Public Administration Mains 2018 : Model Question and Answer - 86
(Public Administration Paper I / Chapter: Techniques of Administrative Improvement)
(Current Based) Question: Data protection needs a strong regulatory framework and hierarchy of regulators to protect basic privacy. Comment. (20 Marks/300 Words)
Model Answer:
The scholarly Supreme Court judgment on the right to privacy has made it abundantly clear that privacy protection is imperative.Informational self-determination and the autonomy of an individual in controlling the usage of personal data have emerged as central themes across the privacy judgment.
The critical challenge in the design of a data protection framework is that the main uses of digitisation — long-term record keeping and data analysis — are seemingly contradictory to the privacy protection requirements.The most common fear of digitisation is that of mass surveillance. Databases linked by unique identities can possibly create an infrastructure for totalitarian observation of citizens’ activities across different domains.
A more common and subtle manner of erosion of privacy is by the way of losing control of informational self-determination both to the state and to other seemingly mysterious, uncaring and opaque bureaucracies.
Effective data protection in India will require a strong regulatory framework with a hierarchy of data regulators that can protect our basic rights irrespective of our understanding of complex digital setups and levels of consent. Also, any solution that is solely based on detection of privacy violations and subsequent Not only do the data regulators require independent authority, but they also need to actively participate in the data protection architecture. Apart from determining the fairness of algorithms and use cases, they need to play two other main roles.
(a) The first should be to determine, and explicitly list out, authorisations for data access for various data processing functions based on a rights-based principle in addition to consent.
(b) The second role should be to ensure that data can be accessed only through audited, pre-approved and digitally signed computer programs after online authentication and verification of the authorisations presented. (Total Words- 292)
Valuable inputs from The Indian Express Opinion: ‘Architecture for Privacy’ by Subhashis Banerjee
(Linkages: Supreme Court and Right to Privacy Judgement, Digitalization and Data Protection, Data Protection and Regulatory Framework)