Data Privacy And Fake News - A Human Effort.docx

Data Privacy and Fake News – A Human Effort 1) Prashanth S 2) Surya M 3) Rakesh Tukaram Chavan II semester, MBA, Department of Management Studies Ramaiah Institute of Technology, Bangalore

Abstract: The rise of Information Age has led to a Digital India where an environment of information minefield is being created. Starting from small messages to huge currency transactions, all involving human users, data profiles are being created on users by Social Media companies, which in turn is used to sell concepts, preferences and ideas back to the user. Data Privacy and Fake News both may seem like separate topics which deserves to be discussed separately, but both have one major factor of we human beings as users involved. Navigating the digital world in the present time requires us users of technology to be aware of both these terms and its implication in our lives. Digital Data is the new gold and we need to protect ours and understand better about it. Fake News can be harmful to ourselves and others if we can’t distinguish between falsehood and truth. Here, we the users of technology can help ourselves from our information being misused, by being self-aware about the contents we decide to share and help curb fake news by involving ourselves more in the real world and thus being more aware of the happening around us and information which we can verify. In this paper we discuss the Data Privacy and Fake News in detail, its implication in real life and measures that we individuals need to follow to enjoy all the benefits of the digital social media life and avoid the bad risks involved in it. We also discuss some of the necessary steps required to improve Digital Data Privacy and the Government policies towards it and curbing Fake News in India.

Keywords: Data Privacy, Fake News, Individual Users efforts, Government agencies polices, Laws, Social Media.

Introduction: Rise of Information age has led to a Digital revolution in India that promises to bring large disruptions in almost all sectors of society. While this transition to a digital economy is underway, the processing of personal data has already become omnipresent. This processing of personal data is further cause for the profiling of an end user which can be used to sell products or feed content that might be biased or totally fake in nature. Fake news does not mean that all content is false; it can be technically true but still misleading. Even misleading information on its own does not constitute fake news. Here a fact, quote or event can be taken out of the original context and adjusted for personal views which might be totally false. So, here in both the topics of Data Privacy and Fake News, we the user’s participation is the key to these concepts existing and thus it can be considered that we users have some control in these and further adjustment to our behaviour can led to a better outcome for all the parties involved. In this paper we discuss the human effort that consists of government agents for policy makers, the stockholders of a company creating the applications of social media and we the ultimate end users.

Figure: Data Profiling and Profile Based Content Delivery

The figure shown above is a typical scenario where users information based on their activities on any social medium are profiled for a thier behaviour and based on which content such as news, topics, products etc. are shown to them by third party who would have purchased the information from the social media platforms.

Literature Review: 1. Policy Paper - Privacy in India: [By Mr. Vinayak Godse] It discusses the various aspects of Data privacy such as data collection methods, the rising concern of privacy in India, impact of various local and global factors, challenges faced, user end education and suggestions for government policy makers.

2. Is Fake News Real in India: [By Amila Banerjee and Mehrazun Neesa Haque] It discusses the political aspects involved in the usage of fake news, reason the for its existence, the harm it causes to us citizens of India.

Data Privacy: Social networking in a short span of 3-4 years has caught the fancy of millions of users throughout the world even though it impacts security of organizations and privacy of individuals. Social web sites such as Facebook, Instagram, WhatsApp and many others have spawned up. People love to connect with one another, make friends, chat, and publish photographs of family and friends. They even post personal information for viewing by others. They can choose to keep such information secret, share it among their closed group of trusted friends, or make it public. However, these options, though available on social sites, are not fully understood by common users. But the consequences of ignorance or callousness can be serious. Behavioural patterns are quite disturbing though. On the one hand, citizens are paranoid about their privacy – they want and expect protection of all their personal identifiers: name, address, mobile number, credit card details, PAN number, passport number, and social security number. On the other hand, they reveal all their personal information quite innocently and voluntarily on such sites to unknown people. Information thus shared by people gets stored on the web site’s servers located anywhere in the world. One does not know where the servers of Facebook, Instagram, WhatsApp are located? Where are their backup centres, their business continuity management servers? The personal information that we so zealously guard and protect, within our four walls or our perimeter so to say, is now out there in the open or in the cloud, as it is commonly called - on the servers of all such web sites. Which privacy laws are applicable? While all these sites must be taking adequate security measures, cloud computing does pose major security risks even as the promoters like Facebook, Instagram, WhatsApp try to assure the world that it is safe.

While India is leading in providing IT services to businesses across the globe; the domestic sector has emerged as a key IT investor. Leading the pack, Government agencies are spending more than $ 10 billion in several of e-Governance projects. Private sectors such as BFSI, Telecom, Manufacturing, and Travel are increasingly relying on IT to process transactions and offer diverse channels to their customers. Internet penetration, although currently low at about 7.1 %, is rising exponentially. This transformation will increasingly bring Indian citizens under its fold, exposing them to the new age threats that not only have the potential to damage their financial interest, but also infringe their personal rights. Increasing commercialization in India that involves identifying potential customers, marketing products and services, promotional activities, and cross-selling is seen to be relying on the personal information. It has been observed that the data gathered while providing services and selling products is increasingly used for the purpose not intended. This has been more visibly observed in the telecom sector, which later resulted in the implementation of National Do Not Call Registry (NDNC). However, implementation of it on the ground remained abysmal, leading to irritation, frustration and worries of the end users. Reserve Bank of India, the Central Bank of India, sensing the way the transactions are transforming and their impact on privacy of customers, issued a regulatory guidance that demands banking industry adhere to privacy principles. Privacy is slowly graduating into discussion landscape of India. This has been accelerated by the recent amendment of the Information Technology (IT) Act. Transaction heavy organizations such as Banking, E-Commerce, and Telecom that are leading the adoption of Information Technology are conforming to the world recognized privacy principles. Privacy policies of these organizations are visible on their websites, articulating their commitment to, and informing users about the likely usage of their information.

