data-security

CONTEXT

The centre has announced a ban on 50 new Chinese mobile applications, including Rise of Kingdoms: Lost Crusade, Tencent Xriver, Nice Video baidu and Viva Video Editor, due to concerns related to privacy and national security.

Ban on 50 new Chinese Apps

  • The Ministry of Electronics and Information Technology has issued interim directions for blocking 54 apps alleging that these applications were collecting sensitive user data that was being misused and transmitted to servers located outside India.
  • The apps were blocked invoking powers under Section 69A of the Information Technology (IT) Act read with the relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009.
    • Two Options under Section 69A of IT Act:Normal & Emergency route
    • Normal Route: An order to block content requires:
      • a decision to be made by a government committee
      • relevant intermediaries to be given an opportunity to be heard by this committee.
    • Emergency Route: it allows content to be blocked on the directions of the Secretary, Department of IT, who must consider the impugned content and record his reasons for doing so.
      • The order of the secretary must be placed before the government committee within 48 hours and is finalised based on the recommendations of this committee.
  • The apps have been banned due to threats to national security & sovereignty.
  • There were complaints regarding misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting data of users in an unauthorised manner.
  • The Indian Computer Emergency Response Team (CERT-In) has received several complaints from citizens regarding security of data and loss of privacy in using these apps.
  • The government had last year banned over 200 Chinese mobile applications, including popular ones like TikTok, Shareit, Mi Video Call, Club Factory and Cam Scanner.
  • The announcement had come amid border tensions between India and China in Ladakh.

DATA PROTECTION IN INDIA

  • Rapid transformation into a digital society: With nearly 450 million Internet users and a growth rate of 7-8%, India is the path to becoming a digital economy, which has a large market for global players.
    • Due to this rapid permeation of digital revolution in India there is a need for a stricter data protection regime in the country.
  • Data revolution across all spheres: The processing of personal data has already become omni present while the transition to digital economy is underway.
    • The reality of the digital environment today is that almost every single activity undertaken by an individual involves some sort of data transaction or the other.
  • Data driven markets and companies: some of the largest companies in the world today are data driven. The internet has given birth to entirely new markets, those dealing in the collection, organisation and processing of personal information whether directly or as a critical component of their business model.
  • Right to privacy: The Supreme Court recognised right to privacy as a fundamental right in the landmark KS Puttaswamy case.
    • The unregulated and arbitrary use of data, especially personal data, has raised concerns regarding the privacy and autonomy of an individual.

Key principles around data protection in India

  • Technology agnosticism: The law must be technologically agnostic. It must be flexible to take into account changing technologies.
  • Holistic application: The law must apply to both private sector entities and government. Differential obligations may be carved out in the law for certain legitimate state interests.
  • Informed consent: Consent is an expression of human autonomy. For such an expression to be genuine, it must be informed and meaningful.
  • Data minimization: Data that is processed is to be minimal and necessary for the purposes for which such data is sought.
  • Controller accountability: The data controller should be held accountable for any processing of data whether by itself or entities with whom it may have shared the data.

Approaches to data protection in other countries

Comprehensive data protection law, The EU Model

  • In the EU, The right to privacy is a fundamental right which seeks to protect the individual‘s dignity.
  • The Europeans charter of fundamental rights recognises the right to privacy as well as right to protection of personal data.
  • The EU possesses a comprehensive data protection framework which applies to processing of personal data by any means, and to processing activities carried out by both the Government as well as the private entities, although there are certain exemptions such as national security, defence, public security, etc.

United States: privacy protection is essentially a liberty protection

  • Unlike the EU, there is no comprehensive set of privacy rights that collectively addresses the use, collection and disclosure of data.
  • The approach towards data protection varies for the public and private sector.

India needs to find the right balance

  • India must find the right balance so as to take advantage of a data driven ecosystem but with all reasonable restrictions.
  • India has the potential to lead the world into a digital economy making use of its existing strengths in information technology, demographic dividend and its need for empowerment based on access to services and benefits.

 

Some Important Links:

Union Budget 2022-23 Analysis

Prelims 2022 Test Series

NCERT Course 2022-2023

GS Foundation 1year, 2 years and 3 Years Course

Anthropology Foundation (Optional Course) For UPSC CSE 2021-22

Geography Foundation (Optional Course) For UPSC CSE 2021-22

Join our Telegram Channel:   https://t.me/JVIAS10

For more queries call us: +91- 8882932364