So, what is common between sex and data? The answer is that both increasingly need explicit consent and not getting it could be an act of harassment, or worse, crime.
The latest recommendations of the Telecom Regulatory Authority of India (TRAI) make it clear that the consumers should be given "the right to choice, consent and to be forgotten to safeguard their privacy." The view is timely and most principled, and from all indications seems to be guided by deep common sense as well as precedents set by the principles of the European Commission for its General Data Protection Regulation (GDPR) framed in 2016.
Take this para from the EU website: "If your company/organisation has collected data on the basis of legitimate interest, a contract or vital interests, it can be used for another purpose but only after checking that the new purpose is compatible with the original purpose."
In a deeper sense, TRAI is no longer a telecom regulator but a data regulator or has willy-nilly become one. Tongues are bound to wag in legal and government circles on this in the coming days. Eyebrows have already gone up because it is not just the telecom networks, but browsers, apps, operating systems and devices that now need a TRAI-ordained policy framework, and the punster may be forgiven for meaningfully calling it a policing framework.
Data cops, anyone?
"Knowledge is power," goes the old saying. "Data is the new oil," goes the new proverb. Last year, the venerable Economist magazine said "the world's most valuable resource is no longer oil but data" as it pointed out that Apple, Amazon, Alphabet (Google's parent), Microsoft and Facebook collectively made a net profit of $25 billion as they gained from advertisements and other revenues stemming from the exploitation of user data. That is Rs 1.7 lakh crore.
The tricky part of the data economy is that digital giants can survey your data to serve you, but can equally spy on you using the same technique, much like biting the hand that feeds. It gets trickier when your consent is obtained through quick fix means without your knowing what it implies in the long run or deeper picture.
Unlike real oil, which cannot be duplicated and transported so easily, every drop of data can potentially be lifted, duplicated, transported, stored, analysed, collated and algorithmically acted upon by hidden hands in cyberspace.
It is in this context that a TRAI standing up for privacy and data hygiene becomes a significant one that must be held up as a good precedent. But this is only the beginning of what looks like a long and winding tug-of-war between those who stand to gain from easy access to personal data and those who don't quite know what happens with it. From all indications, eternal vigilance, something that was stated as the price of liberty, could well be the price of privacy as well.
However, early vetting by keen data privacy watchers suggest that there are grey areas that need fleshing out on responsibilities, lawful interception and cross-border data flows. So what we need to bear in mind is that there is a lot of hard work ahead.
The digital divide is no longer about having access to the Internet or not. It may well be about the "knows" and "know-nots" of data usage. The Reserve Bank of India has launched a sound campaign to educate financial service customers about cheating and fraud in the digital age, but we may need a new round of public awareness campaigns to usher in a possible regime of data rights -- and wrongs. Just like sex, data hygiene may require new definitions of data protection: One man's Romeo is another's stalker and a victim may not know if there is a data voyeur around! The EU speaks of informed consent with a right to revoke consent. One can almost imagine a data equivalent of Bollywood's courtroom movie on sexual consent, Pink, in play. A no clearly means a no.
But, beyond the principled need for consent, there are practical concerns. A day after TRAI's privacy recommendations, its chairman R S Sharma has said that apps should collect "minimal data" just as UIDAI (Unique Identification Authority of India) does to give 12-digit Aadhaar numbers to people. Would that, for instance, be a case of "data moral policing" in which data-sharing is subject to a "need to know " basis than a "want to serve" basis? Such questions, I believe, will haunt data economy watchers in the coming days as increasingly rich digital business giants will lobby for easier sharing. Like sex and relationships, this has an 'its complicated' potential.
While we await the report of the separate Justice B N Srikrishna Committee on data privacy, it is clear that "government relations" executives in digital age giants have a lot on their hands -- and that includes the devices that contain all sorts of software and apps.
(The author is a senior journalist. He tweets as @madversity)
Updated Date: Jul 18, 2018 15:30 PM