The government is keen to promote India as a big hub for data analysis but will not tolerate any attempt by companies to misuse data to influence the democratic process, IT and Law Minister Ravi Shankar Prasad has said. The comments assume significance as the CBI has written to Facebook, Cambridge Analytica and Global Science Research in connection with the illegal personal data harvesting of Indians from the social networking platform.
The Central Bureau of Investigation (CBI) has sought the details from these companies on data collection exercise followed by them. “We are keen to see that India becomes a big centre for data analysis but if any data company misuses data to influence democracy, we will act on it. We will not accept it,” Prasad told reporters here.
Speaking on the sidelines of a cleanliness drive as part of ‘Swachhta Abhiyan’, Prasad noted that Facebook has already apologised, promising corrective action in the aftermath of the alleged data breach episode, but Cambridge Analytica had not sent follow-up responses after its initial reply on the issue.
“So we sent it to the CBI for enquiry. Now the CBI will do its work with fairness,” the minister said. Earlier this year, US-based social networking giant Facebook and British firm Cambridge Analytica drew flak from users as well as governments across the globe after a data leak scandal hit about 87 million users. Cambridge Analytica was accused of harvesting personal information of millions of Facebook users illegally to help political campaigns and influence polls in several countries, prompting Indian government to shoot off notices to the companies.
As it is, India is already in the process of tightening data safety rules and a high-level committee headed by Justice B N Srikrishna has framed and submitted a draft personal data protection Bill to the Government. The IT ministry is in the process of seeking suggestions and feedback from the general public on the draft Bill, and is learnt to be keen on introducing it in the ensuing winter session of Parliament.
The draft of Personal Data Protection Bill, 2018, restricts and imposes conditions on the cross-border transfer of personal data, and suggests setting up of Data Protection Authority of India to prevent any misuse of personal information. It also provides for a penalty of Rs 15 crore or 4 per cent of the total worldwide turnover of any data collection entity, including the state, for violation of personal data processing provisions. Failure to take prompt action on a data security breach can attract a penalty of up to Rs 5 crore or 2 per cent of turnover, whichever is higher, as per the draft provisions.