Most people must have become familiar with the controversy around WhatsApp’s privacy policy. I say this keeping in mind how many people are jumping ship to Telegram and Signal. Although we’ve increasingly become hostage to Big Tech, it appears we still have some dignity we haven’t sold away for likes and hearts and do care for personal data protection.
Great Thinker Zuckerburg’s notoriety with data privacy is legendary. With him, no attention is bad attention. His comfort with controversy puts the contestants on Big Boss to shame. Naturally, he would be alright with the growing stains on his company’s image, even if he does express the token protest before Senates and Parliaments. Go fast and break things, indeed.
Facebook has the illustrious reputation of being as cavalier about their users’ data and privacy as I am about pens. In that, I don’t care where I put them or who uses them. See any similarities? Cambridge Analytica was only a trailer. Picture toh abhi baaki hai mere dost. The brazen demand for increased volumes of personal data is not surprising. It is a trend much like the tutorial before the actual gameplay begins.
Personal data protection has been a pressing concern for the last 5 years, at least. In typical white man fashion, Europe implemented the GDPR, demanding the world change their habits to suit a posse of countries half the size of an Indian state. And what did we, an emerging market of 1 billion, do? Why, we embodied the “Elephant”.
The government introduced the data protection bill at their leisure, in 2019. A bill which has more holes than a slice of cheese. Then, they gave more protection to the text of the bill, locking it away for over a year, than the personal data it was supposed to protect (holey though the protection was). And now, we, the Indian public, are breathing easy. We have a BILL. There is some random stack of paper gathering dust somewhere with the potential to protect us from a threat that has already begun to devour us whole. What impressive protective skills this government has displayed! The Z-Plus security for Mr. Ravi Shankar Prasad should take lessons. They should put away their guns in lockers, and allow the good minister to bask in the “potential” protection those guns might offer.
This WhatsApp instance only makes the problem urgent, which is why it has drawn the country’s collective attention. In their great wisdom, the incumbent Government of India thought, how can we take a billion data-illiterate people and Facebook’s data lust, and make this worse? So, they decided to use the text of the Personal Data Protection Bill as seat warmers for prime house seats to the growing train wreck that is the Indian regulatory landscape for data privacy.
Evidently, we refuse to move away from the flames until our backsides have caught fire. As the dominant methodology for governance, we evidently haven’t moved past the Neolithic age. Perhaps we should feed the PDP Bill to the same flames. Because that stack of paper appears to be absolutely useless otherwise. Makes one respect the power of the pen. I mean the pen used by the executives to sign the thing into law.
And really, what’s the hold up? It’s not like any single one of the debating MPs has an inkling of understanding about networks and data flows. Let’s face it, we’d get a more informed discussion from a roomful of five-year-olds than the current selection of parliamentary members. They’ve already watered down the provisions from 2018 to 2019. At the pace they’re going, even a paper tiger will look more daunting than the final draft. Unsurprising, if one considers the true audience of the Bill.
I’m never one to speculate seriously on the motivations of the political elite. Nevertheless, I am compelled to wonder what stops the PDP from becoming law. Let’s go by the rule of thumb for life – money rules all.
It’s safe to say that the PDP Bill makes sure companies never forget who owns the data they’re profiting from, ever again. Considering most of these companies get hives paying taxes, it follows they are deeply uncomfortable with anything that stunts their “wealth creation”. And the government did promise they would work for the welfare of “all” their citizens. Naturally, they would hesitate to undercut the interests of the corporate lobby. After all, the only person being discomfited is the dumb common man.
What’s more, the glorious history of law-making in this country demonstrates that we pass laws the way we lay infrastructure. We make the road, then immediately dig it because we forgot to lay the cables, then fill it up haphazard because who’s going to bother laying the road again? Same with laws.
We pass them full of loopholes, because what use is the legal and judicial system if we don’t give them house-sized loopholes to exploit. Then, once we’ve made a large enough mess that the people begin spilling onto the streets in protest, we make a grand production of revising the law. By this standard, we can safely pass the PDP Bill in its current form without worry of backlash for another decade. By then, the entire population would have been fleeced and their personal details sold twice over. We can worry about productive debate then.
Only, the genius of our political class has somehow reawakened its solicitousness toward the common man. In a miraculous display of “forward thinking”, the establishment has decided it will pioneer tech regulation for the world by introducing a framework for “non-personal” data. Because it wasn’t enough to fail with the one task they already had. Even better, such a framework doesn’t exist anywhere else in the world; maybe because it is NOT A PRIORITY. So, of course, the Indian State must make it one. This is the only way we can possibly justify our status as an international tech-hub. As a result, the people have no protection whatsoever – from personal data harvesting and from general cybercrimes. Now that’s how one should define success!
While the government has happily abdicated the responsibility for legislating in favor of the people’s wellbeing, the judiciary is like a naughty toddler seeing an opportunity to grab unattended candy. The courts are having a gala time doing exactly what they aren’t supposed to – legislating. With them, it’s like the Pepsi ad – “Pepsi thi, pi gaya” – there was a gap in regulations so we legislated. Kudos! We’ve successfully introduced separation of powers with Indian characteristics. This is how we will become a super power.
There is much to appreciate in India and immense amounts of untapped potential. We must recognize, however, that the potential remains untapped because we insist on finding novels ways of becoming inefficient and obsolete in the development of our regulatory landscape. Our innovation is channeled entirely into procrastinating at our own expense. The Personal Data Protection Bill should long have been discussed, amended, and passed into law. We always revise our old laws. It’s practically tradition at this point, to pass bad laws, try to patch them up, make a mess of the whole thing, and dump it into the judiciary’s lap to untangle the holy mess. What makes this bill so special? Or perhaps, this law too is following the same procedure. The problem lies with us, the people, who have become sick and tired of being auctioned off for the benefit of vested interests.
Liked this? Here’s what we think about OTT regulations.
Do subscribe to our Telegram channel for more resources and discussions on technology law and news. To receive weekly updates, and a massive monthly roundup, don’t forget to subscribe to our Newsletter.
You can also follow us on Instagram, Facebook, LinkedIn, and Twitter for frequent updates and news flashes about #technologylaw.