Architecture for privacy
(The Indian Express)
Synoptic line: It throws light on issue of the delayed drafting of Cauvery scheme.
(GS paper II)
- Recently the Centre informed the Supreme Court about its inability to frame the Cauvery draft water-sharing scheme within the May 3 deadline given by the apex court. On April 9, the Supreme Court had categorically directed the Centre to frame the draft Cauvery scheme by May 3rd and prove its bonafide resolve to end the 200-year-old dispute between the Poll bound state Karnataka and Tamil Nadu.
- The centre provided excuse that- it was extremely reluctant to take a decision which could have electoral repercussions in Karnataka, which goes to the polls on May 12, is well known. But the Attorney General’s explanation that the draft scheme could not be readied because the Prime Minister and other ministers were busy “travelling” in Karnataka is laughable.
- The Centre has cut a sorry figure by admitting in court that its leaders are too preoccupied with an election campaign to fulfil a court directive one over which it could be punished for contempt. A senior advocate for Tamil Nadu, lashed out at the Centre, accusing them of a “brazen attitude” and “playing politics” to favour the party’s fortune in the State, instead of governance.
- However, there are several reasons why the Centre’s stand is legally untenable and morally wrong. First and foremost, the framing of a scheme to implement a river water tribunal’s award is the Centre’s statutory obligation, and it is not open to the government to weigh its political or electoral implications in the face of such a deadline.
- Besides, the plea that the Prime Minister and the Union Minister concerned were unavailable is questionable- a day before the submission was made, the Cabinet had met and announced important decisions.
- In its verdict on February 16, 2018, the apex court granted six weeks’ time to the Centre for framing the scheme. It added for good measure that no extension of time would be granted on any ground. Yet, on the eve of the expiry of the deadline, the Union government chose to file an application seeking three more months.
- Tamil Nadu filed a contempt petition. In its application for more time, the Centre had mentioned that it had convened a meeting of representatives of the four States and had also cited the differences of opinion among the States over the composition of the proposed mechanism.
- There was at least a ring of truth to this, given that consulting the parties over the composition of the scheme was necessary to frame it. Even then, the Supreme Court was unimpressed; it had asked the Centre to prove its bona fides by submitting a draft scheme on May 3.
- The Centre’s attitude suggesting that it hopes to persuade the court that a degree of political expediency in the light of the election is normal and acceptable. However, Prime Minister’s preoccupation with the campaign is bound to raise questions about its commitment to impartial governance and its disdain for judicial order.
Question –Citing the Karnataka poll to delay the Cauvery scheme is a poor excuse; explain how governance is more important than the government?
Architecture for privacy
(The Indian Express)
Synoptic line: It throws light on the issue of data protection framework.
(GS paper III)
- India can be considered as predominantly pre-privacy society to one in which privacy protection in digital databases has emerged as a major national concern. In this context Supreme Court judgment on the right to privacy, has made it abundantly clear that privacy protection is imperative, and any fatalistic post-privacy world-view is untenable.
- Informational self-determination and the autonomy of an individual in controlling the usage of personal data have emerged as central themes across the privacy judgment.
Digital services in India
- India on the one hand, need to have stricter provisions than the sector-specific standards in the US, where not only are identity theft rates unacceptably high, but also from where some of the world’s largest corporate panopticons like Google and Facebook have grown more or less unchecked.
- While, on the other hand, India should ideally have a more innovation-friendly setup than what the European General Data Protection Regulation (GDPR) can offer, which perhaps is unduly restrictive but is unlikely to be commensurately effective. Moreover, our designs need to be especially sensitive to our large under-privileged population, which may not have the necessary cultural capital to deal with overly complex digital setups.
- Recording transactions with a digital identity projects an individual into a data space, and any subsequent loss of privacy can happen only through the data pathway. Hence data protection is central to privacy protection insofar as databases are concerned.
- The critical challenge in the design of a data protection framework is that the main uses of digitisation long-term record keeping and data analysis are seemingly contradictory to the privacy protection requirements.
- The most common fear of digitisation is that of mass surveillance. Databases linked by unique identities can possibly create an infrastructure for totalitarian observation of citizens’ activities across different domains.
- The mere existence of such infrastructure, if unrestricted, can potentially disturb the balance of power between the citizens and the state, stifle dissent and be a threat to civil liberty and democracy. (Several commentators have used cliched metaphors like the Orwellian big brother or panopticon to describe the situation.)
- A more common and subtle manner of erosion of privacy is by the way of losing control of informational self-determination both to the state and to other seemingly mysterious, uncaring and opaque bureaucracies. ‘Kafkaesque’ is an appropriate metaphor that has sometimes been used to describe the situation.
- Not only can personal information leach out and be used by unpredictable entities in unpredictable ways, but one can also be misprofiled, wrongly assessed or even influenced using out-of-context data, without being able to control such actions or sometimes even being aware of them. Indiscriminate or unethical use of machine learning can also lead to profiling and privacy violations whose consequences are not immediately obvious.
- When participation is voluntary, privacy self-management through notice and informed consent; collection, purpose and storage limitation; transparency; and individual participation through opt-in and opt-out has been advocated as foundational principles for privacy protection. However, notice and consent are usually ineffective, because of information over- load, choice limitation and consent fatigue, as is often demonstrated by the customary negligent clicking of “I Agree”.
- Effective data protection in India will require a strong regulatory framework with a hierarchy of data regulators that can protect our basic rights irrespective of our understanding of complex digital setups and levels of consent.
- Also, any solution that is solely based on detection of privacy violations and subsequent punitive actions is unlikely to be effective, mainly because the causal effects of privacy violations, especially of the Kafkaesque types, cannot be easily and immediately determined. What is required is an online architectural solution that prevents privacy invasions in the first place.
- The data regulators require independent authority, and also need to actively participate in the data protection architecture. There’s need of an effective and rights-based data protection law, and the will to build the required regulatory capacity.
Question –Explain why data protection requires a strong regulatory framework, with a hierarchy of regulators to protect the basic rights. Also mention how an online architectural solution that prevents privacy invasions in the first place is necessary.