The long-awaited the Personal Data Protection Bill, 2019, was tabled in Lok Sabha during the winter session of Parliament. It was then eferred to a joint committee, to be headed by BJP’s Meenakshi Lekhi.
The Bill was long overdue and for a government known to be sensitive to the national security concerns, the delay was a sign of concern. As a student of warfare and a concerned citizen that has long studied the impact of new age technologies that will impact war craft in the information age, the sequence of events that led to this Bill was itself disturbing.
The very fact that this Bill was a fallout of the Puttaswamy judgement, which declared privacy as a fundamental right and not a direct fallout of the Edward Snowden revelations that bought to light the global surveillance architecture, was enlightening, and a tad disappointing in the way matters of national security are dealt with by the nation.
Other nations around the world including western allies had strongly protested while the Indian state responded with resounding silence. To its credit, the Modi 1.0 government had initially protested after winning the elections of 2014, but the actions after that displayed a shocking lack of appreciation of the national security intricacies of the information age. Wading into a slew of policy initiatives, such as massive increase in usage of Aadhar, Digital India, smart cities, promotion of cashless economy without even a privacy law displayed strategic naïveté. History will record that while addressing his first Combined Commanders Conference, Prime Minister Narendra Modi asked the top most military commanders of the nation to concentrate on cyber security.
The only initiative that resulted from this — the attempt by the Northern Command of the army to indigenise their ICT networks — met with stiff opposition from entrenched lobbies in both the military and the government.
That the indigenisation attempt by the Northern Command was reversed a full three years later and the Network for Spectrum was built on CISCO routers post the Snowden Revelations, will rank as a failure of the military leadership and its professional competence. The importance of data, the Cambridge Analytica scandal and the global backlash on Big Tech and the hypocrisy of the US when it came to Huawei and 5G, finally bought overwhelming evidence on the need for indigenous ICT and data localisation. Elements within the ruling party and the larger political establishment started voicing the need for Data Sovereignty and the dangers of Data Colonisation. After getting cornered, the entrenched lobbies and officials in the government, who till then had vociferously defended their superior knowledge on cyber security and strategy, started coming out with an ingenious argument that they used foreign appliances and prevented indigenisation efforts only to protect the ITES industry.
This raises the following questions:
First, is the ITES industry an outcome of the wage differential that exists between India and the West, or is it a munificence given by the West so that India continues to allow unregulated data flows that undermine the privacy of its citizens and its national security?
Second, if the privacy (a fundamental right) of its citizens and its national security are secondary to the needs of the ITES industry, why is India creating a huge military apparatus and bureaucracy for defence of its cyber space?
Third, are public officials appointed for a specific purpose that is publicly stated, allowed to then secretly dilute their functions for the needs of an industry. Can't this lead to farcical situations? For instance, police officials condoning crimes with excuses such as prevailing social norms or political expediency.
These are important questions that need to be debated and not swept under the carpet. Privacy having become a fundamental right, certain basic steps need to be taken. (i) In India surveillance of citizens could, till date, be done by executive sanction, this has to change and any restriction on Privacy should only be by judicial warrant. ii) Sensitive data can be send abroad for processing based on consent is a worrying provision, as informed consent on the full implications of their actions is beyond the vast majority of the population. (iii) Violations of the provisions of the bill, if found to be by design/deliberate, should result in imprisonment of people responsible and not just fines.
Data in the information age is the biggest source of wealth creation and has enormous military potential. It can undermine the democratic process and undo the social cohesion of nations. India, with its vast diversities in ethnicities, religions, castes etc is especially vulnerable.
It is also central to the Digital Industrial Revolution. The largest of MNCs with unprecedented wealth and influence have spent enormous sums to influence the law in India. The nation needs to scrutinise and debate this law fully and should not push it through with no debate as has been the norm of late. The Indian Republic, since its founding made many strategic blunders, this is an instance where it can't afford to get it wrong. The survival of the nation and its future prosperity is dependent on it.
(Courtesy of Mail Today)