In any triangle of relationship, trust is the first casualty. In the interplay between government, companies and citizens for big data, information asymmetry has become so skewed that it has eroded the very spirit of democracy by limiting the unbiased communication of ideas. Governments and private companies are using the Internet as ‘a means of control and surveillance, extending from cases of fraud detection, storage and exchange of criminal and financial records to those of political surveillance and control’. Citizens who receive a flood of unfiltered information, information with colour but no patterns, information with images that can never add up to the real picture, recirculate the same back into the infantile world for greater chaos. Resultantly, “Information Superhighways” (coined by the U.S.’s “almost” President Al Gore) in democracy are leading to “re-tribalisation” of politics in cabals and cocoons while deliberations are fast transforming into ‘consultations among computer systems’ where trust and security are illusions.
At a time when the Internet is the new jazz and a tool as also a venue for all political hues, it is important to understand how government, political parties and citizens are responding to this new triangular interplay between data protection, privacy and a flow of information. When the Government of India banned 59 Chinese apps on the ground of transgressing Indian security, the question as to why in the first instance were they allowed into India did not get sufficient importance. Was there no security or privacy audit? While Facebook and Amazon are facing scrutiny on their own soil for their data mining policies, how did we allow so many apps without any check? Government policy on national security should be based on advance strategic assessment rather than on a reactive basis.
Comment | Guarantee Internet rights
‘Control’ and also data theft
On the privacy front, even after the Supreme Court of India had declared privacy as a fundamental right , the government insisted on affidavit in the top court that informational privacy or data privacy cannot be a fundamental right. The Aadhar Act diluted the notion of ‘privacy’ and the standard of proportionality test set up by the Supreme Court. In an ongoing dilemma, even the ‘Aarogya Setu’ app is battling to satisfy the conscience of privacy overseers. The clear impression is that the government is more interested in ‘control’ than ‘protection’ of data. A national policy on data privacy of individuals is still a non-starter. People continue to suffer because of the regular incidents of data theft. India’s cybersecurity watchdog, CERT-In, last year reported huge data theft of Facebook and Twitter users by malicious third party apps. Reportedly, more than 1.3 million credit and debit card details from Indian banks and the data of 6.8 million users from an Indian health-care website were stolen in the same year.
Private firms and elections
Private data analytics companies have emerged to exploit the electoral process with the sole objective of customising political messaging. While the customisation of political messaging is not per se illegal, it certainly is unlawful to indulge in unauthorised data mining and collection by the industry. According to a report by Omidyar Network India and Monitor Deloitte, many private enterprises routinely share the personal data of individuals with third parties including political organisations. The fact that there are dedicated IT cells which carry out a digital form of warfare with propaganda and fake news being two powerful weapons is making things more complicated. The present legal framework leaves these menaces outside the ambit of election laws as they were framed in a time and space that was primitive when compared to contemporary technological advancements.
For citizens, digital media are carriers of images and sounds, rather than words and thoughts, and the system where images run faster than thoughts is suitable for the spread of fake news. Times of fear and uncertainty also provide a fertile ground for disinformation to grow. The fake WhatsApp forwards that triggered the primitive “Us v/s Them” group mentality and is manifested in Delhi riots reports, and the forwards on the novel coronavirus which declare COVID-19 a bacteria and the World Health Organization stating that vegetarians cannot be infected with COVID-19, are all reminders of the potency of data, true or false, in a democracy.
Also read | Internet can cause unimaginable disruption to democratic polity, Centre tells SC
Regulation and independence
Should there be a gatekeeper to balance appetites for technology, security and privacy? The answer is yes, so long as the gate keeper is for regulation, not surveillance, and so long as it is completely and genuinely independent. Otherwise it will perform an unacceptable legitimation function. The Personal Data Protection Bill , struggling to be born in Parliament despite conception in 2018, is more about control and surveillance than about promoting privacy and protection of data. Far-reaching exemptions, in large measure swallowing the rule, have been carved out where personal data can be processed. Section 35, which provides the government with unfettered access to personal data, negates the three tests of legality, necessity and proportionality given by the Supreme Court in Justice K.S. Puttaswamy (Retd.) vs Union Of India . The Bill also allows State and private parties to process personal data without obtaining consent and such broad exemptions would not only open the floodgates for misuse but also reduce India’s prospects of entering into bilateral arrangements for law enforcement access. Selection committees, terms of appointment and of removal establish beyond doubt that the Authority is likely to be like a rehabilitation centre for retired bureaucrats, yet a sinecure wholly controlled by the government. It is a classic case of rolling up judge, jury and executioner. Only an Internet ombudsman with experts on cyber and Internet laws, IT, data management, data science, data security, public administration and national security, and consciously involving eminent sections of civil society, can be an effective antidote to unregulated technological disruptions.
Abhishek Singhvi is an MP, former Chairman, Parliamentary Standing Committee; former Additional Solicitor General, India; senior National Spokesperson, the Congress party, and eminent jurist. Jaiveer Shergill is a Supreme Court lawyer and National Spokesperson, the Congress party. The views expressed are personal
