WhatsApp’s privacy policy update has suddenly brought the long overdue focus to data security. In a rush to switch, many people miss posing these questions: Will shifting to a new app really solve the problem? What stops Facebook or its competition from buying the next big app? Nothing. Apps that are free today will have to make money eventually. How else do they make money without using the data they collect and invest in storing while enabling us to converse as well as conduct business for free? Did our primary school teacher not tell us that there are no free lunches?
Google ‘Data sellers in India’, and you get paid ads selling you the data of high net worth individuals, car owners, doctors, students and of course those of employees of big organisations. Most databases come with lakhs of records while data records of mobile users range in crores. They promise to be sorted on various parameters like pin code, salary, etc. The price for simple data is as low as `3,000-8,000 and additional information such as my WhatsApp activity and DND (Do Not Disturb) status come with an extra fee.
I checked a few of these websites. All they have is a phone number or a contact form. They manage their own anonymity quite well. I clicked through their pages to see if any of them mentioned their sources of data or claimed it is legally sourced data. I could find none in the top Google results. Google is making money from these ads and has obviously failed to check the legal or ethical status of the businesses that it advertises.
No wonder I get a call every afternoon from random call centres of various banks or insurance companies on my DND registered numbers. Every time I ask them where they got my number from, the answer is: we have sources that we cannot disclose. I wondered if legal organisations can get away with these answers. Well, these are all outsourced contractors who can be disowned any moment. I assume my internet usage patterns are still to make it to the mass market. It is probably available in the deep alleys of the dark net for a much higher price, assuring the buyers and sellers of privacy even as they disrobe my anonymity.
Next, I googled for ‘Spyware for mobile phones’. Thankfully I landed on many legal apps that claim to be parental control software. Along with it came the stories where spyware has been used to track the digital activity of partners and competitors. Apps for as low as one dollar a day promise you complete anonymity as the data from the tracked mobile is shared with you every five minutes. It seems there is no legal framework to stop these apps from transmitting all activities on my phone to a third party, including my voice calls or anything that my phone can hear.
The sources of most of these data would track back to our consents given by default to various social media or mobile apps. When do we have the time, inclination or the legal know-how to understand the fine print that silently takes our consent to use data when the eyes are fixated on freebies? Security breaches leading to data leaks have been reported by many major companies including social media platforms. Insiders handling large data in places like retail stores, banks and e-commerce platforms are obviously involved in the chain somewhere.
It goes without saying that regulators need to be more vigilant and proactive. Before that, they need to be better informed about technology curves and their potential repercussions. They are the reason why WhatsApp does not share European region data with Facebook, while in India, permission to share your data with its parent company is the necessary condition to use it. Having said that, we must remember this will always be a cat and mouse story between lawmakers and manipulators. Once a regulation restricts them, other loopholes or more advanced technologies will be found. The cycle will go on.
Ironically, a lot of unsolicited emails in my mailbox land up from various ministries of the Government of India. Where is the government or its appointed agencies sourcing my data from? If the answer is data that I voluntarily shared for things like Aadhaar, I still did not give them permission to intrude my mailbox. Is it not the indicator of lack of knowledge among the very people who have the power to make and implement laws?
The ease of connecting, negotiating, approving and closing deals on WhatsApp has killed email culture to a large extent. I hope this sudden focus on privacy norms would bring some mindfulness in our communications. It’s time we critically look at our own overcommunication. Do we really need to exchange so many images and unverified forwards? We rarely object to or restrict people in our networks whose only role is to forward everything they receive. Can we smartly and intelligently use the tools available to us for free or be ready to pay for them and our privacy? Think about it the next time you mindlessly forward that witty message.
Anuradha Goyal (Tweets @anuradhagoyal)
Author and founder of IndiTales