Kaushik Deka
"Both the populace together with the private sector are collecting together with using personal information at an unprecedented scale together with for multifarious purposes. While information tin locomote position to beneficial use, the unregulated together with arbitrary utilisation of data, particularly personal data, has raised concerns regarding the privacy together with autonomy of an individual. Some of the concerns relate to centralisation of databases, profiling of individuals, increased surveillance together with a consequent erosion of private autonomy." This is what a nine-member commission of experts formed past times the Union authorities to study diverse issues related to information protection had said inward a white paper 4 months before ii national parties of the country-the BJP together with the Congress-got embroiled inward a nasty slugfest over information theft. On March 27, Christopher Wylie, a onetime employee of British information analytics together with political consulting line of piece of work solid Cambridge Analytica (CA), which had allegedly stolen the information of 50 i one 1000 thousand Facebook users inward 2014, claimed that the Congress political party was the firm's client inward India. Two days earlier, the Congress had alleged that the Narendra Modi mobile application (NaMo app), launched past times Prime Minister Narendra Modi inward 2015, had been stealing information of those who downloaded the app together with sharing it alongside a 3rd political party based inward the US. The app, according to media reports, seeks 22 permissions, including access to contacts, photographic television camera together with location. The BJP non alone rejected these allegations but also hitting dorsum at its rival, maxim that the Congress mobile application shared users' information alongside the party's "friends inward Singapore".
Ironically, the rootage of both parties' claims is the same-the Twitter line of piece of work organisation human relationship of a 28-year-old French "security researcher", Robert Baptiste, also known equally Elliot Alderson. Within 24 hours of Alderson's tweets, the NaMo app quietly changed its privacy settings. Earlier, the app stated that all information accessed past times it would locomote kept confidential. Now, the app says sure information volition locomote shared to give the user a ameliorate experience. The Congress, on their part, deleted their app.
The sordid saga has raised an uncomfortable question: are political parties mining private information for electoral gains? The respond is also interlinked alongside several other debates-security of digital information inward the country, whether inward the hands of authorities platforms, such equally Aadhaar, or private service providers, such equally Amazon together with Uber, together with the role of social media giants, such equally Facebook together with WhatsApp, that have got overwhelming access to personal data. With over 250 i one 1000 thousand active users, Republic of Republic of India is similar a shot the largest national user base of operations for Facebook. WhatsApp together with Instagram, ii other entities owned past times Facebook, have got over 200 i one 1000 thousand together with 53 i one 1000 thousand users inward the province respectively. With all these platforms showing vulnerability to information breaches, the correct to privacy sounds similar a utopian concept.
Politics takes over debate
While both the UPA together with NDA governments have got done precious picayune on information protection, the game of oneupmanship betwixt the Congress together with BJP has been continuing since the damaging revelation before this calendar month nearly CA, which was laid inward 2014 alongside the assist of Steve Bannon, onetime principal strategist of USA President Donald Trump together with onetime caput of alt-right media platform Breitbart News. It was formed equally a subsidiary of Strategic Communications Laboratories (SCL), a British fellowship that describes itself equally specialising inward data, analytics together with strategy.
In a paper interview, Wylie, 28, claimed that inward 2014, CA acquired user information of 50 i one 1000 thousand Facebook profiles through personality profiling app 'thisisyourdigitallife', built past times Aleksandr Kogan, a Soviet-born American academic at Cambridge University. While the app was downloaded past times simply 270,000 Facebook users, it pulled information from the Facebook friends of these users equally well, allowing CA to harvest the information without consent. Facebook had allowed Kogan, a psychology professor, who owns a fellowship called Global Science Research, to collect information for academic purposes, but he reportedly sold it to CA.
Two paper reports claimed that CA used the information to assistance Donald Trump's 2016 presidential drive together with to rails audience conduct inward the Brexit drive together with elections inward Kenya. According to Wylie, the Facebook information helped develop psychological profiles of users, which were afterwards used to influence them. This reportedly had a greater comport on on voters than traditional advertising.
In a sting performance past times Britain's Channel 4 News, CA's CEO Alexander Nix was heard boasting nearly his company's involvement inward Trump's victory. Channel 4 wrote inward its article: "In the meetings, the executives boasted that CA together with its parent fellowship SCL had worked inward to a greater extent than than ii hundred elections across the world, including Nigeria, Kenya, the Czech Republic, Republic of Republic of India together with Argentina."
