This article has been written by Palaniyappan Mohan and edited by Shashwat Kaushik.
We are in the digital era, and with immense technological advancements, every aspect of one’s life cannot cross the line without entering the digital world. Right from purchasing groceries and any sort of product to watching movies, booking tickets, availing services, money-based transactions, searching for for jobs and the non-exhaustive lists go on, every such activity has been carried out over the internet and by means of tech-based devices.
Tracing back, every activity was carried out by an individual by physically visiting a place and manually carrying out the same. Even one’s own personal information was shared manually with his/her consent and the same was recorded in a register in that particular organisation. A few examples include:
- a patient record was kept in the hospital register,
- employee details was maintained in their offices, and
- citizen records were kept and maintained in the local government departments, etc.
The person or organisation who misuses such information is easily traceable, and such offenders could be brought before the law and punished. But in the digital era that we are in, it is a very hectic task and in some cases, it becomes impossible to trace the person or organisation that has misused the information.
The huge concern of today is how to safeguard one’s personal/private information from such misuse. All information about an individual is stored in the form of data on digital devices such as computers, smartphones and computer networks. The big question placed in front of every individual is how to protect one’s personal/private information from being accessed and misused by unknown offenders and how to prevent such mishaps.
Privacy is the right of every individual to be free from any intrusions or to be left alone. But once such information is shared through any online portal, one’s privacy is lost in the ocean.
Why is privacy important
- Every company’s marketing strategy has changed in the digital world. In order to expand their market, sell their products or services, generate more revenue and establish their presence, they want data. Data like consumer behaviour, buying patterns, sites a person frequently visits and many other pieces of information.
- Hackers and cybercriminals want to know the bank details of the individual to steal money and personal information to create fake accounts and commit fraud by impersonation.
- Every country’s government wants to know the data of their citizens for their surveillance to maintain law and order.
Privacy protection is a major concern in today’s digital world for every individual. Let us see some of the major issues revolving around privacy protection and some basic ways to protect the data.
Issues revolving around data protection : Indian perspective
Awareness about the latest technology or even existing technology is the key aspect of safeguarding computers or any tech devices from being hacked and preventing the data from being misused by criminals. It is vital to know detailed information about its operation, uses and results. Without knowing how tech-based devices operate and their potential vulnerabilities, every individual started using such devices. Almost every household has several smart devices in their hands and even the children have started using them. They are highly prone to hackers and cybercriminals. While the development of technology has its own advantages, it also has its disadvantages.
Issues in present legislation which governs data protection
“Ignorantia juris non-excusat” the maxim, which essentially means ignorance of the law is no excuse. The people of any country should be aware of their laws, without which they cannot rightly enforce their remedy.
Now let us see the governing legislation and some of the appropriate provisions that deal with privacy protection.
There are no specific data protection laws in India; the bill concerning data protection, the Digital Personal Data Protection Bill 2022, is still pending. At present, the statute that governs data protection is the Information Technology Act of 2000. Some of the important provisions under the Act are Section 43, which provides for the penalty and compensation if any person who unauthorisedly accesses, misuses or causes damage to the data of another person Further, failure to protect data by a corporate body is governed under Section-43A and the penalty is provided under Section -72A of the Act.
Also, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 stipulate certain procedures that are to be followed by corporate bodies or individuals for collecting, securely storing, processing and utilising an individual’s personal/private data.
But do the present legislation and the rules framed thereunder cover all aspects of the privacy protection framework? That is a big question.
Another important aspect is that for any law to be effective, it is vital to have an enforcement body and the mechanism for it to regulate and implement the law to provide an appropriate remedy to the aggrieved person.
A report (from EconomicTimes), obtained under the Right to Information application, shows that more than 21 lakh cases have been reported in the National Cyber Crime Reporting Portal between January 2022 and May 2023. Still, only in 2% of cases has a first information report been filed by the concerned jurisdictional police officers. Most of the cases, such as online and social media crime, financial fraud, ransomware and hacking, are due to a lack of data protection. The major issues cited were that there were not sufficient police personnel to handle them, a lack of technical knowledge to conduct inquiries, and no sufficient hardware and software to handle such a huge number of cases.
