Conference Report: 'Privacy Matters' Bangalore

Conference Summary

 On the 5th of February, civil society, lawyers, students, NGO’s, and representatives from the IT companies gathered together at the TERI Southern Regional Center to take part in 'Privacy Matters' - a public conference held to discuss  privacy  issues in India, and the privacy legislation that has been proposed in the parliament. The conference was opened  by Prashant Iyengar, head researcher at Privacy India. Mr. Iyengar explained the mandate of Privacy India, which is to raise awareness of privacy, spark civil action, and promote democratic dialogue around privacy challenges and violations in India.

Keynote: Ashish Rajadhyakksha, Senior fellow, Centre for the Study of Culture & Society

Mr. Rajadhyaksha delivered the keynote speech. In his presentation he focused on privacy in relation to the changing nature of the individual. He pointed out how humans are now becoming technologically enhanced individuals - in essence cybernetic organisms. These technological enhancements can be both positive and negative, but in both cases come with multiple and complicated questions of privacy, because the technological enhancements facilitate everyday life but at the same time create possible privacy violations. He further raised the point that people are not aware of these privacy implications, and thus violations of privacy are not seen as coercive acts, and people do not see their liberty as being placed at risk or challenged.

QUESTIONS TO CONSIDER

• How do we define claim rights vs. liberty rights in terms of privacy ?

• How do we define our rights in terms of privacy?

Privacy and Minorities: Session I of the conference focused on the privacy rights of minorities and privacy and open government data

Zainab Bawa, CIS RAW fellow spoke on Privacy and Open Government Data. Her presentation, titled Property Rights, Privacy, and Open Government Data looked at how data by governmental agencies is handled. Her research is specifically on land records and the government. In her work she looks at:

How data bases are designed

•  How documents are translated into English
•  How hard copy documents are digitized

• How information is posted

• What are the privacy implications for all these processes

Shubha Chacko from Sangama spoke on the issues of sex workers and questions of privacy. Ms. Chacko opened her presentation by pointing out that there is a common conception that sex workers have no rights to privacy. She then talked about the precarious position sex workers find themselves in, because the law and society find it offensive that a sex worker brings into the public sphere what society believes is  to happen in the private. Ms.Chacko also spoke on the invasive techniques that sex workers are subjected to such as HIV intervention and open disclosure of health records, and how these invasive techniques take away the privacy of sex workers. Furthermore, the nature of sex workers work means that they are not privy to the same right of anonymity that many believe is an important principle of privacy. Ms. Chacko closed her presentation by pointing out that the UID might actually bring privacy to sex workers. Closing the panel, Sahana Basavapatna spoke on refugees, the UID, and privacy. Ms. Basavapatna spoke about the difficult situation that refugees are placed in as they have no identity in India, but are also easily identified.

QUESTIONS TO CONSIDER

• How can a privacy legislation insure that when data bases are architected, they are structured in a way that is appropriate for that type of data?

• How can a privacy legislation work to ensure that when records are digitized, information is not lost or manipulated?
•  What are ways in which the Government can post  data, so that it is both open and not in violation of an individual’s privacy?

• How can a privacy legislation ensure anonymity for all citizens when necessary?

• Should specific steps be taken in a privacy legislation to ensure the privacy of minorities such as refugees and sex  workers?

• How can a privacy legislation be framed and implemented in order to not perpetuate existing societal stigmas?

Identity and Privacy: Session III of the conference focused on identity and privacy

Hamish Fraser (Partner at Truman Hoyle, Sydney, Australia) spoke on the Australia Identity card, and how, among other reasons, it was privacy concerns that squashed the identity card in Australia. Furthermore, out of the attempt to make an Australian Identity Card, the Privacy Act of 1995 was passed. Currently in Australia individuals do not have identity cards, but instead they have numbers for different services – such as a tax number, a health number, and a driver license number. These numbers are not unique, and one number for a certain service cannot be used for another service, thus the government cannot track an individual by their number. Mr. Hamish also touched on the ten principles of privacy that the Australian legislation adopts, and pointed out that though the legislation does not have strong teeth, in Australia there is a strong culture of privacy that makes the law enforceable. Michael Whitener (Principal and co-founder of VistaLaw International LLC) spoke next. His presentation titled “Science Fiction Becomes Reality, but at What Cost” focused on the privacy aspects of biometrics and changing technology.

Raman Chima, Privacy analyst for Google, was the final speaker on the panel. Mr. Chima worked to expose myths that people hold about why Google collects information, and how they use that information. For instance Google gathers limited information to develop valuable products and services, and to develop innovative products that reflect strong privacy standards.  Mr. Chima also pointed out that though online tracking can have negative implications, it also has many positive implications - such as allowing spam to be stopped and tracking disease in areas. He concluded his presentation by urging citizens to become more informed, and ask for more rights. He also pointed out that privacy has yet to be spelled out and presented in a way that any person can comprehend, understand, respect, and follows

QUESTIONS TO CONSIDER

• Should a privacy legislation regulate how much access to private citizens records is the government granted?
• How can a privacy legislation be drafted and implemented, so that is practical and applicable for the common citizen?
• How are court regulators going to balance the privacy rights against the need for authentication?

• What will be the requirements for securing storage of biometric data?

• How will a legislation or privacy policy respond to security breaches?
• How will legislation answer the question of what constitutes "consent"? 

• What privacy principles should a privacy legislation in India enforce?
• Should a privacy legislation allow an individual to be “forgotten”?
•  How could a privacy legislation be given either legal or social teeth in India?

Privacy and Social networking Session IV of the conference focused on privacy and social networking

Ujjvala Ballal from Inclusive Planet , a social networking site for the disabled, focused her presentation on the privacy rights of the disabled. She raised the point that disabled people have been struggling for equal access rights for many years. In the process they have lost much of the privacy that they have a right to. She went on to explain that there are many privacy issues that are unique to a disabled persons. Some of which include: the disclosure of their disability, the stigma that comes along with their disability, and the denial of services based on their disability. 

Gagan K. (NLSIU Law Student) spoke on Privacy Issues in Social Networking Websites. Gagan pointed out that on social networking sites privacy issues include:

•   Data mining

•   Profiling

•   Third party disclosure.

QUESTIONS TO CONSIDER

•   Should information pertaining to the disabled be held to higher standards of privacy, because of its sensitive nature?

•   How can a privacy legislation be drafted, so it is accessible to the disabled?

•  Could a privacy legislation construct regulations on the handling of data, in order to prevent profiling and discrimination?

Conclusion: the concluding session was a time for discussion and  opinion sharing

From the closing session, and the above sessions many themes and questions pertaining to privacy came out that will need to be addressed when considering the way forward  for a privacy legislation including:

• Property rights and privacy

• The right to be forgotten

• Privacy rights of minorities

• Privacy and open government data- how is it collected, transferred, stored, and reproduced
• Privacy and foreigners (refugees, illegal migration, etc)

• Recognizing privacy rights in a changing technological society

• Privacy implications of biometric usage
• Privacy rights superseding identification needs
• Corporate privacy policies
• Privacy rights and the disabled
• Privacy rights and social networking