1. Forget Aadhaar, look at what Facebook’s doing

Forget Aadhaar, look at what Facebook’s doing

So all those worried about the possible invasion of their privacy under Aadhaar would do well to keep in mind social media sites like Facebook

By: | New Delhi | Updated: October 9, 2015 2:20 PM
facebook

So all those worried about the possible invasion of their privacy under Aadhaar would do well to keep in mind social media sites like Facebook

While the European Court of Justice (ECJ) has just delivered a verdict on privacy that should cheer the anti-Aadhaar brigade — it has scrapped the Safe Harbor Agreement between the US and EU — the origins of the case should chill them. It stems from Austrian law student Max Schrems’ experience with Facebook in 2011. When Schrems asked the social media firm for the dope it had on him, to his horror he was given 1,200 pages of data including certain bits he had deleted!

So all those worried about the possible invasion of their privacy under Aadhaar would do well to keep in mind social media sites like Facebook — India has nearly 110 million Facebook users— or Google, for that matter, have a lot more information about them, where they hang out, their likes, dislikes, the lot. This is not to say India should not have a privacy law, but keep in mind Aadhaar officials aver their database is not an invasion of privacy since it cannot be queried on any transaction details of users, it merely authenticates biometrics on request.

During a semester at the Santa Clara University in Silicon Valley, Schrems heard Facebook’s privacy lawyer speak about the company’s compliance with EU privacy laws as tenable under the US-EU Safe Harbor Agreement. Convinced that Safe Harbor allowed the firm to circumvent EU’s much stricter data protection laws, Schrems asked Facebook to submit all data it held about him (he remains a Facebook user, and also has a Twitter presence) in 2011, under the European “right to access” law.

Schrems approached the Irish Data Commissioner — Facebook’s European headquarters are in Dublin — to get the company to stop sending data to the US, saying that the country did not provide sufficient safeguards for user data; he based this inference on the Snowden leaks on the NSA’s Prism programme that allowed the surveillance agency to directly access information from Facebook, Microsoft, Google and other digital companies. But the case was thrown out by the data regulator as “frivolous and vexatious”. But on appeal in the ECJ, Schrems’ argument was upheld. EU’s top court found the Safe Harbor framework itself to be in violation of the union’s and some member countries’ strict privacy laws. As per the agreement, US firms listed under the Safe Harbor framework could transfer EU citizens’ data to the US while remaining consistent with the EU Data Protection Directive by providing self-certification to the US department of commerce that they were compliant with EU privacy standards.

The enforcement of the certification was left with the US Federal Trade Commission.

Essentially, the agreement set a US watchdog to check if American companies were sticking to European laws on privacy with respect to EU users. Safe Harbor-listed firms (including those tagged “not current” or no longer assured the benefits of Safe Harbor) include the usual suspects like Facebook, Google, Twitter and other firms handling sensitive information like 67 accounting firms (including the likes of Grant Thornton), 242 financial services firms and 60 insurance firms (including MetLife, and all its US subsidiaries listed as a single party). There are 5,479 US firms spanning industries from advertising services to defence equipment, lawn and garden equipment to veterinary equipment and supplies in this list.

Tags: Facebook
  1. A
    ajeet
    Oct 9, 2015 at 9:28 am
    What privacy?? Only those who have something to hide will be worried about privacy
    Reply
  2. M
    Mukesh Kamath
    Oct 9, 2015 at 9:52 pm
    There might be a technical solution to the aadhaar(privacy) problem. SC should advise the government to search for one such as launching a hidden UID number under the existing aadhaar layer. And making it illegal to hold a database with aadhaar numbers while legal to hold a UID number seeded database. The UID number which would be known only to machines could be any digits long and humanly impossible to remember. Also it should not be possible to get aadhaar number from UID number. Then how do you seed UID numbers into the database using aadhaar number. Also needless to say it should not be possible to collate or profile an individual by two agencies knowing his/her UID number. But it should be possible to know something about uniqueness using UID seeded database. This is a technical challenge that needs to be overcome. It can be solved by any good techie.
    Reply
  3. K
    Krishna Gupta
    Oct 9, 2015 at 9:18 am
    It is unfortunate that corruption has become part of Indian life so much so almost everybody wants hide from public view to avoid detection and are able to generate lobbies to protect their private face. Move against Aaadhar card seems to be one of such moves. Yes if there are genuine security concerns about data theft , courts should give directives for ensuring it does not happen rather than limiting its role.
    Reply
  4. K
    Krishna Murthy
    Oct 9, 2015 at 2:26 pm
    opposition to aadhaar is frivolous; why supreme court is dragging its feet in it is a mystery;
    Reply
  5. K
    Krishna Murthy
    Oct 9, 2015 at 2:24 pm
    what about all our personal and confidential data in cloud backup storage?
    Reply
  6. J
    J Madhav
    Oct 9, 2015 at 11:43 am
    This argument of comparing the FB experience is far fetched
    Reply
  7. Load More Comments

Go to Top