May 2020 22
Necessary Surveillance and Data Protection: Is There a Better Way Forward?
Abstract
Delhi Legal Hackers is excited to announce its first online event: ‘Necessary Surveillance and Data Protection: Is There a Better Way Forward?’ Anubha Rastogi hashes out our options, or lack thereof, with Justice Srilrishna, Alok P Kumar, Vidhi Resident Fellow, and Dr. Anja Kovacs of the Internet Democracy Project.
Fighting Covid-19, as with fighting any new epidemic disease, is only possible through government intervention. The necessary government intervention is an effort that requires collection of large amounts of data about patients as quickly and as accurately as possible. Data is necessary because we need to know the number of tests, the increase in positive cases, the regional spread and the mortality rates. Data is also important for tracking symptoms as doctors are still not sure what is the rate of spread of covid-19 in their local communities.
There are a couple of challenges with collecting data in India. First challenge is the quality of data itself. Are people telling us the truth Do we have proper record keeping? Do we have a common language when we speak of data points? India is the 2nd biggest target of cyber attacks and fake news across the world.
Secondly, there are no guidelines on how our information will be used and how long it can be used for. A few articles have raised questions whether data can be utilised by the government without a warrant or post-covid19 for cases that don’t fall under the Epidemics Act 1987.
India’s lockdown is unique in terms of the scale and size, and privacy concerns are natural given that the new Data Protection Bill has exceptions under which the data owner’s consent is not required for accessing and using their data. There were concerns raised before as well. The tracking being undertaken by states under the Epidemics Act, and the uncertainty of what happens to our data outside of this lockdown, combined with an already controversial data bill is a serious cause for concern for Indian citizens.
We know from previous cases where personal data was leaked the harm it can do. In February, when FireEye, the US cybersecurity firm was hacked, the leak breached medical records of over 6 million Indians citizens. Similarly, India was one of the targets of the biggest internet SIM card database sale. It’s not just the government that will be interested in this data, but also corporates, our employers — past and future.
In such an environment, it is necessary to ask for proper guidelines on the use of our data for covid19. Every Indian wants to help; and while it is being pushed on citizens as something that’s for the betterment of all, it’s unclear how it will benefit minority communities, religions, women and transgender people.
The panel will be discussing the aforementioned topics during a FB live event. Some of the key questions we will be seeking answers in this dialogue are:
-
How much power should state and central governments have to collect data in the context of covid-19?
-
How can government get citizens to trust it in its efforts to fight Covid-19?
-
Is the existing legal mechanism sufficient?
-
Can we imagine a better legal framework for the process of collecting, processing and storing of data collected during the pandemic?