11835 - How to protect data in era of less privacy and identity theft - Indian Express

By Dia Rekhi  |  Express News Service  |   Published: 20th August 2017 01:21 AM  |  

Last Updated: 20th August 2017 07:46 AM  |   A+A A-  |  

CHENNAI: “Could I have your name and number, ma'am?” the cashier at the clothes store asks politely.
“Of course!” the eager shopper replies and rattles off her name and 10 holy digits linked to everything from bank accounts to food delivery apps.

This shopper could have been any Indian who is always looking to gain ‘loyalty points’ to get a freebie or discount — if not immediately, at least in time for Diwali. But, does an average Indian shopper stop to think of how their safety and security are being jeopardised while trying to make a quick buck?

“I give my name and number at all shops and restaurants,” says K Soumya (name changed), who works at a bank. “The reason I give out my details is simple: I want a discount the next time I come back to shop or eat. Sometimes it is also to genuinely give feedback to the restaurant manager. I never perceived it to be risky which is why I did it.”

This lack of awareness about the ill-effects of compromising on privacy is leading to a number of issues like data theft and cyber fraud. “We have to realise that we should not trade our privacy for a few extra rupees,” says Pavan Duggal, a Supreme Court lawyer and cyber law expert. “Giving out information at stores and restaurants is like walking into an open-ended net. It must be completely avoided. Stores monetise your data and may also share that data with other parties. You are a product for them, after all, so why must you trade your data? It is a losing bargain!”

‘Privacy’ has been the buzzword ever since the Supreme Court in July said the word is an ‘amorphous’ term, and not an absolute right that can prevent the State from making laws imposing reasonable restrictions on citizens. This becomes particularly important as petitions challenging Aadhaar say biometric data like iris scans and fingerprints violate a citizens’ privacy.

Making a case against Aadhaar, cyber law expert Na Vijayashankar says n a bid to simplify and ensure a seamless system, Aadhaar is resulting in the unification of risk, becoming a single point of vulnerability. “Aadhaar is a recipe for disaster,” says Vijayashanker. “It primarily uses a citizen’s mobile number and biometric details. While our biometric information is supposed to be safe, with the right software, it is possible that data can be siphoned before it gets sent to the encryption application, in a matter of a microsecond. Further, these biometric devices  are Chinese devices which are known to have embedded chips that can be accessed by fraudsters.”