Data Protection of Deceased Individuals: The Legal Quandry

Posted on December 5, 2019December 13, 2019 by Tech Law Forum @ NALSAR

This post has been authored by Purbasha Panda and Lokesh Mewara, fourth and fifth years from NLU Ranchi. It discusses the data protection laws for deceased individuals, and the legal justifications for post-mortem privacy.

Post-mortem privacy is defined as the right of a person to preserve and control what formulates his/her reputation after death. It is inherently linked with the idea of dignity after death. The first type of opinion with respect to post-mortem privacy raises the question of how there can be a threat to the reputation of a person if he no longer exists. However, there is another school of thought which argues that when a person’s public persona or reputation is harmed after death, he might not be defamed but the ante-mortem person could. Another question that comes up, is that when a person dies, does the interest of the dead person that survives become the interest of others or is it actually his interests alone that are protected or is it both the possible scenarios?

Metadata by TLF: Issue 7

Posted on November 14, 2019December 20, 2020 by Tech Law Forum @ NALSAR

Welcome to our fortnightly newsletter, where our Editors put together handpicked stories from the world of tech law! You can find other issues here.

Israel spyware ‘Pegasus’ used to snoop on Indian activists, journalists, lawyers

Standardizing the Data Economy

Posted on October 17, 2019December 13, 2019 by Tech Law Forum @ NALSAR

This piece has been authored by Namratha Murugeshan, a final year student at NALSAR University of Law and member of the Tech Law Forum.

In 2006, Clive Humby, a British mathematician said with incredible foresight that “data is the new oil”. Fast forward to 2019, we see how data has singularly been responsible for big-tech companies getting closer to and surpassing the trillion-dollar net worth mark. The ‘big 4’ tech companies, Google, Apple, Facebook and Amazon have incredibly large reserves of data both in terms of data collection (owing to the sheer number of users each company retains) and in terms of access to data that is collected through this usage. With an increasing number of applications and avenues for data to be used, the requirement of standardizing the data economy manifests itself strongly with more countries recognizing the need to have specific laws concerning data.

Artificial Intelligence is a Road Map to Transmogrification of Legal Industry

Posted on September 30, 2019 by Tech Law Forum NALSAR

This piece, taking an optimistic view of the use of AI in the legal industry, has been authored by Priyal Agrawal and Laxmi Rathore. They are currently in their 3rd year at the Kirit P. Mehta School of Law, NMIMS, Mumbai.

“In the long term, artificial intelligence and automation are going to be taking over so much of what gives humans a feeling of purpose.” – Matt Bellamy

Metadata by TLF: Issue 4

Posted on September 10, 2019December 20, 2020 by Tech Law Forum @ NALSAR

Welcome to our fortnightly newsletter, where our Editors put together handpicked stories from the world of tech law! You can find other issues here.

Facebook approaches SC in ‘Social Media-Aadhaar linking case’

In 2018, Anthony Clement Rubin and Janani Krishnamurthy filed PILs before the Madras High Court, seeking a writ of Mandamus to “declare the linking of Aadhaar of any one of the Government authorized identity proof as mandatory for the purpose of authentication while obtaining any email or user account.” The main concern of the petitioners was traceability of social media users, which would be facilitated by linking their social media accounts with a government identity proof; this in turn could help combat cybercrime. The case was heard by a division bench of the Madras HC, and the scope was expanded to include curbing of cybercrime with the help of online intermediaries. In June 2019, the Internet Freedom Foundation became an intervener in the case to provide expertise in the areas of technology, policy, law and privacy. Notably, Madras HC dismissed the prayer asking for linkage of social media and Aadhaar, stating that it violated the SC judgement on Aadhaar which held that Aadhaar is to be used only for social welfare schemes.

Sahamati: Self Regulatory Organisation for Financial Data Sharing Ecosystem

Posted on September 6, 2019December 4, 2020 by Tech Law Forum @ NALSAR

This post, authored by Mr. Srikanth Lakshmanan, is part of TLF’s blog series on Account Aggregators. Other posts can be found here.

