We, in India, are really at a very primitive stage of all that is associated with Internet and information technology. So nobody bothers about privacy and personal data. Even the government, sometimes, appears shameless in its forced data collection and allowing ‘for profit’ entities to grow their business with that data. Here is something from Europe that should make those in power act fast and protect Indian citizens in cyberspace.
Under the European Union Data Protection Act, every European citizen has a right to seek all data stored by a service-provider. One Judith Duportail decided to procure such data from the dating app Tinder with the help from a privacy activist and a lawyer. “Some 800 pages came back containing information such as my Facebook ‘likes’, links to where my Instagram photos would have been had I not previously deleted the associated account, my education, the age-rank of men I was interested in, how many Facebook friends I had, when and where every online conversation with every single one of my matches happened… the list goes on,” she says in an article in The Guardian
). “As I flicked through page after page of my data, I felt guilty,” Ms Duportail says, adding, “I was amazed by how much information I was voluntarily disclosing: from locations, interests and jobs, to pictures, music tastes and what I liked to eat. But I quickly realised I was not the only one.”
She is right and Tinder is not the only app or service that is amassing data from users. Everybody does this. In fact, data collection and surveillance is fast becoming a million-dollar business on the Internet. Luke Stark, a digital technology sociologist at Dartmouth University, told Ms Duportail that she was lured into giving away all this information. He said, “Apps such as Tinder are taking advantage of a simple emotional phenomenon; we cannot feel data. This is why seeing everything printed strikes you. We are physical creatures. We need materiality.”
This is the real danger, especially for a country like India that has an unwanted ‘openness’ about sharing everything on the Internet under the pretext of ‘I don’t have anything to hide so why should I not share it’. The same set of people, however, may turn hostile when somebody uses their own data to defraud them.
I have seen people happily sharing their mobile numbers and other such details on social media. In many banking frauds, especially, over phone, the victims always claim that the caller had all their information, like card number, full name, and address and just wanted to know the ‘one time passcode’ (OTP) to ‘upgrade’ their card or give ‘some benefits’. Nobody even thinks about how the caller had access to all their information which they may have shared somewhere.
Another ‘business’ model followed by cyber-criminals is to hack all information or data from a website, especially a government one, and then sell it in ‘darknet’ (chor bazaar
of the Internet). Seqrite’s Cyber Intelligence Labs and its partner, seQtree InfoServices recently found an advertisement over darknet that promised access to the servers and database dump of several Indian websites, including Unique Identification Authority of India (UIDAI), for about $61,500. The seller was offering for a price a client database, including username, email IDs, passwords, organisation name, billing documents and control range of Internet protocol (IP) addresses which can shut down website of the organisation. This was real. (https://goo.gl/iSWUJP
The Indian government reacted very typically. It denied that there was any data leak from any of the organisations!
No wonder, there is hardly any action from the government to safeguard citizens before any mishap. Only a dynamic and proactive policy that is can really protect citizens from the dangerous cyberworld.
As Ms Duportail, rightly, pointed out, as a typical user constantly glued to mobile phones, all our virtual lives are being fully merged with real lives. There will be no difference, unless you, as a user (protecting your own rights and privacy) and the government (with comprehensive policy) act now.