Data Or Apps Need To Be Regulated To The Extent That Individuals Have Privacy, Control And Ownership Of Their Data, Says Vijay Shekhar Sharma
Amid the growing consensus over data protection and data security in the country with the RBI asking all payment system operators to store data in the country, Paytm founder Vijay Shekhar Sharma has expressed his willingness to support data regulation in the country.
According to a report, Sharma said, “Data or apps need to be regulated to the extent that individuals have privacy, control and ownership of their data and can control who can or cannot use their data. Right now, there’s neither a privacy law in the country, nor restrictions to corporates who are using that data.”
At the same time, addressing Paytm’s support for data protection, Sharma added that entities which hold customer data must not be using the data and letting it get leaked out.
“We as a country cannot allow misuse of data. Companies have an unprecedented amount of data on consumers. But the debate that who owns that data has only one answer — customer owns that data and no one else should be allowed to own it, be it the company or government,” Sharma said.
RBI’s Stance On Data Privacy
Following the upheaval caused by the Facebook data breach, recently the RBI had asked all payment system operators in the country to store data – pertaining to their customers – within India, to ensure that user details remain secure against privacy breaches.
The payment system companies have been given six months to comply with the newly-released norms. According to the RBI, currently, only a certain percentage of payment system operators and their outsourcing partners store the user data within the country, either partially or completely.
At the same time, the government is also working on the draft of data protection policy.
According to the reports, the government is weighing plans to make it mandatory for Google, Facebook, Microsoft and other tech giants to store the information they have on Indian users locally, following Prime Minister Narendra Modi’s proposals being considered by a panel drafting the data protection framework.
In response to Supreme Court’s observation that a line has to be drawn between Aadhaar application and people’s right to privacy, the Indian government had informed the apex court that a data protection bill is being drafted by a committee of experts, and the same will be ready by March, 2018.
While the Data (Privacy And Protection) Bill has been introduced in the Lok Sabha, the discussion and further proceeding could not occur, as the Parliament has not been allowed to function due to the ruckus created by different political parties.
Earlier, reports surfaced that in a recent cabinet meeting PM Modi told officials to ensure that servers of companies holding vast number of data belonging to the Indian citizens should be based in India.
The Prime Minister expressed his concerns over data security and also said that there needed to be a check on the information-sharing practices of companies at a recent cabinet meeting during which the issue of Facebook-Cambridge Analytica data breach also came up, said people who are aware of the matter.
Not All Are In Favour
Even though players like Paytm and Microsoft have come forward to support the data regulations, others like Nikhil Pahwa, co-founder of Internet Freedom Foundation, have said that “those wanting regulation of apps may want to use it as a tool to gain competitive advantage and their views do not reflect the viewpoint of all app makers.”
Internet & Mobile Association of India (IAMAI) also said that app makers were already heavily regulated under the IT Act.
Also, the white paper by the Srikrishna committee had examined data localisation saying that it could help protect rights of users and prevent foreign surveillance. However, it also emphasises that a localisation mandate may have its costs as servers and data centres will have to be put in place, adding “economy-wide data localisation requirements have led to a negative impact on GDP in several countries where such requirements have been considered”.
The latest development comes at a time when data privacy is garnering much attention in the country, after news of one of Facebook’s biggest data breaches perpetrated by British big data analytics startup Cambridge Analytica surfaced last month.
In light of the reports claiming Cambridge Analytica harvested the profiles of up to 50 Mn Facebook users without their approval during the last US elections, privacy advocates in India, as well as the government itself, have raised concerns that a similar breach could happen here to target voter opinion.
Later, it was revealed that the data of over 87 Mn users was shared with Cambridge Analytica (37 Mn more than the previous estimates). Recently, Facebook Chief Mark Zuckerberg made the revelation that 562K people in India were ‘potentially affected’ by this global data leak crisis.
As Facebook data breach has highlighted the need of data centres in the country, the support for data regulation of players like Paytm’s Vijay Shekhar Sharma for data security of Indians is a much-needed step in the right direction.