Category: Uncategorized

This post is authored by Rupa Veena S and Julia Anna Joseph, 4th year BBALLB students at School of  Law, Christ University 

INTRODUCTION

Adtech is advertising technology used by businesses to attract potential consumers to their websites. Adtech tools are used to track consumer preferences which are used for marketing products to potential consumers digitally. The Adtech industry has witnessed tremendous growth from the onset of the pandemic when a large proportion of consumers engaged in online shopping. However, the privacy concerns of adtech cannot go unaddressed. In light of the same, this article discusses various practices in the adtech industry that involve violation of privacy. It also makes a comparative analysis between the laws dealing with data protection and privacy concerns arising out of adtech in the United Kingdom (UK) and India.

Practices in the Adtech industry that violate Privacy

The entire adtech ecosystem relies on the personal data of consumers to display ads based on their preferences. Programmatic advertising is the most commonly used adtech and is automated in nature. It is used to buy or sell advertising space. Real-time bidding (“RTB”) is the most widely used programmatic advertising tool. RTB is used by publishers to sell ad space to advertisers who bid the highest in an auction. While advertisers make use of demand-side platforms (“DSPs”) to bid on advertising space, publishers use supply-side platforms (“SSPs”) to sell their ad space. The price for the purchase of ad space is agreed upon in online marketplaces called ad exchanges where publishers and advertisers are connected through DSPs and SSPs. The price while bidding is determined by the consumer’s information available to the advertisers. Cookies and other similar technologies are used to collect consumers’ personal data. The price paid for using websites which are “free” is the personal information collected and used to display ads. Now, what remains questionable is whether consumers’ personal data is collected or processed with their consent or not.

[This is the second part of a two-part post authored by Mitali Kshatriya, a fourth-year law student at RMLNLU, Lucknow. Part I can be found here]

In Part I, the article highlighted the incongruous legislative framework for regulating real money gaming sector followed by the possibility of introducing central laws for regulating the sector. In Part II, the article aims to highlight various regulatory measures which can be adopted to mitigate adverse effects of real money gaming without impeding the growth of the sector.

In a recent decision, the Government of India banned 59 Chinese Applications under Section 69A of the Information Technology Act, 2000 read with relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009. This ban was imposed as an interim measure on the ground that the concerned applications were “engaged in activities which are prejudicial to the sovereignty and integrity of India, defence of India, security of state and public order.” In lieu of this imposition, the Technology Law Forum of NALSAR University of Law (“Forum”) authored a letter to Shri Ajay Prakash Sawhney (Secretary, Ministry of Electronics and Information Technology) on 6 July 2020, expressing concerns and seeking clarifications about the ban. 

Firstly, the Forum asserted that the power under Section 69A of the Information Technology Act and its corresponding Rules is meant to be exercised for imposing content-based restrictions on the internet, and not for sweeping bans on entire applications. Secondly, the Forum pointed out that the Government had failed to make public a reasoned order justifying how the ban was reasonable and proportionate under Article 19 of the Constitution. Thirdly, the Forum noted that while some of the banned applications like TikTok and Weibo did have data protection and privacy concerns, others like Kwai did not have any such concerns or history of data leaks. To this end, it noted that a sweeping ban was arbitrary, more so in the absence of any data protection law supporting it. Fourthly, the Forum called upon the Government to clarify whether the ban was imposed under the exception framework of the GATT or the GATS, and to demonstrate how this ban was non-discriminatory under international law. Lastly, the Forum pointed out that many of the banned applications such as TikTok and Kwai were extremely popular in India’s semi-urban and rural areas, serving as a much-needed outlet of self-expression and source of income for marginalised communities. Accordingly, the Forum requested the Ministry of Electronics and Information Technology to consult with deprived user-stakeholders before arriving at the final decision. 

[This post has been authored by Prashant Khurana, LL.M. Graduate (Class of 2020) from the UCLA School of Law and Founding Editor at Polemics and Pedantics Magazine, and Parth Maniktala, LL.B. Candidate (Class of 2021) at the Campus Law Center, University of Delhi, and Editor at Polemics and Pedantics Magazine.]

COVID-19 has spawned efforts geared towards contact-tracing, triggering collection and processing of sensitive personal data across the world. Legal protections surrounding this large-scale data collection are predominantly nascent, raising significant concerns about the precedent this sets for data privacy. In India, the Supreme Court’s landmark Puttaswamy judgement recognized privacy as intrinsic to the right to life and liberty, as secured by Article 21 of the Constitution. However, the Court conceded that privacy may be abridged if a legitimate interest, say, an epidemic, exists—provided the doctrine of ‘proportionality’ is satisfied. Notably, India’s controversial data protection legislation is yet to be enacted, and in its absence, judicial pronouncements govern.