B. N. Srikrishna, a former Supreme Court judge is heading an effort to draft new data privacy laws for India that are to regulate the operations of tech companies in the nation. India is the biggest market for Facebook, and hosts potential for numerous other tech firms, being 1.3 billion populous.
The committee led by Srikrishna will submit the draft to the government this week. 77-year old Srikrishna is a man of many colors, reciting Shakespeare and Sanskrit equally well. His job may end right after the submission, but he is aware that debates will begin right from there.
His team holds the ambition to modernize the country’s regulations regarding online communications. The government’s acceptance and issuing of this bill can turn out to be a historical mark for the country’s progress.
India has accelerated from a ‘bail gaadi’ (Hindi expression for ‘ox cart) economy to a silicon-chip economy. But privacy and data regulation rules are still far behind. – B. N. Srikrishna, former Supreme Court judge
According to Counterpoint Research, India had about 25 million smartphone users in 2012 and about 370 million at the end of 2017! This clear difference alone resembles how the country is emerging as an exclusive market for present and future technologies.
Another of the most significant marks of India settling down in the digital world is the introduction and usage of Aadhaar. It is a most ambitious biometric identity system developed by the government, assigning unique 12-digit identification numbers to 1.1 billion users, and registering their fingerprints, iris scans, and demographic details. The data is now used across every necessity to maintain governmental obligation, ranging from taxes and bankings, to even registrations with online wallets to pay bills for electricity etc.
But a data-flood like this and the draught of regulation do not go well together. It has raised concerns among citizen groups and privacy activists, which has been further worsened by government practices.
Srikanth Nadhamuni, CEO of startup Khosla Labs, and former CTO for Aadhaar said: “Data-poor India is rapidly becoming a data-rich economy so having a data protection law is critical.”
Srikrishna plans to take the middle road between Europe’s recently imposed strict GDPR and the American liberal approach. His team of 10 members, consisting of government officials and academics, is presently furnishing the finishing touch to the bill. It will go for parliament approval to be legislated.
Foreign companies and hundreds of startups are into processing user data of Indian users without protection. Personal information is collected so that tech firms can provide the best possible experience, and Srikrishna’s framework would have the saddle on this collection.
The bill, if and when enacted, is to define fair usage, and whether or which tech firms can transfer data across borders. It will additionally elaborate on enforcing accountability and penalties for violations. Furthermore, it will establish on users accessing and controlling their respective data, much like with EU’s GDPR.
Srikrishna voices: “Like we keep diabetes and blood pressure in check, controls are needed for data. Companies like Amazon, Google, Microsoft, and Flipkart are extremely nervous.” Google declined to comment, and Facebook didn’t respond to an email asking for comment.
India had no culture of privacy before, and only last year the Supreme Court ruled that privacy is a fundamental right. Srikrishna is humorous: “Should we then have pictograph warnings for consent, like they have on cigarette packs?”
He believes that an average Indian is not knowledgeable enough on how much data they generate or how it is being used. He points out that a consent form in a foreign language like English is not enough in a country having almost two dozens of official languages, hundreds of other languages, and low-literacy.
Indians may not have a history of privacy, but how later or better time and draft can it be than this for a start?