In India privacy is considered to be enshrined in Article 21 of the constitution: Right to life and personal liberty. Along with this Section 43A of IT Act talks about privacy. However these are not comprehensive and are ambiguous when interpreted. India needs a privacy law which should be comprehensive for different sectors in India. Our industries and outsourced centers today often depend on European privacy laws and US laws. However an Indian privacy law will help the industry by preserving the national values like culture, demography and local customs.
Enacting a privacy law will empower the public with a strong legal resource and also act as a deterrent for bodies who misuse customer data for other benefits.
There are some areas where we need to be careful when enacting a privacy law:
- Consent should be proper. Customers are often misguided to provide consent for sharing of data.
- Only necessary data should be asked. A shopping centre may ask for more than needed information for their business analysis and can prevent transaction without it. Care must be taken to ensure such activities don’t go unpunished.
- Similarly the law shouldn’t be misused by the public. A candidate should not refuse information to employer under privacy laws just because the information will cause the employer refusing the candidate.
- Care should be taken that data transferred to a different country is protected similarly.
- Last but not the least National Interest should also be preserved. Prone to terrorist activities, the law should not become a tool for miscreants.
An independent constitutional body should come up to oversee the implementation and compliance of the privacy laws in India.
India as an emerging economy needs a privacy law of its own. Citizens and organisations should also play in important role in ensuring safety and security of the private information of our lives.
Rahul Das
Consultant | PwC India
MS-CLIS (2011-2013) | IIIT-A