BJP goes for Risk Mitigation and Congress goes for Risk Avoidance

Suddenly politicians have become experts in data protection and how mobile apps may collect data without your consent. Mr Rahul Gandhi who once gave us the “Gyan” about “Jupiter Escape Velocity” is about to give us “Gyan” about “Privacy and Data Protection” and how consent should be obtained.

We have not forgotten the fact that his close aide Ms Ramya who manages RG’s twitter openly asked not long ago for Congress workers to open fake accounts and increase the social media foot print so that they could compete with Modi’s popularity on the social media. Congress also used some foreign Bots to post “Likes” and “retweets” so that the fake followers and fake re-tweets could create a “Fake News” in the social media so that every lie uttered gets magnified and is able to fool more number of dumb voters.

Unfortunately, in these efforts, RG forgets that it is his “Ivnarva” speech and “Vish….Vish…..” stumbling which is more popular in Karnataka in the social media than his more erudite utterances on Data Privacy.

Now Both Congress and BJP have started trading charges based on the privacy policies followed by both parties for their respective apps. It is funny that the spokespersons of political parties are suddenly talking like Privacy experts.

My sincere advice to them is to stop talking on this subject even if media tries to needle them. They should say that some experts are looking into whatever allegations are being made and corrective action would be taken as necessary.

The vulnerabilities of the Mobile Apps are known and even big companies have not addressed them adequately. I therefore donot expect political party apps to be more privacy compliant than the apps of the MNCs.

The Cambridge Analytica issue has become the focus of both the national and international media only because Donald Trump was connected to the incident as a beneficairy of the election campaign based on the profiling of people provided by Cambridge Analytica. The fact that the subsidiary of the same company could have been involved in managing the election campaigns of BJP, Congress and JDU in India brought the focus in India. Media would not have been interested if this was only an issue related to the privacy of the public.

What is actually disgusting is that some of the security professionals are joining hands with Rahul Gandhi and trying to spread disinformation. Some of them are even testifying against the Government in the Aadhaar issue. Perhaps they are doing it because they hate Mr Modi or because they have been bought by Congress and the Communists to defame Mr Modi.

It is disappointing to note that such professionals are also criticising the Namo App issue as if they agree with Mr Rahul Gandhi’s view that  Mr Modi is spying the Indian citizens through this App. Mr Rahul Gandhi’s intelligence level is known and no body is surprised at his utterances. But security professionals will come out as hypocrites if they donot understand that we cannot expect the PM to check the source code of the app or the privacy policy just because the App is named after him. He has to depend on technology specialists and if they have made a mistake, take suitable action.

These security professionals should also understand that the App is branded as “NaMo” because of the brand value atttached to the name of Mr Modi. It is not however the personal property of Mr Modi and must be considered as belonging to the Government. Government would have sub contracted the development and maintenance of the App and it is such an organization which is actually responsible for the Privacy policy being not followed etc.

Hence the talk of Mr Modi being responsible is incorrect and nothing different from celebrities being held accountable when the products they endorse fail.

In fact, when Congress lost power in 2014, it was guilty of deleting the Twitter handle of PMO before Mr Manmohan Singh demitted office as if he was personally the owner of the twitter handle and had to remove it when he demits office.

Now many are also criticizing the fact that the Privacy policy of NaMo app was modified after the controversy. In fact this is a matter to be appreciated that when a vulnerability was brought to the notice of the App owner, he is trying to correct it. This is the “Risk Mitigation” effort expected out of the owner. On the other hand, Congress removed its app altogether. This is also fine since this is a “Risk Avoidance” strategy and since Congress did not consider the App successful any way, it was a wise move to withdraw it.

Public should also remember that certain technical information of any app user or internet user such as the browser/mobile used etc is always tracked because this is essential for presenting the content in a proper manner. Hence processing the behaviour and preferences of the users to a certain extent is perfectly legitimate. If this back end processing is done online by a company abroad, the data may have to be sent there. In most cases this would be de-identified information and hence there is no privacy stake here. This is not “Stashing away data of Indian citizens abroad” like people stash away their black money abroad.

RG cannot understand this and hence he may say some thing like “Spying”, “Recording audio or video” etc and this has to be ignored. Even if BJP tries to pursue a defamation case, they may fail since Court may come to the conclusion that no body takes RG seriously and hence no “Defamation” can be attributed to his utterings.

But security professionals should be more responsible and not make lose comments. If they have suggestions to improve the App they should provide those suggestions.

The summary of this discussion is that while we wish that political parties are more careful in drafting the Privacy policy and Terms of use of the Apps we also wish the public should check if they want to give their consent to the sharing of their personal data before any app is installed. Beyond this, it is not correct to use terms such as “Spying” unless to exhibit one’s ignorance. It is OK for Rahul Gandhi and Ramya and not for security professionals.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.