Mr. Srikanth Lakshmanan is the founder of CashlessConsumer, a consumer collective working on digital payments to increase awareness, understand technology, represent consumers in digital payments ecosystem to voice perspectives, concerns with a goal of moving towards a fair cashless society with equitable rights.

Data Protection: Consumer Perspectives at Facebook Design Jam

Posted on July 18, 2019July 18, 2019 by Tech Law Forum NALSAR

[Ed Note: This post is the first in a series of posts by members of TLF who attended the Facebook Design Jam in Hyderabad on 10 July 2019. It has been authored by Namratha Murugeshan, a final year student at NALSAR University of Law and member of TLF.]

Members of TLF’s Organizing Committee were invited to attend Facebook’s Data Awareness Design Jam on the 10th of July 2019. A Design Jam is an event that provides a platform for start-ups and designers to pitch and improve their products. They are typically very interactive and informative sessions that help the participants gain new perspectives about their products and learn more about compliance with law and policy. Likewise, Facebook’s event too was an excellent opportunity for us to interact with start-ups, professionals, policymakers, designers and surprisingly, quite a few lawyers too. A key takeaway for the TLF members present at the event was gaining knowledge about the consumer perspectives surrounding data protection in India. A panel discussion on the same topic was organized at the Jam. The speakers included Smriti Parsheera from NIPFP (National Institute of Public Finance and Policy), Shagufta Gupta from CUTS (Consumer Unity & Trust Society) and Prerak Mehta from Dalberg Global Development Advisors. This post is a brief on the panel discussion.

The focus of the panel discussion was on value creation for companies through increasing compliance with the transparency norm. The speeches, while ranging in perspective, centered on the idea of how compliance with law and increasing transparency aids in increasing the reputation of start-ups and companies. This comes as a particularly interesting insight, given that data protection in the eyes of the law has largely come to be viewed as the foundation upon which creative technologies need to be built. However, from the perspective of the creator, compliance with the law seems to be more of a last-minute adjustment. Compliance comes in the form of creating a product based on the needs of possible users and then learning about law and policy to tweak the product.

The panel largely focused on how consumer products such as apps and databases could be made better by creators improving their user interface for privacy aspects of the product. One of the ways in which the same could be done, it was suggested, was through the removal of blanket consent clauses. It was explained how blanket consent is a tool used by apps to access even that data of a user which is not necessary for the functioning of the app. Thereby, taking away the agency from a consumer. Adding to the same, it was suggested that the idea of purpose limitation where specific permissions need to be taken based on the use of the information should be adopted. Further, there should be a clear mention of why the data is being collected from the user. Speaking based on the surveys conducted by CUTS on data protection, the audience was informed about the direct correlation between awareness and consumer satisfaction. Transparency helps with increasing the customer’s ease of use of a product and therefore it is productive for creators to adhere to the same.

Moving on from there, the next issue in contention was the readability of privacy policies. Length, language and the excessive use of legalese were determined to be the factors that prevent users from understanding or even reading privacy policies. These policies, it was noted, tend to be inscrutable. Further, from the point of view of the user, there is a lack of knowledge about the enforceability of privacy policies. Based on the data collected by NIPFP through surveys, we were made aware that users do not know who or how privacy policies are enforced or if they are enforced at all. As suggestions to the start-ups present, the panelists focused on the readability of these policies. An approach towards the same would be to ensure that policies are short and simple. Further, having interactive features to ensure that different users are able to find answers to their queries about the policy easily adds value to the product. Features like videos explaining privacy policies, larger font size etc. would aid in incorporating privacy by design, which in turn would automatically build trust.

The main takeaway from the panel discussion was its elaboration on how product-makers tend to think of privacy and what aspects they focus on. It was a significant change from the perspective of the law where compliance is the rule. For product-makers, however, we learnt that a product’s usability and success is positively the motivation pushing them towards innovation. The panel discussion was an excellent platform where these two seemingly divergent views were synthesized to promote the idea of privacy by design.