The sins and virtues of data privacy — Experts discuss where the responsibility lies
- The ‘sins’ and ‘virtues’ of data privacy shared by the
Data Security Council of India(DSCI) on Data Privacy Day 2020include the importance of transparency and consent.
- Subex, SAP and
Blazeclan Technologiesshared their thoughts on the responsibility of companies towards consumer data safety with Business Insider India.
- They feel that data breaches are becoming more common and that
cybersecurityis becoming more complex with the implications of data localisation.
When you wake in the morning, you check your smartphone. Once you’re in your car, you turn on your GPS. In the office, you’re logging onto your laptop, replying to emails, and logging into Google Meets or Microsoft Teams for meetings. When it’s time for lunch, there are days you’re ordering food using an online delivery app.
With so much data in the fray, the Data Security Council of India (DSCI) — not-for-profit arm of NASSCOM created to address data protection— has shared the ‘sins’ and ‘virtues’ of privacy when it comes to users data.
"Privacy is everyone’s responsibility and we need to create a conducive environment which safeguards personal data of one and all. Having a dedicated day to celebrate privacy globally lends further impetus to the larger objective of privacy awareness and helps bring user-centric attention to managing personal data," said Rama Vedashree, CEO of DSCI.
Smartphones are constantly by our side and play a major role in society. They’ve replaced calculators, cameras and physical books. So much so, that a mobile number is akin to identity, according to
"Most of the digital growth is fueled by the curious and intelligent human society. This has increased the vulnerability of human society much more than what it was in the past. It is not uncommon that a week goes by without hearing a story of an account compromise around us," he told Business Insider India.
Data breaches are becoming more common. News of malware like Pegasus that can allow hackers to access your devices without your knowledge has users wondering how to best protect themselves. In addition, there are concerns about data localisation. Advocates argue that it will help implement data privacy laws more effectively while global firms feel data will be more vulnerable if it’s all in one place.
Co-founder and CEO of Blazeclan Technologies Varoon Rajani divulged that it’s not only users but providers that are also trying to navigate new territory.
"The concern of data breach and data localisation is alarming and has put the providers in a fix. It is imperative for stakeholders in the area to identify and understand the risks inherent to digitization, public networks and outsourcing of infrastructure components first hand," he told us.
Companies need to find the balance to ensure user trust — and size doesn’t matter
When it comes to managing data privacy, companies need to find a balance between transparency and customer confidence.
"We need organisations that are more sensitive and proactive to secure their customers. This will be the one thing that will enable businesses to achieve their growth aspirations," said Roddam.
Regardless of how big or small a company may be, they’re still managing large quantities of data. According to Dell’s Global Data Protection Index, nearly 47% of Indian businesses monetize data — higher than the global average of 36%. However, nearly 71% of companies reported that they weren’t able to find adequate data protection options in the market.
"Enterprises manage large quantities of sensitive data on their employees, customers, and other stakeholders. It becomes crucial to employ extensive security measures to protect against the loss, misuse, and unauthorized alteration of data," Lovneesh Chanana, vice president of digital governments APAC at SAP, told Business Insider.
Even so, cybersecurity is changing rapidly. Threats continue to evolve at-par, if not faster than cyber intelligence can keep up. Old methods like trojans are still rampant with new threats like phishing attacks, webcam blackmail, and deepfakes ramping up.
"Businesses, both global giants and SMEs, are emphasizing on cybersecurity budgets, with over 50% of companies focusing on investment into cloud security and setting up data centres within the country," said Rajani
India’s Personal Data Protection Bill is currently in process of being finalised but until there are official regulations, it’s up to users to be responsible for their own data — but also to stand up for their rights when asking for redressal measures against data breaches and violations of privacy.
Meanwhile, companies too should do their best to adhere to the ‘sins’ and ‘virtues’ of data privacy.
Here's how to keep your phone from getting hacked like Jeff Bezos, according to a cybersecurity expert
Indian companies know how to sell data but not how to protect it
Here's why you shouldn't sell your face — even if a company pays you ₹9 million