Sunday April 22, 2018
Home India Why India Is ...

Why India Is Still Nowhere Near Securing Its Citizens’ Data?

2
//
89
Republish
Reprint

By Nishant Arora

It was the perfect photo-op when Prime Minister Narendra Modi hugged Facebook CEO Mark Zuckerberg during a town-hall meeting at the social media giant’s sprawling headquarters at Menlo Park, California, in September 2015.

With Facebook now embroiled in a massive data breach controversy, the bonhomie appears to be over, with India warning Zuckerberg of “stringent action”, including summoning him over the “misuse” of information to allegedly influence the country’s electoral process.

Zuckerberg has recently said Facebook will ensure that its platform is not misused to influence elections in India and elsewhere, but after witnessing how social media platforms were infiltrated during the 2016 US presidential election and the Brexit vote in the UK, nothing can be predicted at this point of time.

ALSO READ: Data breaches forced governments and enterprises to focus on cyber security

While governments the world over are fast formulating new laws that deal with users' data security and privacy, and the spread of false news, India lags far behind on this front
While governments the world over are fast formulating new laws that deal with users’ data security and privacy, and the spread of false news, India lags far behind on this front. Pixabay

 

Is the country prepared in case a huge security or privacy breach hits its people?

According to top cyber law experts, India as a nation has missed the broader point in the ever-changing tech landscape.

“The moot point here is: How do we regulate mobile app providers, social media players and intermediaries in terms of handling and processing the users’ information? We don’t have a data protection law in place. We neither have a national law on cyber security nor a national law on privacy,” Pavan Duggal, the nation’s leading cyber law expert, told IANS.

The absence of these critical laws has created a very fertile ground for the misuse and unauthorised access of user information by the service providers.

“On top of it, India has not revisited its stand on intermediaries’ liabilities since 2008. Also, the service providers have been given a great fillip by a judgement of the Supreme court, where the service providers are directed not to take any action till such time they get a court or a government agency order,” Duggal informed.

ALSO READ: India, US to enhance cyber security cooperation

In such a scenario, service providers are using the "Indians' data with impunity".
In such a scenario, service providers are using the “Indians’ data with impunity”. Pixabay

 

“They are transferring them outside the territorial boundaries of the country because we as a nation are sleeping. Once the data goes outside the country, the government loses all control. This has a detrimental impact on the protection and preservation of people’s data privacy and personal privacy,” Duggal stressed.

India has to learn from the European Union (EU) when it comes to formulating a legal framework to secure data.

The EU has asked businesses and service providers globally to comply with its new privacy law — the General Data Protection Regulation (GDPR) — that comes into force from May 25 this year.

The EU GDPR has been designed to harmonise data privacy laws across Europe — to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy.

After four years of debate, the GDPR was finally approved by the EU Parliament on April 14, 2016. Organisations that fail to comply with the new regulation will face hefty fines.

Although a white paper on data security has been published by the Indian government for all the stakeholders to deliberate upon, the country is still working on drafting a data protection bill.

“India is woefully under-prepared to address issues of data protection and cyber-security. We need a data protection law that protects citizens from misuse of data with strict liability and extremely high statutory damages that must be awarded within a strict period of time,” said Mishi Choudhary, President and Legal Director of New Delhi-based Software Freedom Law Centre (SFLC.in), a not-for-profit organisation.

According to Duggal, also a noted Supreme Court lawyer, India should not cut-paste any other country's law as it has to deal with a different set of problems.
According to Duggal, also a noted Supreme Court lawyer, India should not cut-paste any other country’s law as it has to deal with a different set of problems. Pixabay

ALSO READ: Kremlin Reportedly Planning to Revive KGB-style Security Behemoth

“India’s social realities are entirely different. The country has to deal with the huge issue of Aadhaar which is reeling under variety of cyber attacks because we have failed to apply cyber security as an integral part of the Aadhaar architecture,” Duggal told IANS.

India’s approach has to be based from its soil and the country must strive for information localisation.

