Current Public Administration Magazine (March - 2017) - Data security and Right to privacy

Sample Material of Current Public Administration Magazine

Polity And Governance Issues

Data security and Right to privacy

While the Supreme Court had earlier directed that no one should be denied state benefits for lack of Aadhaar, which is a voluntary identity document, Chief Justice of India J.S. Khehar has observed that the government can insist on Aadhaar if benefit is not anticipated. In his example, Aadhaar can be mandatory for opening a bank account but not for receiving pension into it. Aadhaar can now be made mandatory for all financial transactions, including taxes, property transactions and investments, in the government’s efforts to contain black money. This brings clarity on a contentious issue and the government can now go ahead and make Aadhaar the axis of the financial system.

The issue of privacy, at the heart of the Aadhaar controversy, remains unaddressed, for now. The apex court is disinterested in clubbing the multiple PILs challenging Aadhaar, or fast-tracking the process on the prosecution’s plea that the government is imposing deadlines for Aadhaar compliance on various fronts. The court believes that interim orders will solve nothing, and that disposal of the case by a seven-judge bench is the outcome to be sought. The delay implicit in setting aside a large number of judges is the cost that must be borne.

The privacy issues bedeviling Aadhaar have been widely discussed, to the extent that perhaps it would be useful to reduce them to the bare essentials. Aadhaar consists of a biometric database over which, legally, only a single query is permitted to run. It asks, “Is this person who he or she claims to be?” By itself, this is an innocuous validation and does not involve the violation of privacy. But when the database is connected to other data sets such as financials, medical records or employment histories, privacy concerns can arise. Altering the design of the database and the queries allowed to run on it would have the same effect, and the security of data in transmission can be insecure. When such concerns were first raised, the government had offered technical assurances — its data is stored in unbreakable silos. However, data must be secured by law, apart from technology. Simple questions need to be addressed. Who is authorised to collect, store and transmit data? Who can edit queries or redesign the database, or make connections to it? What penalties would a breach attract? Such issues should not be addressed by multiple legislation, as they are now, by the IT Act of 2000 and the rules of 2011. For general acceptance, Aadhaar must be secured by a single, unified data protection law with exemplary penalties, as in the European Union.

Get this magazine (Current Public Administration) free if you purchase our any of the below courses:

Public Administration Online Coaching / Study Kit

<< Go Back to Main Page