New Delhi: Bill Diggins, U.S. chief for the Verizon Wireless marketing initiative, told an industry conference in 2012 that its initiative, called Precision Market Insights was aggregating customers’ information by monitoring app usage and browsing habits. Mr. Diggins said, “We’re able to view just everything that they do. And that’s really where data is going today. Data is the new oil.”
The company later said that this was legal because the company doesn’t reveal customers’ identities. Also, the company says, its customers can opt out at any time.
This quote highlights the importance of privacy and indicates that consumers are vulnerable in this connected world. This rampant and free-wheeling capture of personal information about users on popular online social media platforms and mobile applications is made possible due to lack of a proper framework that clearly outlines the boundaries for doing this.
A strict regulatory framework is required on how personal data of user users should be used.
After news broke out that British political consulting firm Cambridge Analytica had used illegally obtained Facebook data to target US voters, privacy rights activists demanded strict action against the perpetrators.
According to the testimony of former employee and whistleblower Christopher Wylie, Cambridge Analytica harvested the data by late 2014 and it was used for the first time in the November 2014 North Carolina Senate poll and was paid for by US National Security Adviser-designate John Bolton.
India is vulnerable
Facebook is dealing with one of the biggest crises in its history. This Facebook-Cambridge Analytica scam has raised a big question on the data protection for all the countries and this scandal can have a huge impact on India too, creating an urgency on the data protection law in India.
IT Minister Ravi Shankar Prasad warned social media giant Facebook of “strict” action for any attempt to influence polls through data theft and threatened to summon its CEO, Mark Zuckerberg if needed.
The warning came as BJP launched a scathing attack on the Congress, questioning the party on its relation with Cambridge Analytica, the data mining firm accused of harvesting personal user data from Facebook illegally to influence polls in several countries.
Facebook, which has over two billion users globally, including over 200 million in India, faced backlash on the data scandal issue, forcing Zuckerberg to issue an apology for the “major breach of trust”, and promising to take strong steps to protect consumer data.
Commenting on this issue Mr. Altaf Halde, Global Business Head of Network Intelligence said, “This is not the first time that a data breach has happened and certainly not the last time. When it comes to cybersecurity, there is no such thing as “100 percent guarantee” or “All steps taken to block any future data leak incidents”. Having said that, it is very important that governments and private players give the due importance to the data it has of citizens. They should repeat audits every year, if not every six months, as only full transparency will restore trust back in this system, else more bad news is likely to come. We still don’t have any data protection laws or privacy rules to avoid such scenario. Though we have many compliances that companies follow for data protection and privacy issues, but, the adoption is not yet reached the stage where we can confidently say, that, we as citizens are protected in case of any privacy issues.”
Data protection law in India is currently facing many problems due to the absence of a proper legislative framework.
Data mining and risks
How many of us actually read the terms and conditions before finally installing any app? If it is for free, we just click and download.
What about all the promotional calls we receive from banks, credit card companies, and other service providers? Our call details are being sold by third parties to various service providers and this has been happening for quite some time now. Since the arrival of cellphones in India, this trend is on the rise. This also means that such firms are making a profit by selling our personal data and contact detail.
Companies are now targeting consumers based on their location. By location, I mean smartphone GPS tracking system. This indicates that not only our contact details but our location also is tracked by companies and that they have all the necessary customer information to make marketing easy for service providers who are willing to pay the required price for our data.
Increasing usage of mobile devices around the world has brought web threats from conventional PCs to our smartphones. App stores are software download hubs, while mobile apps serve as programs we download onto our mobile devices.
Most of the app developers aren’t much open about the data they’re sharing and how it’s being sold via the ad networks. It’s dangerous because the data stored on smartphones can indicate where we live (Geo-location), where we work, and where we go.
This data mining of most sought-after information is made possible through social engineering and mobile applications most of which are constantly connected to the Internet. In India, very few people go through app’s terms and conditions before installing them which makes private data like photos or documents accessible and a certain level of reckless behavior is also visible on the social media thereby making it a one-stop place for scraping user information.
Are people really concerned about their privacy?
According to the US-based password management company Keeper Security, ‘123456’ was the most common password of 2017, after ‘123456789’ and ‘qwerty’. Researchers came to this conclusion after reviewing over 10 million security codes which became public after the recent security breaches.
Millennials love to get noticed online. The so-called “Me Generation” — the first to come of age in the era of the Internet, smartphones and social media – are addicted to social media platforms to an extent that they have no issues sharing their location or personal information on their handles, according to a report released by a Dutch research firm.
The old adage ‘you don’t know what you’ve got until its gone’ seems more relevant than ever for the digital age, with new research by Kaspersky Lab showing that while people claim that they understand the value of their data, in reality, they don’t appreciate its importance until it is lost.
The study thus revealed contradictions in the importance people place on their data, and the reality of the distress they experience when they lose data.
Data protection law required
The ministry of electronics and information technology (MEITY) has released a white paper on data protection framework, prepared by a committee of experts headed by Justice BN Srikrishna.
Even though the Information Technology Act has certain provisions about data protection and handling, observers believe that India needs a fresh data protection law with the increased digitization led by Aadhaar, the Goods and Service Tax and the push towards a digital economy. IT Act is inadequate to deal with the current requirements as it was drafted almost 17 years ago in 2000 and was amended in 2008.
Jean Turgeon, VP and Chief Technologist, Software Defined Architecture, WW Sales at Avaya said, “Cyber security impacts everyone in this connected world. Every time you connect to an infrastructure you have potential threats – that doesn’t mean we should be paranoid about it, but it is a fact we are facing more and more in this hyper-connected world. The old approaches of relying on perimeter defense and rule-based security are now inadequate.”
Regarding social media, I really don’t understand that why people need to publicize their entire lives on the Internet for others to see to such an extent. Privacy and security are really important and you can’t have privacy without security. The right to personal privacy is precious as without it, everyone is a potential victim for cybercriminals and firms who are auctioning our privacy for money.