Data Protection without
Data Privacy ?
--------------------------------------------
How will that happen ?
Over the past 4 / 5 days , there is a
debate raging around the UIDAI filing a
FIR against a whistle-blower journalist of TRIBUNE
, who found out a chink in the armour of UIDAI
He found that , for a small payment of Rs 500 to some low-level functionary in the
vast UIDAI machinery ( running into
thousands of data-processors / handlers , spread all over India ), one can
access the Aadhar Database !
According to TRIBUNE report, there were
about 100,000 illegal users and that the
unauthorised may have started 6 months ago
! It has offered all help to UIDAI
, which has in the meantime , taken following precautions :
·
Restricted the access of all designated officials – numbering about 5,000 – to the Aadhar Portal , only by
entering the biometric of the person whose details were sought to be verified (
- just entering the 12 digit unique identity number , will no more suffice )
·
Under the new system , access needs to be authenticated by the
fingerprint of the Aadhar holder and the data available will be restricted to
that person
·
Moved to banks / post offices, centres of 4,000
PRIVATE OPERATORS and started work on shifting of another 26,000 PRIVATE OPERATORS to these ( presumably ) SAFE PREMISES
=======================================================
In the meantime , Justice BN Srikrishna ( who heads an expert
committee for framing a draft DATA PROTECTION
LAW ) says :
·
His panel is NOT examining how Aadhar works . Supreme Court is looking
into it
·
·
Data Privacy across the country is NOT a problem as such but Data Protection is
·
·
HOW the data is collected
, either by consent or without consent , WHAT will be its implications and HOW do we protect it, these are the issues
·
Protection means it is YOUR data, YOU
have the RIGHT to say for WHAT purpose
it is being collected, WHAT it is being used
for and WHEN
will YOU destroy it
I am glad that the Expert Committee , found time to read my following E Mails – and accepted ( - could
be reluctantly ! ) , my contention that it is getting almost IMPOSSIBLE to
prevent internet connected devices ( starting with smart phones ) , to collect / harvest , a user’s PRIVATE DATA
As far as that matter of CONSENT is concerned , all those devices will
warn you when you switch on :
“ BY USING THIS DEVICE , YOU ARE AGREEING TO OUR COLLECTING ANY / ALL
DATA ABOUT YOU AND ALSO ALLOWING US TO USE IT
FOR WHATEVER PURPOSE WE THINK FIT “
Privacy
? What is that ? [ 04
May 2017 ]
No comments:
Post a Comment