From the size of your shoe to the book you would like to read, retailers have mammoth-sized information on customers. Big Data has been a key enabler of Artificial Intelligence (AI) and it is believed that AI will drive the future innovations in the country. But how safe is the information you are sharing and who’s protecting the data? There’s need for better data privacy regulations in India, finds out Shwetha Satyanarayan.
“Technology is moving faster than the data privacy regulations framed in the country, right?” observes DebartiSen, MD of innovative solutions provider 3M India. “And it’s only natural, privacy will pose a challenge,” she says.
For a country that has over 200 million online consumers, who share personal data that starts from mobile numbers to postal address and goes up till bank details, protecting the data of these consumers is no small feat.
However, unlike the European Union which has recently enforced the General Data Protection Regualtion (GDPR), India has no stringent laws to protect the data of the consumers and safeguard their interests. Under the GDPR, an individual’s personal data is within her control, including how her data is collected, stored, processed, shared or exported, and how long it is retained for.
While Indian online consumers have no say in how their personal data is being used and distributed, as per the Annual Consumer Survey on Data Privacy in India 2018, millennials and decision makers are the most concerned customers who often worry about their personal data being shared in public domains. While the survey found out that 45 per cent of millennials have trust deficit in sharing personal data in e-commerce websites, a big share of 54 per cent decision makers too said they did not trust that their personal data was safe in public domains.
Industry experts in India have time and again stressed the need to strengthen data protection laws. The present IT Act 2000 does not have any stringent laws to protect data and merely contains a provision regarding cyber and related IT laws in India. When AI wholly depends on big data and at a time when AI is expected to be the key enabler of future innovations, it’s time that the policymakers give importance to data protection, observe the industry experts.
For instance, a classic case of how AI could go wrong was the recent episode of Amazon’s voice assistant Alexa recording a private family conversation in Portland and sharing it with a random number in the contact list. While this was a security breach, there a few laws to regulate how firms can be held accountable in such scenarios. With AI driving everything from voice assistants to chatbots, there are surprisingly very few laws that make the companies accountable.
Commenting on the need for better data privacy regulations, venture capitalist and Infosys co-founder Kris Gopalkrishnan, says, “There is an urgent need to bring a balance between the protection of data and safeguarding the interests of a consumer. There’s a lot of data available with companies but there is no guarantee that the data is being used in the right way for the right purpose. Companies have tojoin hands with law-makers and the government, and the purpose has to be taken at a national level.”
Suggesting that perfecting the balance between privacy and innovation is the key to develop the AI ecosystem in India, Sen observes that AI innovations will not only be serving the country but Indian innovations will make a difference globally too and hence companies here have to partner with global firms to form better stringent laws.
“We have to engage data protection regulator and make both the industries and government accountable. There should be strict laws against unjustified surveillance and industries should guide the policymakers on framing the right laws,” Sen says.
She suggests that India should follow the footsteps of EU and should soon adopt data privacy laws that are equivalent to GDPR.