Technology development took a robust growth especially after the 1990s. In the field of Information technology, a lot of R&D and investment took place. With the development of and reach of IT in human life made concern for the data protection and privacy of the citizens. Under Article 21 of the constitutional right to privacy is a fundamental right of her citizen. Privacy is defined as

         “The right to privacy is protected as an intrinsic part of the right to life and personal liberty under Article 21 and as a part of the freedoms guaranteed by Part III of the Constitution.”[1]

Recently Facebook had a deal with Jio in which the former invested in Jio, a subsidiary of Reliance Industry Ltd. which rose concerns on the privacy of the citizens of India by Facebook’s buying of  9.99% stack in Jio of worth 43,574.[2]

The technology involved in the deal

The use of Artificial intelligence in such platforms collects a lot of data related to the activities of the users. Jio has 387.5 million subscribers in India who are using various Jio services as:

Jio T.V for news and entertainment,

A JIo for online shopping,

Jio savan for music listening,

Jio pay for online payments,

Jio fiber for internet broadband services.

Recently Jio has also launched Jio meet for online video group callings. Facebook has 280 million users in India. Facebook-owned Whatsapp and Instagram have 400 million and 120 million respectively. The partnership of these two Giants has raised serious concerns of data protection and competition law In India. After jio- facebook deal Jio decided to launch the online retail services on the Facebook-owned WhatsApp.  Services have been started in some cities soon after the deal.[3] As use and sharing of meta-data are allowed in India, the companies can use this data for analysis to take advantage in their businesses.  With the help of analytics and data Interpretation of such a large and variety of meta-data, a lot of other information can be drawn which would fall under the definition of privacy.

A fine example of using and manipulating general data is the Cambridge Analytica case, in which the company simply gathered simple data to gather information about the psychology of the person, and then by analysis of this data the opinions of the person can be manipulated.[4]  N According to some experts Cambridge Analytica also worked in India in the same way as in the USA but it was never got investigated in India.[5] This shows the concerns related to data protection and privacy in India and the attitude of the Government towards it. The lack of awareness about data protection and privacy in society is also a big issue. With the use of Artificial Intelligence (AI) and machine learning (ML) a lot of information can be dawned from this meta-data.

Will Jio share data to Facebook?

The Jio’s privacy policy says that the company limits the data sharing (PAN, address, photograph, contact number, passport etc)  in certain circumstances to a scenario like a merger and acquisition that affects the company and the partners. The exception of sharing of data with “partners” includes consultant, contractors, vendors, companies, and affiliates who provides a host of services including customer service, website hosting, It services data analysis, infrastructure hosting and similar services.[6] The Jio-Facebook partnership can put Facebook in the category of a partner, which would allow Jio to share the data of its subscribers.

Need of the data protection laws

With the reach and use of Technology in the lives of people especially in the IT and communication sector have deepened the need for laws to regulate the data collected by the service provides. The government’s policies like digital India and promotions of the use of technology in almost every sector in the country have increased the number of users.

We need a law which regulates and protects the data collected by the services providers. India needs a law like the General Data Protection Regulation (GDPR) which is a fine example of data protection. This law was enforced by European Union in January 2012 which is the core of Europe’s digital privacy legislation. The law makes sure that personal data should be collected legally and should be protected from misuse and exploitation.

This law applies to any organization which is an operation within the EU and any organization outside the EU but offering goods and services to the customer of businesses in the EU. This means every company providing services in EU have to need a GDPR compliance strategy.[7]

GDPR brings the right to be forgotten and right to know when the data is being compromised or hacked, the organization have to notify within the 72 hours of the breach. In case of non-compliance with the GDPR, there is a penalty of 10 million or 4 percent of companies annual global turnover. Even in case of mishandling of data in other ways put a penalty of 10 million Euros or 2 per cent of annual global turnover. The best thing about GDPR is that there is no ‘one size fits all’ approach to preparing for the laws but each business needs to know what they need to comply with the law. So this law would apply to everyone from a single person company to a MNC.

If India is supposed to have such a regulation the protection of data and privacy of citizens can be ensured. Although in 2019 Personal Data Protection Bill was introduced in parliament but still not been passed. The need for a strict regulation will be needed in the future as the government would be coming with more and more policies to digitize India and the threat to the data protection and privacy will increase. 

The technology growth is accelerating and new technologies will emerge which would need to control and regulate and we will need such laws. The technologies like Face reading apps and Deep fake already have put serious legal concerns. Under article 21 read with article 19 of the constitution makes privacy the most important right of the citizen of the country. So to protect these rights we need to regulate these technologies.