SCL had partnered alongside India-based Ovleno Business Intelligence (OBI), which had claimed on its website-now unavailable-to have got worked alongside the BJP, Congress together with the Janata Dal (United). One of the directors of OBI is Amrish Tyagi, boy of JD(U) leader K.C. Tyagi. Though CA was formed inward 2014, it claims to have got helped its client range a landslide victory inward Bihar inward 2010. That was plenty for the Congress to claim that the BJP had used the services of CA since it was the BJP-JD(U) alliance that won the 2010 Bihar assembly polls. Another OBI director, Avneesh Rai, claimed inward media interviews that CA had genuinely worked to sabotage the Congress's campaign.
Elections together with information breach
Political leaders together with independent election strategists pick out that large data-voluminous amount of structured or semi-structured information that has the potential to locomote mined for information-plays a huge role inward formulating election campaigns, together with political parties oftentimes seek access to such data, most of which is available inward the populace domain.
"The Election Commission data, the voters' list, a uncomplicated telephone directory together with diverse surveys conducted past times multiple authorities together with private agencies are some of the sources of large information for political parties. The usefulness of this information depends on the lineament of the analysis," says S. Anand, CEO together with principal information scientist of Gramener, a information scientific discipline fellowship based inward Hyderabad together with Bengaluru.
Indian telecom pioneer Sam Pitroda, who heads the overseas subdivision of the Congress, also accepts the significance of large information analysis inward political campaigns. "Data analysis gives us a goodness agreement of multiple attributes, such equally historic menses group, caste, religion, location, education, profession together with relationship," he says.
But in that location is a nigh consensus amid diverse stakeholders that the comport on together with reach of mining together with analysing social media information is real express inward the Indian political context. Anand dismisses the might of social media information inward influencing elections, maxim that user profiles of platforms similar Facebook do non necessarily render information crucial for Indian elections, such equally caste together with political leaning. "The social media penetration inward 2014 was much less compared to what it is now. And to fifty-fifty say that Facebook information volition assist create a successful election drive is a 10-year boundary of faith at the moment," he says.
According to the 2018 Global Digital Report from We Are Social together with Hootsuite, Republic of Republic of India has 34 per cent cyberspace penetration compared to the global average of 53 per cent. The USA has 99 per cent cyberspace penetration. Republic of Republic of India is also far behind the global average inward social media penetration. Republic of Republic of India recorded nineteen per cent social media penetration inward Jan 2018 equally against the global average of 42 per cent. However, at 31 per cent, it was the 2nd fastest growing province inward damage of social media penetration.
The information also indicates that it was most unlikely that CA had plenty numbers to influence Indian elections through social media manipulation. India's cyberspace penetration has been fuelled past times mobile telephone data, which received a huge impetus alone inward 2016 alongside the launch of Jio phones, resulting inward abrupt autumn inward information tariffs. In India, 79 per cent of the spider web traffic comes from mobiles equally compared to the global average of 52 per cent.
A prominent election strategist, who has worked alongside both the BJP together with the Congress, agrees alongside Anand together with says that the social media conduct of people inward the USA together with inward Republic of Republic of India is vastly different. "In the US, it may locomote easier for an analyst to approximate whether a soul is Republican or Democrat. In India, people don't reveal much nearly their political behaviour," he says.
Praveen Chakravarty, who heads the information analytics fly of the Congress, believes that social media sure enough makes it easier to acquire one's message out inward a targeted manner, but it cannot predict voters' behaviour. "Predicting voter conduct through Facebook trends is vastly overrated together with exaggerated, at to the lowest degree inward the Indian context," he says. Contrary to his assertions, a study published inward the Proceedings of the National Academy of Sciences inward 2013 showed that if i had plenty data, simply based on 'likes', i could predict sensitive personal attributes, including political views, fairly accurately. That could perchance locomote the logic behind Prime Minister Narendra Modi late quest BJP MPs to increment the 'genuine likes' on their Facebook pages to 300,000 if they wanted to competition the 2019 elections.
