Without stringent law, threats to Mark Zuckerberg are hollow: Experts

A data protection law might not directly stop firms from buying data from third-party developers, but it is a great pre-emptive measure to stop unnecessary data collection Photo:istock
The best way of keeping a check on the manipulation of elections through campaigns on Facebook is by introducing a strong data protection policy, said experts. After the Cambridge Analytica row, all eyes are on the use of such tools during the upcoming general election in India.

 

Union Law and Information Technology (IT) Minister Ravi Shankar Prasad on Wednesday warned Facebook and other social networks of tough action, if they attempted to influence the Indian elections. However, experts said these threats are hollow because the current law protecting user data lacks teeth.

 

“Without a strong data protection law, we wouldn't quite be able to take any action as what has happened is not a breach. While Section 43A of the IT Act talks about lack of consent from the users, it does not spell out any consequence for violating the same,” said Pranesh Prakash, policy director at think tank The Centre for Internet and Society (CIS). “Essentially, it's a toothless tiger.”

 

Having a data protection law might not directly stop firms from buying data from third-party developers and then deploying it for targeted users, but it is a great pre-emptive measure to stop unnecessary data collection. If users are asked to give consent for their data, it would vastly reduce the risk.

 

“The government's statement would be well supported, if it would be bringing a law, listening to key voices of experts and civil society. Even though the Justice Srikrishna Committee is currently examining and is expected to come out with a draft law, the timeline, transparency and willingness to safeguard user rights need to be better demonstrated,” said Apar Gupta, an independent lawyer.

 

Other experts have voiced their concerns over allowing tech giants to take sensitive user data out of the country. Once the data is out of India's jurisdiction, there is no way to ensure these companies are following the laws mandated by the government.

 

“Facebook is not an Indian company. We do not know how far it is complying with India’s IT Act. We should not be compromising on security and allow tech firms to play in the market without complying with the laws,” says Pavan Duggal, cyber law expert and Supreme Court advocate.

 

While both the Congress and the BJP have accused each other of working with Cambridge Analytica and denied their own affiliation with the company, the UK-based firm was already functioning in India through its partner Ovleno Business Intelligence (OBI). The OBI website, which has now been taken down, had listed the BJP, the Congress and Janata Dal (United) as its clients.


Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel