The policy for Digi Yatra -- a digital platform to verify air travellers using biometric data -- needs to spell out all the rules related to deletion of passenger information from the database once the travel is complete, according to a study instituted by NITI Aayog.
There have been privacy concerns in various quarters about Digi Yatra user data.
Based on Facial Recognition Technology (FRT), Digi Yatra provides for contactless and seamless movement of passengers at various checkpoints at airports.
As per the policy for Digi Yatra, facial biometrics are deleted from the local airport's database 24 hours after the departure of the passenger's flight.
"However, the rules related to deletion of other information collected from the passengers, as well as any facial biometrics that are stored in other registries, must be clearly set out in the policy," the study said.
Digi Yatra envisages an identity management ecosystem for Indian airports, which can enhance the capabilities of Indian civil aviation infrastructure, digitise manual processes at airports, improve security standards and lower the cost of operations of airports.
More From This Section
"While the Digi Yatra Policy states that it is completely voluntary in nature, if the use of Digi Yatra is made mandatory in any way then the same must comply with the principles laid down in KS Puttaswamy v. Union of India (case) relating to the legality, necessity, and proportionality of the policy," the study said.
The verdict pertains to the constitutional right to privacy.
The study recommended that there must be frequent cybersecurity audits and vulnerability testing of the Digi Yatra platform to ensure that reliability, usability, information security in the ecosystem is a subject of continuous engagement and is adaptive to the rapidly evolving threats that exist in this sphere.
In addition to cybersecurity audits, it is imperative to establish a mechanism for performing algorithmic audits by independent and accredited auditors, prior to system deployment at periodic intervals, it added.
According to the study, the Digi Yatra SOP must specify timelines and purposes for retention of different types of data within the Digi Yatra Central Ecosystem, beyond which personal data is deleted.
"Internal SOPs for handling personal and sensitive personal data must be identified," it said.
The study also noted that there must be a provision for the ongoing monitoring of the performance of the entire system.
It also suggested that the use of facial recognition data and other relevant subject data for providing value-added services should only be activated through an opt-in rather than an opt-out method of consent with an ability to revoke consent at any time.
Digi Yatra proposes use of FRT to authenticate a passenger's travel credentials, which allows other checkpoints at an airport to be operated in an automated form with minimal human involvement. The use of FRT prima facie has the potential to streamline operations at airports and provide tangible benefits to the civil aviation ecosystem.
Amid persisting concerns over user data privacy, the Digi Yatra Foundation, in April, said the Digi Yatra Central Ecosystem (DYCE) never stores any of the ID credentials data, which has Personally Identifiable Information (PIl) anywhere in any central repository.
The foundation is the nodal agency for the app.
In India, as part of its efforts to improve travel experience, the Ministry of Civil Aviation has initiated the Digi Yatra programme using the FRT, and facial verification technology (FVT) to be used at different process points.
FRT refers to an AI system that allows identification or verification of a person based on certain images or video data interfacing with the underlying algorithm.