Data Privacy and Fake News – A Human Effort

1) Prashanth S
2) Surya M
3) Rakesh Tukaram Chavan

II semester, MBA, Department of Management Studies

Ramaiah Institute of Technology, Bangalore

Abstract:

The rise of Information Age has led to a Digital India where an environment of information
minefield is being created. Starting from small messages to huge currency transactions, all
involving human users, data profiles are being created on users by Social Media companies,
which in turn is used to sell concepts, preferences and ideas back to the user. Data Privacy
and Fake News both may seem like separate topics which deserves to be discussed separately,
but both have one major factor of we human beings as users involved. Navigating the digital
world in the present time requires us users of technology to be aware of both these terms and
its implication in our lives. Digital Data is the new gold and we need to protect ours and
understand better about it. Fake News can be harmful to ourselves and others if we can’t
distinguish between falsehood and truth. Here, we the users of technology can help ourselves
from our information being misused, by being self-aware about the contents we decide to share
and help curb fake news by involving ourselves more in the real world and thus being more
aware of the happening around us and information which we can verify. In this paper we
discuss the Data Privacy and Fake News in detail, its implication in real life and measures that
we individuals need to follow to enjoy all the benefits of the digital social media life and avoid
the bad risks involved in it. We also discuss some of the necessary steps required to improve
Digital Data Privacy and the Government policies towards it and curbing Fake News in India.

Keywords: Data Privacy, Fake News, Individual Users efforts, Government agencies
polices, Laws, Social Media.
Introduction:

Rise of Information age has led to a Digital revolution in India that promises to bring large
disruptions in almost all sectors of society. While this transition to a digital economy is
underway, the processing of personal data has already become omnipresent. This processing
of personal data is further cause for the profiling of an end user which can be used to sell
products or feed content that might be biased or totally fake in nature. Fake news does not mean
that all content is false; it can be technically true but still misleading. Even misleading
information on its own does not constitute fake news. Here a fact, quote or event can be taken
out of the original context and adjusted for personal views which might be totally false.

So, here in both the topics of Data Privacy and Fake News, we the user’s participation is the
key to these concepts existing and thus it can be considered that we users have some control in
these and further adjustment to our behaviour can led to a better outcome for all the parties
involved. In this paper we discuss the human effort that consists of government agents for
policy makers, the stockholders of a company creating the applications of social media and we
the ultimate end users.

Figure: Data Profiling and Profile Based Content Delivery

The figure shown above is a typical scenario where users information based on their activities
on any social medium are profiled for a thier behaviour and based on which content such as
news, topics, products etc. are shown to them by third party who would have purchased the
information from the social media platforms.
Literature Review:

1. Policy Paper - Privacy in India: [By Mr. Vinayak Godse]

It discusses the various aspects of Data privacy such as data collection methods, the
rising concern of privacy in India, impact of various local and global factors, challenges
faced, user end education and suggestions for government policy makers.

2. Is Fake News Real in India: [By Amila Banerjee and Mehrazun Neesa Haque]
It discusses the political aspects involved in the usage of fake news, reason the for its
existence, the harm it causes to us citizens of India.

Data Privacy:

