Enable privacy: Data protection must strictly impose purpose limitation and penalties for breaches–Times of India–29.11.2017

A high-level government committee of experts headed by Justice BN Srikrishna has released a white paper seeking views from stakeholders on data protection. Coming against the backdrop of the apex court’s landmark decision upholding right to privacy as a fundamental right, data protection has certainly become a hot-button issue. Driving the debate is government and other agencies increasing the scope of Aadhaar linking for services – a matter slated to be adjudicated by a constitution bench of the Supreme Court.

In fact, the unique identification number bolstered by an individual’s biometric data is now being used for everything from school admissions to obtaining death certificates. While the utility of such moves is left vague, the fear that the data provided could be leaked or misused is real. Current data collection practices in the country hardly inspire confidence, with personal information regularly being shared among different parties without the knowledge of customers. In such a scenario, pushing Aadhaar linking for day-to-day transactions is akin to having a digital master key that can open all facets of an individual’s life.

Such a master key would certainly violate the right to privacy upheld by the Supreme Court. Not only could unscrupulous elements misuse personal data for profit or crime, there are also concerns that an Aadhaar-backed data architecture can be used to profile individuals on the basis of their caste, religion, sexual orientation, political opinion, etc. Given these anxieties, the need of the hour is for a comprehensive data protection framework. This should include an independent data protection authority to handle issues related to use of information collected by governments and corporations.

Among other things, data protection norms should strictly implement the purpose limitation principle whereby data collected is only used for the purpose stated to the individual. And tough penalties should also be imposed for breaches of purpose limitation. This could include stiff financial compensation to customers and even criminal prosecution of violators. Many of these provisions are part of BJD MP Baijayant Jay Panda’s private member’s bill on data privacy, which can be used as a guide. Add to this the need for a strong cyber security architecture to ensure data isn’t stolen through digital attacks. With the digital environment set to grow further – and government looking to push Digital India initiatives – it’s time to give data privacy its due importance.

DISCLAIMER : Views expressed above are the author’s own.
Recommended By Colombia

via Enable privacy: Data protection must strictly impose purpose limitation and penalties for breaches

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s