“India should not allow its data to be stored outside its boundaries. Service providers must (be made to pay) high penalty if they are found to be misusing the data of Indians irrespective of if they are physically located in the country or not,” Duggal said. IANS

Click here for reuse options!
Copyright 2018 NewsGram

  • You’ve said that right. I am also from India.
    The data security is one serious topic. and our government must work on it. I have recently lost my websites in data breach attacks.

    • hosmathospital897

      Dear Sir /Madam,
      Hello , Are you interested to selling one of your kidney for a good amount
      of {$800.000USD} in India pls kindly Contact us now on our email: as we are
      looking for kidney donor, Very urgently who are group B,group A ,O ve and 0
      ve. Interested Donor should contact us now.

      Best Regards:
      Dr Mayur R Shetty
      Phone Call ;+918496054892
      hosmathospital803@gmail.com
      HOSMAT KIDNEY REPLACEMENT CENTER

  • You’ve said that right. I am also from India.
    The data security is one serious topic. and our government must work on it. I have recently lost my websites in data breach attacks.

    • hosmathospital897

      Dear Sir /Madam,
      Hello , Are you interested to selling one of your kidney for a good amount
      of {$800.000USD} in India pls kindly Contact us now on our email: as we are
      looking for kidney donor, Very urgently who are group B,group A ,O ve and 0
      ve. Interested Donor should contact us now.

      Best Regards:
      Dr Mayur R Shetty
      Phone Call ;+918496054892
      hosmathospital803@gmail.com
      HOSMAT KIDNEY REPLACEMENT CENTER

Next Story

Major Global Tech Firms Sign Cyber Security Tech Accord

34 global tech firms sign key accord against cyber attacks

0
//
42
Global firms
Global Tech Firms. Pixabay

Top 34 global technology and securities firms, led by Microsoft and Facebook, have signed a “Cyber security Tech Accord” to defend people from malicious attacks by cyber criminals and nation-states.

The watershed agreement will prevent them help governments launch cyber attacks against innocent citizens and enterprises. It will also protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.

The agreement for Cyber security
Cyber security. Pixabay

“The devastating attacks from the past year demonstrate that cyber security is not just about what any single company can do but also about what we can all do together,” Microsoft President Brad Smith said in a statement on Tuesday.

The “Cybersecurity Tech Accord” is a public commitment among 34 global companies to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.

“This tech sector accord will help us take a principled path towards more effective steps to work together and defend customers around the world,” added Smith who has been arguing for a “digital Geneva Convention” for years.

Also Read: McAfee unveils refreshed cyber security solutions portfolio

The companies made commitments in four areas — stronger defence, no offence, capacity building and collective action.

“The companies will do more to empower developers and the people and businesses that use their technology, helping them improve their capacity for protecting themselves,” said cybertechaccord.org.

This may include joint work on new security practices and new features the companies can deploy in their individual products and services.

The Tech Accord remains open to consideration of new private sector signatories, large or small and regardless of sector, who are trusted, have high cyber security standards and will adhere unreservedly to the Accord’s principles.

“The real world consequences of cyber threats have been repeatedly proven. As an industry, we must band together to fight cyber criminals and stop future attacks from causing even more damage,” said Kevin Simzer, Chief Operating Officer, Trend Micro.

Warning for Cyber attack.
Cyber Attacks. Pixabay

The victims of cyber attacks are businesses and organisations of all sizes, with economic losses expected to reach $8 trillion by 2022.

The cyber attacks in the past have caused small businesses to shutter their doors, hospitals to delay surgeries and governments to halt services, among other disruptions and safety risks.

“The Tech Accord will help to protect the integrity of the one trillion connected devices we expect to see deployed within the next 20 years,” said Carolyn Herzog, General Counsel, Arm.

Also Read: Parental Control Apps May Not Help in Shielding Teenagers From Cyber Threats

On Monday, Cyber security representatives from the US and Britain warned of Russian state-sponsored cyber-attacks that are targeting network infrastructure devices such as routers and firewalls, to compromise government and private sectors globally.

According to a US Computer Emergency Response Team (US-CERT), the Technical Alert provided information on the worldwide cyber exploitation by Russian state-sponsored cyber actors.  IANS