But Chakravarty dismisses CA's claims of helping political parties win elections alongside its information analysis. "Data together with analysis tin locomote a real useful input inward overall electoral strategies. But to say that information analytics lonely volition win elections is a gross exaggeration. It is i of many of import inputs into an election," he says.
According to Pitroda, the comport on of messaging based on information analysis is short-lived. "Politics is non nearly selling a product. This is a novel phenomenon promoted past times businesspeople to brand money. It volition non concluding long. Mahatma Gandhi did non demand such tools to communicate. If the message is true, it volition range the target audience."
A drive strategist, who did non desire to locomote named, pointed towards the complications inward analysing such information equally Facebook offers dynamic data. "Billions of information points volition locomote generated every day. To brand sense of these, a high flat of analysis is required, which could locomote genuinely fourth dimension consuming," he adds. He is also confident that neither the BJP nor Congress has ever used CA because several Indian entities offering such information sets at much cheaper rates.
Chakravarty agrees, maxim external agencies are non required for constituency mapping or analysing election trends at booth levels. "I have got published an entire trunk of empirical enquiry piece of work using electoral data. It is no encephalon surgery," he says.
Adds the strategist, "That's the argue a transcend BJP leader slept through a CA presentation. Ambrish Rai, who used to do surveys for political parties, was taken on board past times CA because he helped the British fellowship acquire access to several political leaders."
Amit Malviya, caput of the BJP's information technology cell, is non willing to dismiss the comport on of social media information though he categorically states that his political party never used whatever social media information procured without consent. "We have got such a large database of our members. We don't demand Facebook information together with nosotros don't indulge inward unethical practices," he says. Malviya, however, confirms that the BJP extensively uses social media platforms to promote the party's vision together with achievements together with the volume of engagements has been steadily growing. He also seeks to dismiss the Congress's allegation nearly misuse of information of the users of the NaMo app, maxim that the information is beingness used for analytics using a 3rd political party service, similar to Google Analytics. "The information is inward no way stored or used past times the 3rd political party services. Analytics together with processing on the information is done for offering users the most contextual content. It enables a unique, personalised sense according to a person's interests. H5N1 soul who looks upwards content related to agriculture volition acquire agriculture related content prominently," he explains.
While Malviya justifies profiling for 'contextual content', cyber safety proficient Subimal Bhattacharjee believes such databases stay tools for misuse. "The primary intent behind quest for hence much access is to create a profile. So, from a user's dot of view, the less access he or she gives, the better," says Bhattacharjee.
Pitroda sees a sinister pattern inward such analysis together with customisation of messaging. "It's done to influence the likes together with dislikes of an individual. For instance, some nasty comments nearly Sai Baba volition locomote deliberately attributed to an private or a political party together with those volition locomote sent to someone who worships Sai Baba. The operate is to provoke the private against that party," says Pitroda.
While political parties have got launched a no-holds-barred state of war to gain the upper paw on social media platforms, the Election Commission is soundless playing catch-up. H5N1 14-member panel laid past times the EC inward Jan to study how social media together with other digital platforms are used ahead of polls may submit its study alone inward April. It agency the recommendations are unlikely to locomote implemented during the assembly elections scheduled this year-Karnataka inward May, together with Rajasthan, Madhya Pradesh, Chhattisgarh together with Mizoram later this year. Despite the importance of authentic poll-related information reaching the masses, the EC made its debut on Facebook together with YouTube alone inward January. The EC had express presence on these ii platforms-it had a Facebook page titled Republic of Republic of India Votes for overseas voters since concluding yr together with some preparation capsules were uploaded on YouTube. The commission, however, has ruled out its presence on Twitter inward the nigh hereafter owing to "certain reasons".
How prophylactic is your digital footprint?
Whether information sourced from social media together with mobile apps is electorally meaning or not, CA's Facebook exploits together with revelations nearly the NaMo app have got made it clear that personal information digitally stored on whatever platform-including the 'much protected' Aadhaar-is opened upwards to misuse. India's biometric ID programme, Aadhaar, alongside over 1.1 billion users, is the world's biggest database.