Fake News: In India, with the launch of 4G, the emergence of social media has become a pivotal part of the Indian culture. Using WhatsApp by creating various public and private groups is one of the most common ways to connect with friends, family and broader community. The popularity of Facebook messenger was hampered because of the fame of WhatsApp. With over 200 million active users, WhatsApp is one of the most widely used messaging apps in India. Nowadays, political parties have started hiring public relation organizations specially to spread online propaganda. At present the various political parties have started strategizing their digital

campaigns for 2019 elections. The various parties were reportedly seen setting up multiple WhatsApp groups to directly reach the electorate. Eminent members of the group are also a part of this campaign and help in creating popularity among the public. During the state and central elections, there were several reports on fake news and were accused of originating trolls and fake news forwards. Disseminating misinformation from multiple social platforms has been a common phenomenon. The WhatsApp is not the only source of fake news in India, but Twitter is another popular social platform which the major disseminator of fake news is. Political parties use various ways to boost their follower counts or to retweet, like, share and comment. Sharing content in this manner creates trends which reach more audience. While supporting campaign, people doesn’t recheck the authenticity of the information they are spreading instead they also become a part of the fake followers. Recently, Twitter purged fake accounts of multiple political celebrities which had a positive effect on the recent spreading of fake news.

The Human Efforts: 1. End User Education: Among the various measures that are advocated to build a privacy culture in India, education of end users is particularly important. Majority of them would be the firsttime users of the IT systems. With technology being a means to achieve financial inclusion, there has been increased investment in the eGovernance projects. Simultaneously, growing private investment in the technology will bring the entire population of the country under the fold of cyber age. This is being done irrespective of how equipped the end users are to understand the dangers of the cyber space. End user’s awareness of how his or her personal information is being collected, used, processed, shared and stored and how organizations and individuals can misuse this information will go a long way in creating a privacy culture. End user’s awareness of the legal protection available to guard his or her personal rights, in case of any breach pertaining to the personal information, will serve as an effective check on organizational practices in respect of processing the personal information. Messaging services like WhatsApp are an ideal medium for propagating fake news in India. End to end encryption and right to policy leave no trail making it almost impossible to track down or counter the distribution of such hoaxes. The popular social

platforms have in fact empowered societies massively at a grassroot level but that doesn’t take away from the fact that information is spreading without anyone being able to control it.

2. Privacy by Design: While IT provides a legitimate platform to both government and private organizations to extend their reach, integrates with a large section of user groups to the national economy, the systems and applications should be built in a way that they offer a real time protection of the sensitive personal information. Privacy should assume its role in life cycle processes of an organization right from the design, deployment and operation. E-Governance standards should be revisited to incorporate the privacy principles. Project design and requirements should spell privacy requirements in clear terms, ensure their implementation and monitor the enforcement of controls that are attributed to privacy. Transaction heavy applications like banking that processes sensitive personal information should embed privacy in their designs. Organizational practices should provide a high level of assurance to the end users that: a) Their information is being gathered for a designated purpose. b) A limit imposed on collection. c) Prescribe and ensure usage of information. d) End user is updated on actions being performed on his or her information. e) Adequate safeguard is deployed to protect information.

3. Self-Regulation: Although adequate legal protection is required to protect the personal rights, and there is strong case in favour of the intervention of public powers to assure the protection, the role of Self-regulation in data protection increasingly has been established as an effective step. Self-regulation reduces administrative bureaucracy and promises to bring efficiency in the data protection processes. A self-regulatory initiative has become now a useful instrument that not only supplements a legislative framework of an organization but also brings a required dynamism in the protection. United States has a long tradition of self-regulation. The best practices approach as a practical and realistic way to enhance global adherence to the data security standards.

4. Government of India Data Protection Act:

While data can be put to beneficial use, the unregulated and arbitrary use of data, especially personal data, has raised concerns regarding the privacy and autonomy of an individual. This was also the subject matter of the landmark judgement of the Supreme Court, which recognized the right to privacy as a fundamental right. Government of India has constituted a Committee of Experts to study various issues relating to data protection in India and suggest a draft Data Protection Bill. The OBJECTIVE is to “ensure growth of the digital economy while keeping personal data of citizens secure and protected.” Instrumentally, a firm legal framework for data protection will: a) Keep personal data of citizens secure and protected. b) Act as the foundation on which data-driven innovation and entrepreneurship can flourish in India.

Conclusion: With all the concepts discussed in this paper; although there are a lot of external factors, the human factor involved in all the steps still play a major role in shaping our future in this digital world. Data privacy laws can protect a user only to a certain extent and thus, it still is up to the user to decide what to share and upload their part of life online. Propagation of fake news happens due to various factors discussed such as user education of the technology, his capacity of knowledge on the ongoing events, manipulation of data-based content delivery, etc. At the end of the day, user just needs to double check the authenticity of the news.

References: 1. An overview of the changing data privacy landscape in India. https://www.pwc.in/assets/pdfs/publications/2018/an-overview-of-the-changing-dataprivacy-landscape-in-india.pdf 2. Data Protection in India. https://digitalindia.gov.in/writereaddata/files/6.Data%20Protection%20in%20India.pd f 3. Policy Paper Privacy in India. https://www.dsci.in/sites/default/files/Policy_Paper_Privacy_in_India.pdf 4. Indus Law views on Data Protection in India. https://induslaw.com/app/webroot/publications/pdf/alerts2018/IndusLaw_views_on_Data_Protection_in_India.pdf 5. Is Fake News real in India. http://www.amity.edu/gwalior/JCCC/pdf/JCCC-16012019-46-49.pdf