This Thursday (January 28) was observed as the Data Privacy Day by the United States, Canada and 27 countries of the European Union that accord as much importance to personal data security online as to privacy in general.
It was also a day when several huge corporations — some of which are under the scanner for their privacy policies — renewed their pledge to safeguard private data of millions of its users.
In a scenario of increased information sharing online, especially on social networks, it becomes important to step back and look at not only the safeguards on personal data online but also whether online information sharing requires any etiquette.
Some companies have started systematic monitoring of online activity, especially on social networking sites such as Orkut and Facebook, of their employees to an extent where they consider online data “professional data;” and hence ask them to show some restraint.
Earlier this month, Facebook’s young billionaire-CEO Mark Zuckerberg said: “People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.”
It was both in defence of Facebook’s new controversial privacy policy, which has received flak from several quarters, and also a commentary on whether the notion of privacy itself no longer exists the way it was a few years ago.
While the U.S., Canada and some European countries have explicitly laid out Data Protection Acts and agencies monitoring them, in India the issue falls under the Information Technology Act, and some of the prosecuting powers are vested with the office of Industry Computer Emergency Response Team (CERT-In) working under the Information and Technology Ministry.
N. Vijayashankar, a cyber law expert, says most of the rules and regulations of data security, as they exist in the American and European countries’ data protection Acts, have been incorporated in the revamped Information Technology Act of 2008.
India not having a separate privacy law still will mean that online users disgruntled with misuse of private data have to find ways under other Acts to get justice, he says.
There have been a lot of concerns on what the big companies such as Google and Facebook will do to safeguard online data. But another aspect of data privacy is also about what individuals voluntarily disclose on social networks. Often on Facebook and LinkedIn, people unwittingly disclose professional information that could end up either with those who must not get it or even in the hands of hackers.
In one recent instance, a software service provider in Chennai was looking for investments and one of its senior executives put out the information on his LinkedIn profile. It was brought to the notice of the CEO, and the information was asked to be pulled out. “It would have reflected badly on the company had the sensitive information reached the attention of competitors. On a social network, such news goes viral immediately,” said one of the representatives of the company, speaking on condition of anonymity.
