Sunday, 28 October 2012

Privacy Policy is yet to be made

A Parliamentary Committee has been constituted to study and report on making of 'Privacy Policy' in India. It has come up with several recommendations which will be considered by DOPT(Department of Personnel and Training) ;and it may be drafted by DOPT and adopted to be made into a law. When bio-metric fingerprinting is taken for Aadhar cards or any organization, we have an option to 'opt-out'.While financial status is taken by a bank or DNA profiling is done by a health insurance firm, significant data is collected from the Indian citizen.Does the citizen know that his profile is being made? Does the average Indian know that he has a right to privacy and that he must know what purpose this information is used and whether data is secure? He must now educate himself.
Article 21 of our Constitution has given right to privacy the status of  a fundamental right. It is not discussed in any other section. Only RTI Act on right to information discusses this right. It defines 'which information can be given' and which information the individual seeking is 'entitled to get'.We need a separate department to monitor policy on the right to privacy. Disclosure should not be allowed.Why should anyone know everything about everyone?The degree or proportionality of how much information can be found out without privacy rights being violated. Individual privacy is not be not to be interfered with.  There should be protection to the individual and the rights of others involves should be considered also. And we need a tribunal to settle disputes as a course of action to those who feel that their right to privacy has been violated. Or he may go to court (it takes too long). Or there may be an identity theft, in which case law will dictate course of action.If  someone collects information on the individual, he must know what information is being collected, what are the safeguards, must/should he give the information, and how this information is being used.Collection of data  from the individual should to be limited to the purpose of that particular collection only; for example, a bank can collect only so much information as to open an account, it should not ask more questions.For evaluation of taxes, the bank should not ask questions. Any institution cannot ask personal questions like on religion, on martial status and so on. Sometimes firms ask questions to find out the financial status, for commercial purpose  they want to create a demand by offering shares and so on. So a statutory framework is required on what information can be given and what need not be give.Technologically, we live an age of computers where policies have be sound and modern enough to meet current exigencies. Newer interpretations of 'what is privacy right' is on the make;and the newer definitions have to be integrated with the present day advanced technology(latest). Sharing of data and having no data security laws pose new threats of manipulation of data.While giving our data we must consider  'how personal data is shared'.Social networks in future may spawn litigatory nightmares for users.
There should be privacy law which should cover both government sector and private sector. Choice and consent must be considered by the individual while giving data; if the data is transferred to a third party, the data should be protected. Personal information like medical records cannot be made public.The individual does not know 'what' is detrimental to his privacy. Written rules must be made and it should be publicised. Individual should be given the choice to 'opt-out' if he does not wish to share personal information or data. UIDAI of 2010 is not compulsory,individuals can 'opt-out' and still receive benefits of social welfare schemes.Public Data Portal will give access to its data. National Data Sharing Accessibility Policy 2012, will give access to anoymised data sets generated by UIDAI.
All information cannot be shared. When data is involving historical research or scientific research, it can be shared by all.There are however, limits. For instance media takes undue privileges in interfering with privacy of individuals.Journalistic adventurists love sting operations and frequently indulge in phone tapping. Officially, 'phone tapping'  is dictated by Supreme Court's guidelines;it can be done for sixty days and not beyond eighty days. But there are cases when journalists have tapped phones for year and that too based on an anonymous letter.Court approval should be made mandatory for such interference. Making public a persons name can tarnish a person's reputation, so there is a law saying that names of victims are not to be disclosed in press. But cunning journalists disclose all other aspects of the person(the school, the friends, and locality of the victim) as if pinpointing to the suffering victim tormenting him/her further. To check the arbitrary powers of the press and stop the press from violating privacy rights of the individual, making of privacy policy is most urgent now.This invasion into lives of the individuals must be arrested and privacy rights must be re-defined.
The Indian psyche does not identify "the self" as a distinct identity which has to be kept secret.Our cultural setup evokes groupism and non identification of the distinct "self" or the individual personality.Our traditional mental makeup does not "see" the individual,literally. We are not individualistic in outlook like the Westerners. So the "rights of the individual' is very very new to us.We have yet to comprehend the idea as it is beyond our cultural definitions.We give up our privacy easily, and do not really "recognize" that our identity has to be closely guarded. Modern technology, the Internet, has brought new spheres where our privacy is constantly being invaded. Laws on this have not been evolved yet. A law dealing with our individual rights  of identity is essential otherwise we will be tied up in litigation(fighting over rights and their interpretations) making progress impossible.State interferes with our lives too much, our personal data is not safe with it.Census Act of 1948, does not disclose data, it is not open to inspection.Citizenship Act of 1955 provides for acquisition and determination of Indian citizenship and Citizenship Rules of 2009 do not discuss invasion of privacy. While Centralised Identity Data Register (of UIDAI) does no propose compulsory giving of biometric data, it was coupled with NPR and made mandatory. Now citizens are caught in a vicious web.There is no need for National Population Register which may use biometric technology, originally only a written register was to be kept.NPR is also linked to national intelligence grid, national counter terrorism Centre, draft human DNA profiling Bill, Radio Frequency Identification(transport ministry) and Land titling Bill (rural Development Ministry), Public Information Infrastructure for Innovation, World Bank's eTransform forum and NATO's identification policy. Data bases created are shared with private companies(which actually make them) The act of using the human body as a data, and using personal information as a commodity or resource is unthinkable. But it is being done.We are allowing ourselves to become modern slaves in a potential police state. So let us learn about our rights, and find ways to safeguard them.

No comments:

Post a Comment