In the absence of effective laws to address the evolution of tech-related crimes and effective regulatory mechanisms, privacy protection is a huge task for the country to deal with. Despite the right to privacy being declared a fundamental right by the Hon’ble Supreme Court in the famous Justice K.S. Puttaswamy (Retd) vs. Union of India (2018), is it possible for every individual to approach the Hon’ble Courts at every instance for enforcing their remedy.
With high hopes that appropriate laws will be passed sooner to address the major issues of privacy protection, here are some of the preliminary procedures that can be useful in ensuring the protection of data.
How do we protect our data proactively
Some ways to protect our data are:
Set-up different combinations of passwords
An initial step towards data protection is setting up a different set of unique and complex passwords. Avoid reusing the previous passwords and reliable password manager software can be used to generate complex passwords and manage them. Most of the online platforms offer multi-factor (two step) authentication for access, one of which is the password you created and the other is the one-time password/key that the platforms send to your email id/telephone number, which can also be a handy tool for data protection.
Check and safeguard your browsing activity
A browser extension can be a useful tool to block advertising companies from collecting your data. Some tools do provide for malware prevention in the browser and a privacy badger extension is also available for browsers such as Google Chrome, Mozilla Firefox and Opera, which specifically blocks browser trackers.
Give limited access to the applications/softwares
Grant permission to access your device’s tools, like a camera and GPS and to add contacts only to the application that may require it. A few examples, such as location access, are required for applications like maps and food delivery apps but not for those that facilitate photo editing; similarly, contact access is required for applications that are used to make phone calls but not for those that deliver food or book tickets, and so on and so forth. Therefore, one has to be cautious when granting access to the applications and this can prevent your data from being potentially exploited.
Do not use save details option
It is better to not save your personal data in the browsers, which help you to autofill the same in subsequent transactions, such as the name, age, address and contact details being auto-filled once you click the auto-fill tab in the browser. It may take a few minutes of time and effort to fill in the details, but it can protect you from any potential harm that may be caused by saving the data in the browser.
Install reliable anti-virus software and use secure wi-fi networks
Reliable anti-virus software can help create an additional layer of security and Windows Defender secures the computer from virus attacks in the Microsoft 10 operating systems. Hypertext Transfer Protocol Secure (Https) extensions can prevent your devices from being tracked by means of an IP (Internet Protocol) address and Virtual Private Networks (VPN) tools also help to add a second layer of security to your devices.
Check regularly for software updates
Every operating system on devices, be it a computer or any smart device, provides for regular software updates. Do not ignore them because they contain a few developments in their operating system that protect the devices from bugs and existing technical glitches.
Enable data encryption
Encryption is nothing but a tool that converts the information into a set of codes that are unreadable, thereby safeguarding the data while transmitting and storing it on another person’s device. Using a data encryption tool can also be useful in protecting data from being unauthorisedly accessed during its transmission and storage.
The above are a few sets of procedures that can help protect your personal information. The list is not exhaustive and it will develop on par with the evolution of technology.
Legal frameworks and regulations
Governments around the world are recognising the importance of privacy in the digital age and implementing legal frameworks and regulations to safeguard individuals. From the General Data Protection Regulation (GDPR) in Europe to the California Consumer Privacy Act (CCPA) in the United States, these regulations aim to give individuals more control over their personal data. However, the effectiveness of such regulations and their enforcement remain a subject of debate.
The role of big tech
As major players in the digital landscape, big tech companies play a significant role in shaping privacy standards. The collection and monetization of user data by these entities raise ethical questions and concerns about the extent of user consent. Examining the practices of these companies and advocating for transparent data policies are essential steps in addressing privacy in the digital era.
The future of privacy protection
Looking ahead, the future of privacy protection will likely be shaped by emerging technologies such as artificial intelligence and the Internet of Things. These developments present both opportunities and challenges, necessitating the continuous adaptation of privacy measures. Ethical considerations and responsible innovation will be crucial in establishing a framework that prioritises privacy in the evolving digital landscape.
Privacy protection in the digital era is all about preventing one’s personal/private information, which is in the form of data in the digital world, from being misused by companies and also by criminals. Inculcation of due awareness among the public about the ways and means to safeguard their data, having adequate laws to address privacy issues and also necessary enforcement mechanisms to provide relief to the aggrieved person.