Cambridge Analytica Facebook scandal and the woeful state of data security in India
Today’s modern, digital age has always been at odds with traditional notions of privacy. When joining a social network, we give permissions to let others access our contact lists, email addresses and geolocational data. Cambridge Analytica Facebook scandal has only revealed the tip of the iceberg, which is the problem of lack of privacy online.
The world’s largest social network has built its fortune on harvesting and monetising user data. It is infamous for burying privacy settings under obscure menus. This means that everyone barring the most tech savvy user is a fair target. Cambridge Analytica’s Facebook scandal is only the latest reminder of how Zuckerberg is unable – or unwilling – to ensure user privacy.
Masquerading as a survey tool used by psychologists, the ‘thisisyourdigitallife’ app was downloaded by more than 2,50,000 users in exchange for a dollar per download. The data was being fed to Cambridge Analytica, which used it to construct voter profiles. Facebook by then had opened up users’ friend lists to third party apps.
Aleksandr Kogan, a researcher working at Cambridge, could now access the personal information of 50 million others who had no idea that their data was being siphoned off, let alone be used for a political campaign. This incident shows how easily developers can get away with lying about their intent in collecting data.
Cambridge Analytica Facebook scandal impact on India?
Data security in India is even more suspect. The country does not have a formal data protection law, meaning in incidents such as Cambridge Analytica’s Facebook scandal, the offender can’t be punished. App owners in India have blanket permissions to access data, unlike the European Union or Singapore, where more specific approvals have to be sought.
In January, a Chandigarh-based paper revealed how an anonymous ring was selling personal information from Aadhar database for as less as ₹ 500 in a searchable index. When quizzed about these allegations, India’s Attorney General claimed that the Aadhar data was protected by 13 feet high walls.
Even when a French researcher on twitter is able to show that our servers are easily breached (including Modi’s official app which sends data to a third party), the administration seems oblivious to its vulnerabilities. This is a worrying lack of awareness from the highest levels of government which claims to be invested in the digital future of its citizens.
Digital India will have failed if it is not able to ensure the safety of citizen data. With private firms so obviously open to exploiting unassuming users, data security in India must be the government’s prime concern.