On March 23, Karan Saini, a New Delhi-based safety researcher, claimed to have got discovered a information leak on a system-run past times a state-owned utility fellowship that uses the Aadhaar database for verification-that tin allow anyone to download private information of all Aadhaar cardholders, such equally the 12-digit biometric-based unique identification number, telephone numbers, services they are connected to together with depository fiscal establishment details. Saini's revelation came a hateful solar daytime after Ajay Bhushan Pandey, principal executive officeholder of the Unique Identification Authority of Republic of Republic of India (UIDAI), the nodal agency for Aadhaar, had told the Supreme Court that Aadhaar information was encrypted hence good that it would pick out fifty-fifty the most powerful reckoner fourth dimension equal to "the historic menses of the universe" to pause a unmarried key.
But equally cyber safety police proficient Pavan Duggal points out, the threat arises non alone from Aadhaar's key server but multiple agencies using its data, equally was inward the illustration Saini discovered. "Aadhaar is a mandatory ecosystem inward which several private players are also involved," he says, lamenting that strict information protection measures are oftentimes non followed past times these players.
"The employment alongside platforms such equally Aadhaar together with Facebook is that these are huge centralised databases together with whatever breach at whatever dot compromises the entire data. The breach tin locomote on at whatever point, correct from the photocopy of your Aadhaar card," says Pranesh Prakash, policy managing director at the Centre for Internet together with Society.
Attempting to dismiss Saini's claims, the UIDAI resorted to a foreign argument. "If i goes past times the logic of the story, since the utility company's database also had depository fiscal establishment line of piece of work organisation human relationship numbers of its customers, would that hateful that all Indian banks' databases have got been breached? The respond would land locomote negative." What the UIDAI authorization fails to recognise hither is that the Aadhaar cardholders did non volunteer to brand their depository fiscal establishment line of piece of work organisation human relationship details populace without consent.
The Congress, which had initiated the Aadhaar project, has been critical of the Modi government's treatment of privacy issues related to it. "PM Modi's observe for privacy was seen when the authorities vehemently opposed the correct to privacy inward the Supreme Court," says Congress leader Abhishek Manu Singhvi. "The attorney full general has told the courtroom that Aadhaar is prophylactic together with secure because it is behind thirteen feet high together with 5 feet thick walls."
Singhvi labelled the Modi dispensation equally a dismissive government, which follows the policy of shooting the messenger together with ignoring the message. "One journalist showed how Aadhaar information of 10 i one 1000 thousand people could locomote procured inside 10 minutes for simply Rs 500. An FIR was filed against her. Two safety experts have got late pointed out Aadhaar information leakage. But the government, instead of taking note, is busy dismissing such complaints."
The Union authorities may have got ignored the Aadhaar breach, but it sent out a harsh message to Facebook over the CA leak. Union government minister for police & jurist together with information technology Ravi Shankar Prasad threatened to summon Facebook CEO Mark Zuckerberg to Republic of Republic of India (see interview). Within 24 hours of the remark, Zuckerberg said inward an interview: "There's a large election inward Brazil. There are large elections some the world, together with you lot tin bet nosotros are genuinely committed to doing everything that nosotros demand to, to brand sure that the integrity of those elections on Facebook is secured."
In the event, it was commerce rather than threats that pushed Facebook. Within a week, Facebook's marketplace value shrunk 8 per cent, according to media reports. On March 24, Facebook published full-page paper ads, apologising for the CA scandal together with vowed to secure its database inward the future. "This was a breach of trust, together with I'm sorry nosotros didn't do to a greater extent than at the time. We're similar a shot taking steps to brand sure this doesn't locomote on again," the ads read.
In an email response, a Facebook spokesperson told india today: "We are investigating all apps that had access to large amounts of information before nosotros changed our platform to dramatically cut information access inward 2014, together with nosotros volition conduct a total audit of whatever app alongside suspicious activity. While our internal together with external reviews are soundless ongoing, nosotros stay strongly committed to protecting people's information together with announced some of import steps for the hereafter of our platform, together with these involve taking activeness on potential past times abuse together with putting stronger protections inward house to foreclose hereafter abuse." The social media giant also said it would inform people whose profiles have got been compromised past times whatever app. It volition also launch Facebook's põrnikas bounty programme to vantage people who spot vulnerabilities. But are such assurances plenty to secure digital footprints of individuals inward the cyberspace era, where spider web trackers such equally Google Analytics tin line every click on the browser? Republic of Republic of India is the 5th most vulnerable province for cyber safety breaches, according to the Internal Security Threat Report of 2017 past times Symantec. Not simply political snooping. There are other forms of information theft, primarily past times corporates or hackers for marketing campaigns or for a goodness bargain.
