Launched by the Ministry of Civil Aviation, the Digi Yatra project essentially aims to reduce wait time for passengers at airports
Recently, the Centre has rolled out the beta version of Digi Yatra, which is being executed at Delhi and Bengaluru airports
However, privacy experts and activists question the nature of Digi Yatra project and believe that it would lead to misuse of air passengers’ data and unauthorised surveillance
The Centre’s Digi Yatra project, which is a biometric-based digital processing of flyers, is facing criticism from activists who believe that the project would breach user privacy in the absence of a centralised data protection policy.
Launched by the Ministry of Civil Aviation, the Digi Yatra project essentially aims to reduce wait time for passengers at airports. It will automatically scan passengers via its facial recognition system at checkpoints.
Recently, the Centre has rolled out the beta version of Digi Yatra, which is being executed at Delhi and Bengaluru airports. However, privacy experts and activists denounce the project by saying that it may lead to misuse of air passengers’ data and unauthorised surveillance, according to Economic Times.
“It is fairly clear that they will be storing data for all kinds of things. They may integrate unsolicited data from other sources and there are absolutely no data protection laws, so they are not bound by anything. Purpose limitation and how they will use the data is a major concern,” a cybersecurity and tech expert told ET.
At the moment, Digi Yatra facility is optional for air passengers. However, once the project gets in place then the passengers would be pressurised to go through it. In such a scenario, there needs to be ‘purpose limitation’, an expert added.
In essence, purpose limitation is a condition (in a law) that allows the collection of personal data for specified, explicit, and legitimate purposes. It does not permit using the collected data for any other purposes.
Another expert highlighted that if data collected under the Digi Yatra get used by the Centre or for other things such as sales and marketing, then it is a concerning issue as a wide ambit of usage can take place.
Besides, user privacy is another issue to worry about with the implementation of the project. As with the withdrawal of the Data Protection Bill, there is not any law to govern the data usage in the Digi Yatra project.
Earlier in August, the Centre took down the Personal Data Protection Bill 2021 after 81 amendments were proposed by a joint parliamentary committee. Following this, the government is in the process of forming a new data bill.
Minister of Electronics and Information Technology, Ashwini Vaishnaw had said earlier, “Considering the report of the JPC, a comprehensive legal framework is being worked upon. Hence, in the circumstances, it is proposed to withdraw The Personal Data Protection Bill, 2019 and present a new bill that fits into the comprehensive legal framework.”
Recently, it was informed that the Centre is planning to set up a grievance redressal mechanism for distressed individuals under the new bill. It dropped the plan of introducing a centralised data protection authority in the new data privacy bill.