Social networking in a short span of 3-4 years has caught the fancy of millions of users
throughout the world even though it impacts security of organizations and privacy of
individuals. Social web sites such as Facebook, Instagram, WhatsApp and many others have
spawned up. People love to connect with one another, make friends, chat, and publish
photographs of family and friends. They even post personal information for viewing by others.
They can choose to keep such information secret, share it among their closed group of trusted
friends, or make it public. However, these options, though available on social sites, are not
fully understood by common users. But the consequences of ignorance or callousness can be
serious. Behavioural patterns are quite disturbing though. On the one hand, citizens are
paranoid about their privacy – they want and expect protection of all their personal identifiers:
name, address, mobile number, credit card details, PAN number, passport number, and social
security number. On the other hand, they reveal all their personal information quite innocently
and voluntarily on such sites to unknown people. Information thus shared by people gets stored
on the web site’s servers located anywhere in the world. One does not know where the servers
of Facebook, Instagram, WhatsApp are located? Where are their backup centres, their business
continuity management servers? The personal information that we so zealously guard and
protect, within our four walls or our perimeter so to say, is now out there in the open or in the
cloud, as it is commonly called - on the servers of all such web sites. Which privacy laws are
applicable? While all these sites must be taking adequate security measures, cloud computing
does pose major security risks even as the promoters like Facebook, Instagram, WhatsApp try
to assure the world that it is safe.
While India is leading in providing IT services to businesses across the globe; the domestic
sector has emerged as a key IT investor. Leading the pack, Government agencies are spending
more than $ 10 billion in several of e-Governance projects. Private sectors such as BFSI,
Telecom, Manufacturing, and Travel are increasingly relying on IT to process transactions and
offer diverse channels to their customers. Internet penetration, although currently low at about
7.1 %, is rising exponentially. This transformation will increasingly bring Indian citizens under
its fold, exposing them to the new age threats that not only have the potential to damage their
financial interest, but also infringe their personal rights. Increasing commercialization in India
that involves identifying potential customers, marketing products and services, promotional
activities, and cross-selling is seen to be relying on the personal information. It has been
observed that the data gathered while providing services and selling products is increasingly
used for the purpose not intended. This has been more visibly observed in the telecom sector,
which later resulted in the implementation of National Do Not Call Registry (NDNC).
However, implementation of it on the ground remained abysmal, leading to irritation,
frustration and worries of the end users. Reserve Bank of India, the Central Bank of India,
sensing the way the transactions are transforming and their impact on privacy of customers,
issued a regulatory guidance that demands banking industry adhere to privacy principles.
Privacy is slowly graduating into discussion landscape of India. This has been accelerated by
the recent amendment of the Information Technology (IT) Act. Transaction heavy
organizations such as Banking, E-Commerce, and Telecom that are leading the adoption of
Information Technology are conforming to the world recognized privacy principles. Privacy
policies of these organizations are visible on their websites, articulating their commitment to,
and informing users about the likely usage of their information.

Fake News:

In India, with the launch of 4G, the emergence of social media has become a pivotal part of the
Indian culture. Using WhatsApp by creating various public and private groups is one of the
most common ways to connect with friends, family and broader community. The popularity of
Facebook messenger was hampered because of the fame of WhatsApp. With over 200 million
active users, WhatsApp is one of the most widely used messaging apps in India. Nowadays,
political parties have started hiring public relation organizations specially to spread online
propaganda. At present the various political parties have started strategizing their digital
campaigns for 2019 elections. The various parties were reportedly seen setting up multiple
WhatsApp groups to directly reach the electorate. Eminent members of the group are also a
part of this campaign and help in creating popularity among the public.

During the state and central elections, there were several reports on fake news and were accused
of originating trolls and fake news forwards. Disseminating misinformation from multiple
social platforms has been a common phenomenon. The WhatsApp is not the only source of
fake news in India, but Twitter is another popular social platform which the major disseminator
of fake news is. Political parties use various ways to boost their follower counts or to retweet,
like, share and comment. Sharing content in this manner creates trends which reach more
audience. While supporting campaign, people doesn’t recheck the authenticity of the
information they are spreading instead they also become a part of the fake followers. Recently,
Twitter purged fake accounts of multiple political celebrities which had a positive effect on the
recent spreading of fake news.

