Business Standard

<b>Subir Roy:</b> Protecting privacy in democracies

Image

Subir Roy
The shape of India's first effort at legally protecting citizens' privacy will be known once the Bill to give a statutory foundation to the Aadhaar identification process is enacted. Meanwhile, it is important to track what is happening in the rest of the world to be able to develop in the country the best possible protection for citizens' fundamental right to privacy - becoming for a country which prides itself on being the largest functioning democracy in the world.

Apple's refusal to comply with the diktat from US investigating agencies to unlock the iPhone of the perpetrator of a mass shootout, on the ground that it will set a precedent and lead to more similar requests undermining citizens' privacy, is the hugely high-profile drama being played out right now in this space. In this, Apple has received strong support from the highest UN official for human rights.

His point is if Apple loses the current court battle it will set a precedent, unlock a Pandora's box, which will be a potential gift to authoritarian regimes and criminal hackers and make companies like Apple lose the ability to safeguard clients' privacy and endanger their physical and financial security.

Indian companies need to carefully watch how this plays out for Apple. They do not have Apple's global clout - and there is no knowing what it would have done if it was in a similar confrontation with, say, the Chinese. They would probably brook no "nonsense" about rights and privacy, something which the US cannot do. How far Indian companies will go in a similar situation depends not so much on them but the self-perception of the Indian state. Does it jump every time a policeman/security official comes in through the door, or does it remember that as a democracy it has concerns other than security, too?

What technology firms do is critical in this age, particularly in view of what has been revealed by Edward Snowden. The former CIA operative laid bare how phone companies had cooperated with officials across the globe in snooping on citizens, thoroughly undermining their rights - and he eventually had to take refuge in Russia. The change in Mr Snowden's image in the popular mind is noteworthy. In the US and the Western world, he was initially considered a traitor who had undermined security. But as the extent of unauthorised snooping that Western security systems did on their citizens became clear, Mr Snowden's image among many transformed into a whistleblower drawing attention to the assault on civil liberties - and, in fact, he became a patriot.

This brings us to the recent practices in the UK. It has followed what might be called a dual-track approach. On the one hand, it cooperated wholehearted with US requests for information which led it to engage in swooping exactly as the US authorities did. But more recently it undertook an elaborate exercise over two years to engage with the public and civil society organisations to evolve proposals for government departments to share and use data effectively. The process has led to the publication of a consultation paper for better use of data through a data-sharing code of practice.

The importance of the second track is that its focus is public welfare. Data across departments on citizens will be mined and studied to help deliver assistance better to families needing it. The aim is to identify families with multiple problems and receiving support from multiple agencies so that workers under the Troubled Families Programme can coordinate support.

From all this, a pathway for action in India can be evolved. Citizen's identity (Aadhaar) and other economic data across departments (income, plot holding for farmers, dependencies, etc) needed for calculating and paying subsidies can be put in one silo and ensured the necessary protection and secrecy. This can be governed by the provisions that may be there in the Aadhaar legislation, and what could follow in similar vein.

There should be an entirely different pathway when citizens need to be swooped upon for security purposes. Ideally this should be authorised only by a high-level judicial body.

To evolve a data-protection system peculiar to India, a third perspective is needed. The security establishment here is seriously compromised in having to do the bidding of the political masters of the day who wish to snoop on their political rivals for their political ends. Such practice is not there in the US or the UK. In India, staff of the Intelligence Bureau have in the past been routinely used to find out the prospect of the ruling party before general elections.

The ultimate touchstone should be that there should be a democratic society, where liberties and privacy are protected, left for the security establishment to protect from fundamentalist forces. The French are currently facing this dilemma. What if the attempt to protect the French way of life from Islamist onslaughts ends up making France a police state?

 
Disclaimer: These are personal views of the writer. They do not necessarily reflect the opinion of www.business-standard.com or the Business Standard newspaper

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Mar 08 2016 | 9:48 PM IST

Explore News