Right to use your own data?

Whether the customer prefers convenience over data privacy, or vice-versa, the system should allow him to exercise choice

My friend Mahesh had a peculiar experience. He had recently moved to Mumbai from a smaller town and was looking around for office premises to rent. He liked one and the rent was acceptable, but his landlord had an issue. He wanted to check out Mahesh’s capacity to pay the rentals on time. Mahesh offered to share his income-tax return statements as well as his credit report with the landlord since he really needed the office premises. The landlord wanted to be certain that the credit report and the income tax returns that he got were genuine and not fabricated. This was a problem as Mahesh could not provide access directly to his account with the income tax department or the credit bureau. 

Eventually, Mahesh worked out an ingenious solution that has made the word ‘jugaad’ associated with all Indians. He used the landlord’s laptop to log into the income tax website and the credit bureau website and downloaded the respective reports and printed them out there and then. The landlord was convinced, and Mahesh got his office. 

There are so many occasions when one needs to prove one’s credentials, like a sensitive job opportunity, visa application, loan application, or even a matrimonial alliance. Allowing the easy use of income tax and credit report data as credentials by individuals of their own volition also emphasises the positive aspects of reporting your true income and paying your loans on time – both a big positive for the economy. The income tax department will probably need legal changes to allow them to share the data based on customer approval, but the credit bureaus will just need a big shove from the Reserve Bank of India to allow this to happen. 

The issue of data privacy has been in the news because of the Aadhaar judgement. It is not clear whether telecom companies and banks can still use Aadhaar authentication even if consumers want them to. Even the advocates of privacy are not arguing that the identity of a bank account holder or a SIM card holder should not be verified. The argument is only about the correct means of verifying, and the higher privacy intrusion that Aadhaar leads to. Let’s assume the government forces banks/telecom companies to automatically delink the existing Aadhaar linkages and obtain a fresh know-your-customer update. Only now, the choice must be provided between linking Aadhaar again or providing other documents. The choice made by the consumers will be a vote on their willingness to accept the trade-off between privacy intrusion and the convenience of getting themselves verified through the 12-digit number. 

The focus should be on the consumer. The government would allow the consumers to benefit from the data that they are forced to part with, in an intrusive manner under the Aadhaar programme, but their life is made simpler. For that, it needs to be ensured that the consumer has a genuine choice to decide how his own private data can be used by him conveniently and cheaply.  Like my right to privacy, do I have a right to effectively use my own information? 

---

The writer is a Sebi-registered investment advisor