The Human Efforts:

1. End User Education:

Among the various measures that are advocated to build a privacy culture in India,
education of end users is particularly important. Majority of them would be the first-
time users of the IT systems. With technology being a means to achieve financial
inclusion, there has been increased investment in the eGovernance projects.
Simultaneously, growing private investment in the technology will bring the entire
population of the country under the fold of cyber age. This is being done irrespective
of how equipped the end users are to understand the dangers of the cyber space. End
user’s awareness of how his or her personal information is being collected, used,
processed, shared and stored and how organizations and individuals can misuse this
information will go a long way in creating a privacy culture. End user’s awareness of
the legal protection available to guard his or her personal rights, in case of any breach
pertaining to the personal information, will serve as an effective check on
organizational practices in respect of processing the personal information.
Messaging services like WhatsApp are an ideal medium for propagating fake news in
India. End to end encryption and right to policy leave no trail making it almost
impossible to track down or counter the distribution of such hoaxes. The popular social
 platforms have in fact empowered societies massively at a grassroot level but that
doesn’t take away from the fact that information is spreading without anyone being able
to control it.

2. Privacy by Design:
While IT provides a legitimate platform to both government and private organizations
to extend their reach, integrates with a large section of user groups to the national
economy, the systems and applications should be built in a way that they offer a real
time protection of the sensitive personal information. Privacy should assume its role in
life cycle processes of an organization right from the design, deployment and operation.
E-Governance standards should be revisited to incorporate the privacy principles.
Project design and requirements should spell privacy requirements in clear terms,
ensure their implementation and monitor the enforcement of controls that are attributed
to privacy. Transaction heavy applications like banking that processes sensitive
personal information should embed privacy in their designs. Organizational practices
should provide a high level of assurance to the end users that:
a) Their information is being gathered for a designated purpose.
b) A limit imposed on collection.
c) Prescribe and ensure usage of information.
d) End user is updated on actions being performed on his or her information.
e) Adequate safeguard is deployed to protect information.

3. Self-Regulation:
Although adequate legal protection is required to protect the personal rights, and there
is strong case in favour of the intervention of public powers to assure the protection,
the role of Self-regulation in data protection increasingly has been established as an
effective step. Self-regulation reduces administrative bureaucracy and promises to
bring efficiency in the data protection processes. A self-regulatory initiative has become
now a useful instrument that not only supplements a legislative framework of an
organization but also brings a required dynamism in the protection. United States has a
long tradition of self-regulation. The best practices approach as a practical and realistic
way to enhance global adherence to the data security standards.

4. Government of India Data Protection Act:

 While data can be put to beneficial use, the unregulated and arbitrary use of data,
especially personal data, has raised concerns regarding the privacy and autonomy of an
individual. This was also the subject matter of the landmark judgement of the Supreme
Court, which recognized the right to privacy as a fundamental right. Government of
India has constituted a Committee of Experts to study various issues relating to data
protection in India and suggest a draft Data Protection Bill. The OBJECTIVE is to
“ensure growth of the digital economy while keeping personal data of citizens secure
and protected.” Instrumentally, a firm legal framework for data protection will:
a) Keep personal data of citizens secure and protected.
b) Act as the foundation on which data-driven innovation and entrepreneurship can
flourish in India.

Conclusion:

With all the concepts discussed in this paper; although there are a lot of external factors, the
human factor involved in all the steps still play a major role in shaping our future in this digital
world. Data privacy laws can protect a user only to a certain extent and thus, it still is up to the
user to decide what to share and upload their part of life online. Propagation of fake news
happens due to various factors discussed such as user education of the technology, his capacity
of knowledge on the ongoing events, manipulation of data-based content delivery, etc. At the
end of the day, user just needs to double check the authenticity of the news.
References:

1. An overview of the changing data privacy landscape in India.

https://www.pwc.in/assets/pdfs/publications/2018/an-overview-of-the-changing-data-
privacy-landscape-in-india.pdf
2. Data Protection in India.
https://digitalindia.gov.in/writereaddata/files/6.Data%20Protection%20in%20India.pd
f
3. Policy Paper Privacy in India.
https://www.dsci.in/sites/default/files/Policy_Paper_Privacy_in_India.pdf
4. Indus Law views on Data Protection in India.
https://induslaw.com/app/webroot/publications/pdf/alerts-
2018/IndusLaw_views_on_Data_Protection_in_India.pdf
5. Is Fake News real in India.
http://www.amity.edu/gwalior/JCCC/pdf/JCCC-16012019-46-49.pdf