Data privacy has become the catchphrase of the 21st century. But what is data privacy? Data privacy is the proper administration of the available data. Administration of data means how the data is stored, who has access to the data, how and to whom the data is transferred to, if the owner of the data consents to the storage and transfer of their data.
Data protection laws basically regulate the administration of data. The most prominent data protection law is the General Data Protection Regulation (GDPR) passed by the European Parliament and the Council of the European Union in May 2018.
The Trump election campaign and the Brexit campaign made it to the news reasons involving data breach. Cambridge Analytica was the data analytics firm that worked with both these campaigns. Whistleblower confirmed that the firm was harvesting data from Facebook. This put the CEO of Facebook, Mark Zuckerberg before the US Congress.
The giants of the world such as Facebook, Google, Twitter, Amazon, and several others are profiting from data available on the internet. Data privacy is the administration of data. How do these giants actually administer data? Do we know where our data is actually stored? Do we know who has access to our data?
The American people did not obviously consent to the use of their data for the election campaign, so how did Cambridge Analytica make use of their data? These giants provide their services free or at a bare minimum cost. But what is the consequence of such services? The theft and misuse of our data. This is where data protection and data privacy come into play. With the rapid growth of the internet, several countries have passed or upgraded their data protection laws.
To understand data protection laws in India let us first examine the privacy law in India. The Constitution of India does not grant the right to privacy as a Fundamental Right. However, the courts have observed it to be an extension of the existing Fundamental Right to freedom of speech and expression guaranteed under Article 19 of the Constitution of India.
In the most recent landmark judgment, K.S. Puttaswamy (Retd.) v. Union of India, the Apex Court held that the right to privacy is an essential element of the right to live with dignity protected under Article 21 of the Constitution of India. The nine-judge bench noted that privacy has both a normative and description function. The court laid down the various connotations of privacy as follows:
i) Spatial control, that is the creation of personal spaces.
ii) Decisional autonomy, that is, making intimate personal choices.
iii) Informational control, that is, personal control over information pertaining to the person.
Emphasis was placed on the European data protection regimes and it was observed that data protection regimes seek to protect the autonomy of the individual. During the course of the proceedings, a committee was formed to understand the nuances of data protection. A draft bill on data protection was to be suggested.
It is now established that the right to privacy is a fundamental right. Data privacy is the policies, regimes formulated to ensure the privacy of the owner of the data. Data protection is the tools and mechanisms implemented to comply with the data privacy laws and regulations.
After the pronouncement of the Puttaswamy judgment as mentioned above, every person has the right privacy which in any circumstance cannot be taken away from him or her. Therefore, when one person entrusts their data with a company, the company has the duty to ensure the protection of the data and the person has the right to know how their data is being administered.
This data may be financial or health-related or any other sensitive matter. Companies that administer possess data, in certain cases, sell this data for a profit. This was seen in the Trump election campaign as mentioned earlier.
Facebook made huge profits partnering with Cambridge Analytica. While the Facebook fiasco was happening, Google was facing similar problems. Sundar Pichai, the CEO of Google was to testify before the US Congress. After this story surfaced, Google shut down consumer access to Google+ until it complies with all necessary privacy regulations.
In India, due to the faulty data administration of SBI, several million customers’ data was exposed and compromised. In the healthcare sector, several crores worth data were exposed due to faulty protection data. Finance and health-related data is very sensitive and require additional protection. The ads that appear on your social media feed is also based on the data you feed into it.
In conclusion, it has to be noted that data privacy and protection are very significant in today’s day and age. Data can be exposed and misused. One has to make a cautious decision while entrusting data with a company. Protect your right to privacy!
Also, read Top 5 ways to secure your data online
Looking for a reliable solution to store and secure your data? Try DCirrus