Digital assault on privacy reaching dangerous levels

The perils facing individual freedom and privacy in a digital age have just reached panic proportions.  Disclosures that data culled from millions of Facebook accounts across the globe have been marketed and used to influence elections and control events has always been known. But it’s the scale of the digital ‘spying’ that has sent shock waves. It’s all very well for the Indian government and Information Technology minister Ravi Shankar Prasad to threaten FB and the data firm Cambridge Analytica (CA) with notices for interfering with the Indian electoral process. What we are not seeing is the obvious correlation between the FB-CA data leak and the recent expose of Aadhar by The Tribune of Chandigarh. The latter found that data on millions of Indian citizens on Aadhar servers had been compromised and was being openly sold to purchasers.

Political players
Information on how our privacy is being compromised is slowly trickling in. In the case of FB, Cambridge Analytica whistleblower Christopher Wylie exposed how data of 50 million US FB users was bought from an independent researcher Aleksandr Kogan and used for Donald Trump’s successful presidential campaign. The shock victory of the ‘Leave-European Union’ faction (Brexit) is now being ascribed to manipulation of FB profiles of millions of UK citizens. 

So here’s the catch: digital data is being leaked and manipulated at the behest of dominant political players. In the USA, it is Trump. In India, the main clients of Cambridge Analytica are our principal political parties – the Congress, the BJP and the Janata Dal (United). In 2012, CA’s sister concern Strategic Communications Laboratories (SCL) carried out a caste census in UP on behalf of a national party. In Bihar’s 2010 elections, JD (U) hired SCL to identify target caste groups and the right messages. 

Millions of users of FB, Google, Snapchat and other ‘free’ social networking sites are only now realizing that there is no such thing as a free lunch. The product being sold is the FB or Google user. His profile, his interests and his spending habits is all information sold to thousands of marketers targeting specific ‘buyer’ profiles. Snoopers like Cambridge Analytica go one step forward: they build psychometric profiles by measuring personality traits, political preferences, abilities and deficiencies, so specific genres can be targeted more efficiently. 

Policing by the state 
But what if this information is being gleaned not for commercial sales, but for policing by the state? Edward Snowden, a computer professional employed with a contractor working with the US National Security Agency (NSA), leaked thousands of files in 2013 before fleeing to Russia. These files exposed NSA to be running several global surveillance programmes on individuals using the data and access of private US telecom companies like Sprint, T-Mobile and AT&T.  It is now established beyond doubt that such meta-data has been used by these spy agencies even for assassination operations through precision bombing and drone attacks. 

Neville Roy Singham, founder of software company ThoughtWorks Inc, had warned as far back as 2013 that private information was being culled through a web of smart phones and internet eavesdropping; and India was one of the largest targets of NSA snooping with 6 billion pieces of information captured on Indian citizens in 2013. Singham had then said in an interview: “The level of surveillance is huge; the statement of the Chief Information Officer (CIO) of the CIA is, ‘we will control every human interaction in history’. At the data center they have built in Utah, they can store yottabytes of data, which is all of the data of all of the communications in the next 100 years.”

Which brings us back to Aadhar; and in the light of the above discussion, the programme is probably among the largest government-controlled snooping programmes in the world. In the name of giving a digital identity to our citizens, hundreds of private vendors have access to the Aadhar files, and the servers that store the data have been hacked into many times over. 

And the big problem is: Who regulates the Internet? Every country has its own laws and the big purveyors of content – FB, Twitter, Amazon, Microsoft and Google are all laws unto themselves. However, two important steps can and should be taken: first, encryption of data must become the norm rather than the exception; and second, a strong citizens’ movement needs be unleashed to enforce self-regulation on the Digital Daddies, and to observe privacy as a Fundamental Right.