Image source:

This article has been written by Shobhit Kapoor and edited by Shashwat Kaushik. This article aims to create awareness in the minds of internet and social media users about the significance of privacy policies and the potential consequences of being mindless while using the internet.


We as a country are on the cusp of being tech savvy and it’s evident that we as technology users are in a state of flux. I hope this short article will at least spur thoughts in the minds of active internet users and make them aware of the technology  they are rapidly making a part of their lives.


Download Now

Bob installed a social media app on his Android. He registered on the app and provided his personal information, such as calling number, email, etc. He started using the app for whatever purpose the app was to serve him. Life goes on and he is happy.

In about a month’s time, Bob’s email inbox starts receiving promotional emails and requests for financial help from unknown senders. It does not stop here. He even gets senseless emails with jumbled up words as the subject line, all of which lend suspicion to the emails. To add to this, his SMS folder starts getting promotional or informational messages. This constant pouring in of emails and messages freaks him out because he cannot recall if he ever shared his e-mail with any such person or organisation as much as he could recall. He is so   particular about his privacy that he does not have a business card. Hence, there was no doubt in his mind whether he may have accidentally shelled out his business card carrying his email ID at any of the conferences he had attended. Bob is clearly upset and unable to make out what has gone wrong, why he is so famous among strangers, and for what reason?

Not stopping here, every time he logs onto the social media app, he is shown advertisements based on his interests and likings, which for the most part, are very disruptive to the normal pleasant experience he may like to have.

What happens in such cases

It is a clear indication that the social media app may have given away his email to third-parties  who may have started the volley of emails to him. And this is done without the consent of Bob. Clearly, this was an unwanted situation, which is sufficient to upset anybody like Bob.

Imagine yourself in place of Bob. Or even worse, if you are not active in checking emails, just think about how you would deal with spam mail once you opened your email account after a really long time.

Imagine when you start getting calls in the midst of your meetings, where the caller is pushing a product or a service in a cold call. It might be real estate agents, insurance agencies or NGOs, many of which may be fake and aim  to fleece you of your money.

We must accept the fact that, till today, internet and smartphone users in India are not aware of the do’s and don’ts when it comes to their usage and sharing of data on the internet. The issue is not just  knowing things but also being able to actually act on them.

Yes, we are here to talk about the degrees of freedom that any app or portal may exercise with a user’s personal data and what you should do in order to have sufficient control over this freedom.

Data stealing

Apps and portals do need your personal information in order to provide you with the services they are meant for. But that definitely should not lead them to share your data with third parties without your consent. Otherwise, you may imagine your plight if you install multiple such apps or register on multiple portals serving your purpose of education, shopping, news, informatics, etc. Isn’t it like a deluge of strangers  knocking at your door? And the least that needs to be done by you is to answer the doorbell and shoo them away. At times, such a stranger may even take a peek inside the house to further his ill intentions. Spam and malicious emails do exactly that. Targeted malicious mail may wreak havoc for you if opened.

Malicious e-mails are known to even steal data from the device, which means even more threats and dangerous communications, whether it is by email, SMS or even WhatsApp messages.

What kind of data is collected

Sites usually collect data like name, email ID, phone number, address, etc. explicitly from you at the time of registration. Such information is genuinely needed by the site/app to provide its services to you.

However, some of the data pertaining to your browsing behaviour and choices you make on the site is auto-collected by the use of cookies, etc.

Why do they collect your data

Sites need this data to provide a certain degree of personalisation of services for you, which is a legitimate cause, besides the fact that some of your data is essential for them to even render the basic services such as customer support, fraud detection, voice services, etc. And some data is also passed on to  third-party affiliates, whom they have partnered with for targeted advertising purposes. Such partnerships cannot be done away with by these sites.  For example, it is just not possible for  Amazon or Flipkart to cater to all the aspects of retailing. They need able partner organisations that integrate their internal portals and systems to carry out tasks that these giants want them to perform. Partner sites say  Amazon will need your personal data for fulfilling orders, delivering packages, sending postal mail and e-mail, removing repetitive information from customer lists, analysing data, providing marketing assistance, providing search results and links (including paid listings and links), processing payments, transmitting content, scoring, assessing and managing credit risk, and providing customer service. Hence, these third-party service providers have a genuine need to access your personal information to perform their functions.

