It’s no secret that the people in power the world over are happy to have a little more data on their citizens. The current Bill promises the government will only access “non-personal data”, but come on, we know where this is headed down. It’ll be like that one annoying colleague who says he’s not eating anything at a team dinner, says he’s taking a couple of fries from you, and before you know it, wolfs down half your pizza, downs three beers that you ordered, and leaves without picking up his tab. Earlier this year, the government opened tenders for a nation-wide facial recognition programme. They’ve also tried to push for Aadhaar to be linked to social media accounts (and everything else). The motivations are clear: They’d like to keep a tab on everyone. Even at its current anonymised level, the data can be quite dangerous in the hands of a government whose discriminatory instincts are becoming increasingly clear by the day. Imagine what it would be capable of when they have access to individual data. Already this year, we’ve seen an egregious attempt in this direction, by using a surveillance tool called Pegasus to spy on the private, encrypted conversations of journalists and human rights activists. Making things worse, exactly what data is collected is vague: “critical personal data” is an “open-ended category in which the government can define from time to time”, the Indian Express reports. As we’ve seen with the GST implementation, the government’s classification of things is based largely on political motives and convenience rather than logic and citizen welfare. Just imagine if this law were in place now: Following the CAB-related brouhaha, the government could easily categorise your social media accounts as “critical personal data” under the guise of weeding out fake news. Before you know it, your woke support of minorities could land you in the slammer. If you think I’m being pessimistic about this, consider that the government hardly has the machinery in place to enforce the basic rules of the Personal Data Protection Bill – already, the technology industry is worried about how this will dissuade IT-based start-ups. So clearly, the rush to get this bill through – bypassing a Standing Committee headed by Shashi Tharoor and doing so at a time when the entire country is subsumed by CAB – points to motivations other than trying to catch up with GDPR.The current Bill promises the government will only access “non-personal data”, but come on, we know where this is headed down.
Now, you might consider me an alarmist if I say that this is going to turn India into a China-like surveillance state, so I won’t say it. Instead, I’ll quote the original architect of the Bill himself, Justice BN Srikrishna: “The PDP Bill can turn India into an Orwellian State”. His bill, in its original form, was meant to protect the data of the people, and before it could be debated in Parliament, the government had a look at it, helpfully adding the paragraph about allowing itself unrestricted, unquestioned access to the Bill. This way, the Bill actually took two steps backwards: We are indeed living through a time when our own changing laws pose a bigger threat to us than nasty foreign forces (if you doubt that, please look at the North-East and Kashmir). Heck, the government has probably sought inspiration from China, who also uses technology in innovative ways to harass its minority. Given Section 370 and now CAB, I shudder to think what next. The oft-given argument for surveillance is “if you have done nothing wrong, there is no reason to worry” – and this is reflected by right-wing brainwashed keyboard maniacs in comments sections about this news. Oh, but there is plenty of reason to worry. Even if you take us “librandus” out of the equation, this will lead to a stutter in investment in India by foreign companies. India does not have the manufacturing wherewithal or the indigenous internet that China has. Given the ruling party’s propensity to rush things through to implementation without worrying about annoying things like consequences, chances are large parts of our economy will not be given the time to adjust themselves to the new data regime. Essential services could be hit – a hospital might spend more time trying to fix this (to avoid harassment from officials) than treat patients. This affects everyone, eventually, and not in a good way. I wish it weren’t like this. There’s actually plenty to like about the idea behind the PDP – after all, the lack of one is why India had a bad privacy ranking in the first place. Reigning in tech companies’ unbridled access to our data is a progressive step and holds them accountable (just like the GDPR has in Europe). Citizens – especially those who are accessing the internet for the first time – will get educated on the value of their data and consent. If implemented properly, the bill will ensure privacy for “personal” data. However, the moment it becomes seen as a political weapon rather than something to protect citizens with, you know we’re headed down a dark, surveilled future. Watch out, China, we just might dethrone you in the next round of rankings.Following the CAB-related brouhaha, the government could easily categorise your social media accounts as “critical personal data” under the guise of weeding out fake news.