For instance, inward May 2017, a information breach at the nutrient delivery app, Zomato, led to personal information of nearly 17 i one 1000 thousand users beingness stolen together with position upwards for sale on the Darknet. The fellowship had to negotiate alongside the hacker to acquire it taken down. Hackers stole information from 57 i one 1000 thousand Uber riders together with drivers. Uber paid them $100,000 to locomote along the breach a secret. "The most mutual practise is the rampant access to telephone telephone particular records of our mobile phones," says Anand. "Asking how prophylactic is our privacy inward the digital Blue Planet is similar quest if a human trunk volition locomote prophylactic on the street," says Prakash.
Experts unanimously demand a strict together with robust information protection police that covers both authorities together with non-government data. Duggal says the authorities must pick out the Facebook fiasco equally a wake-up telephone telephone together with amend the Information Technology Act, 2000, to include a comprehensive subdivision for information protection. "More than simply a law, in that location should locomote adequate parameters for implementation," he says. Bhattacharjee adds that subdivision 43, 43A together with 72A of the information technology Act are non plenty to handle alongside the emerging environment.
India tin also acquire from the General Data Protection Regulation (GDPR), which is scheduled to come upwards into upshot inward 28 fellow member states of the European Union from May 25. The European Parliament adopted GDPR inward Apr 2016, replacing an outdated information protection directive from 1995. It carries provisions that require businesses to protect the personal information together with privacy of European Union citizens for transactions that occur inside European Union fellow member states. The GDPR also regulates the exportation of personal information exterior the EU. The types of information that GDPR seeks include basic identity information, such equally name, address together with ID number; spider web information such equally location, IP address, cookie information together with RFID tag; wellness together with genetic data; biometric data; racial or ethnic data; political persuasion together with sexual orientation. In the context of the CA scandal, the protection of political opinions becomes real relevant inward India.
Apart from the law, awareness nearly information protection needs to a greater extent than attention, say most experts. There is ever a long listing of damage together with weather condition for whatever sort of cyberspace services together with mobile applications that a soul subscribes to. Most people ignore the fine print, allowing the service providers to portion personal information alongside 3rd political party vendors. Often, the damage together with weather condition are changed without taking consent of the users, simply equally the fine impress of the NaMo app was changed. Some applications fifty-fifty extract information without permission. For instance, if a soul downloads Truecaller, it gets access to all the telephone numbers stored inward that handset. "I haven't downloaded Truecaller, yet my number together with email are available to it," says Prakash.
The novel deed must non alone plug such loopholes but also protect personal information from beingness misused past times authorities authorities. Congress president Rahul Gandhi has claimed the prime number government minister misused information of NCC cadets to range out to them ahead of the 2019 polls. There is also a demand to define what is personal data. H5N1 landline number was available inward the populace domain inward the flat of a directory, but a mobile number is considered private.
Experts say a strong autonomous regulatory trunk must locomote formed for the safekeeping of data, together with the authorities must locomote held accountable for whatever leakage. Prakash is non hopeful the nine-member Committee of Experts headed past times Justice B.N. Srikrishna volition advise provisions that convey the authorities nether the ambit of information protection laws equally 5 of the nine members are from authorities departments, including the caput of UIDAI together with the National Cyber Security Coordinator.
The government's mental attitude towards information protection was also evident when National Cyber Security Coordinator Gulshan Rai late said that he avoided network banking equally deterrence against banking frauds. His declaration was a major embarrassment for the Modi government, which has been promoting digital transactions. Rai may have got a ameliorate thought nearly the government's competence to struggle information theft-in 2015-16, Republic of Republic of India spent Rs 68.2 crore on cyber safety spell the USA spent $28 billion (Rs 1.8 lakh crore) during the same period. Till the authorities gets its deed together, the alone way frontward for the private digital consumer is to maintain basic digital hygiene, such equally non posting personal information, going through the fine impress before giving access to apps together with using virtual private networks. That's what cyber experts telephone telephone the T-shirt rule-don't let on on the cyberspace what you lot can't impress on your T-shirt.
Buat lebih berguna, kongsi:
