The Gulf Time Newspaper One of the finest business newspapers in the UAE brought to you by our professional writers and editors.
Bloomberg
B.N. Srikrishna is a genial, 77-year-old former Supreme Court judge who recites Shakespeare and Sanskrit scriptures with equal facility. But he’s making the likes of Google, Amazon and Facebook more than a little nervous.
Srikrishna is leading the effort to draft new data-privacy laws for India that will regulate how tech giants from the US and elsewhere operate in the nation of 1.3 billion.
His recommendations carry particular weight because India is already the biggest market for companies like Facebook Inc. and offers enormous potential for dozens more. The committee Srikrishna helms will send its bill to the government this week.
They’re going well beyond the hands-off American approach that preceded fiascoes like the Facebook breach, which facilitated Russian meddling in the 2016 presidential election, or the Equifax hack, which exposed personal information of about 145 million people.
He and his colleagues are determined to modernise the country’s standards and protect all citizens.
“India has accelerated from a ‘bail gaadi’ economy to a silicon-chip economy,†said Srikrishna, using the Hindi expression for ox cart.
“But privacy and data regulation rules are still far behind.â€
India has been careening into the digital age. The number of people with smartphones soared to 370 million users at end 2017, from 25 million in 2012, according to Counterpoint Research. The government has also developed one of the world’s most ambitious biometric identity systems, called Aadhaar, which assigned unique 12-digit numbers to 1.1 billion Indians and registered their fingerprints, iris scans and demographic details. That data is now used for everything from tax returns and property purchases to welfare disbursals and WhatsApp payments.
But this flood of data — and an absence of regulation — has fueled concern among privacy activists and citizens groups. That’s been aggravated by government practices, including a recent misstep by the southern state of Andhra Pradesh that inadvertently exposed the demographic and bank details of more than 130,000 people.
“Data-poor India is rapidly becoming a data-rich economy so having a data protection law is critical,†said Srikanth Nadhamuni, CEO of startup incubator Khosla Labs and former chief technology officer for Aadhaar.
The diminutive, grey-haired Srikrishna discussed the debate during an interview in his Mumbai office, which is so compact that chairs for visitors prevent the door from opening fully. He plans to navigate a “middle path†between the laissez-faire US approach and the stringent General Data Protection Regulation just imposed in Europe. “India is India, after all,†he said, seated in front of a MacBook and pile of papers.
The 10-member committee he heads — comprising academics and government officials — is putting the finishing touches to their bill. The draft will need parliament approval to be enacted. Currently, foreign companies and hundreds of home-grown startups collect, aggregate, store and process Indian user data unhindered. The Google-backed delivery app Dunzo, for instance, requires access to a customer’s contact list, location, messages, media files and call information at the time
of installation.
Such information is gathered “only to improve the user’s experience of initiating/running a task on the Dunzo App,†the startup said. Srikrishna’s framework would rein in such practices. It will detail what is fair use, whether technology giants can transfer data across the border, and how to enforce accountability and penalties
for violations.