On the other hand, there are some other types of partner sites that gain access to your data and start sending you communications. These partner sites may also share your data with others without your knowledge. Unfortunately, this does not stop and you, as an innocent user, will never get to know who is holding your data by the end of the day. You may only become aware when an attempt to cause  damage happens. Therefore, it’s better to be aware of your data and its usage to prevent any potential harm.

Shared data does the rounds and gets into various hands—some with genuine and harmless intentions, and some that can really turn your life into chaos. Yes, I am talking of the money-fleecing callers who can easily and brilliantly wipe out money from your accounts with a phone call or a message. How do they get your data? Obviously, the negligence of one of those handlers of your data who got hold of it through legitimate means. There is no check on the degree of diligence or any negligence in handling data.

For those who are avid watchers of OTT, please go and watch the series “Jamtara”, and you will be appalled to see how young boys who have acquired not even one-tenth of the average education we have are able to con the innocent using smartphones and by sheer knowledge of OTP. The series is an eye-opener. Take it as a crime series, not as an entertainer!

All said and done, you have some good control over how the site/app can pick up or share your data, but unfortunately, such knowledge is anything but common. The Internet has boomed rather faster than the knowledge and awareness of it. There are still many areas where people lack knowledge and need to be more informed about them.

How do you control the use of your personal data

Privacy policy and cookies

Every time you download an app from the store or register for an app, watch out for the cookie as well as the privacy policy for that app or portal. It is for you to read through it and infer as to what kind of personal data the app/portal will read and store, which of your attributes will be shared with its partner sites and how you can withdraw your consent to such a sharing of your data or browsing behaviour.

Most sites or apps provide you with the option to deny sharing your data with partner sites. This is a valuable option for you to exercise, which will prevent much of your troubles. Data privacy laws in almost all jurisdictions around the globe mandate some sort of control and provide the user with the option to deny sharing his data. Additionally, mature sites and apps provide the option to opt out of receiving any promotional emails and other communications.

Sites also have cookie policies, which inform you as to what type of cookies they create on your device or system. Cookies are small files that carry information about your browsing behaviour (using the identifiers of your browser and device) on the site in order to give you sufficient personalisation for your forthcoming visits to the site. It is imperative for you to read the cookie policy and uncheck the cookies, which could lead to data sharing.

Grievance officer

Sites in India have been mandated to appoint a Grievance Officer and a team to address any privacy breach issues of a user. The details of GO, i.e., name, email, phone number, and postal address, are published in the privacy policy or in allied links for the user to make note of. The Grievance Officer can be contacted for any issues related to privacy infringement, issues with the site content if found objectionable or for any other objective that may be detrimental to the security of the user.

Opt-out control

You have the option to withdraw your consent to receiving any targeted ads from the site’s network of affiliates and advertisers. Most sites that present ads to their users have this feature available to them. You can even opt out of receiving any email communications or any other messages and the site needs to allow this for its users.


With the rampant use of technology and a plethora of apps and portals, whether they are social media, or ecommerce or any other service of significance, users need to learn the new needs in order to know their rights with respect to their personal data or sensitive data that is captured by these apps and sites. 

The need for this awareness is essential, especially in the wake of the neck-breaking usage of the internet and the availability of services on one’s smartphones. 

As users of technology, we need to realise that it is a barter of sorts. On one hand, we are promised fast and accurate delivery of products and services at the click of a button and we can order things that are delivered to our doorstep. And on the other hand, we may run into the risk of having our data compromised. It is the user community, when equipped with such knowledge and street smartness, that can compel policymakers to bring useful and needed legislation for the intermediaries to make the rightful use of data and to take up reasonable accountability. So let’s wake up before it gets late !



Please enter your comment!
Please enter your name here