A study on global privacy outlook reveals an alarming trend: Indians, on an average, are most willing to trade privacy for the convenience and benefits of digital technology more than their Asian and European counterparts.
According to the EMC Privacy Index, there’s a global paradox in people’s behaviour and their stated wants and beliefs. India-specific research throws up some interesting insights: 61 per cent Indians say they are willing to trade privacy for convenience, yet at the same time 51 per cent believe they have less privacy now than a year ago, while 59 per cent expect privacy to decrease in the next five years.
In this regard, Indian men seem to be going all out in sharing personal information with the world and appear to be more willing than women to trade privacy for convenience. 59 per cent women say they are unwilling as against only 43 per cent men.
There’s also a ‘Take No Action’ Paradox, which reveals that’s 64 per cent of Indians have suffered a data breach, but 41 per cent don’t change passwords regularly, 21 per cent don’t have a password protection on mobile and 21 per cent don’t read privacy statements. The report also says 66 per cent of Indians as compared to 38 per cent globally are more likely to share information with government institutions. Besides, 70 per cent of Indians, as against an average of 50 per cent globally, are willing to share data with government bodies.
If we consider our social media engagement too, 84 per cent respondents in the report say they don’t like anyone knowing anything about them or their habits on social media unless they make a decision themselves to share that information. But then, they freely share large quantities of personal data despite knowing their privacy on social media will be difficult to maintain in the next five years and express a lack of confidence in those institutions that protect them.
“India is only waking up to the concept of privacy. Our social fabric is such that we are used to living in joint families and societies where there is greater comfort in sharing information among our social circle. We need to understand the socio-economic approach to privacy and see how people will look into it,” said Aseem Mukhi, senior consultant, Data Security Council of India.
Currently, India doesn’t have any specific privacy law, but Industry experts argue that India does have protection, while not outlining clearly what that protection involves. However, they remain optimistic about the future of privacy in India and maintain that to establish a strong privacy regime in the country policy makers, industry and citizens need to collectively work together to achieve a coherent framework.
“Europeans, for instance, demand a certain level of privacy from their government. Similar consultations are taking place and different types of protections will be created. With a change of government, things will pick up,” said Rajesh Janey, President, India and SAARC EMC.
To create awareness on consumer privacy, the Data Security Council of India organises a ‘Stop, Think, Connect’ sensitisation initiative. Through this programme, they have targeted students for six months through various street theatre workshops to bring out the message of Internet safety. “Every month we train a batch of 20-30 people. And as we speak, 30 people are training for privacy protection in Bangalore today. Delhi training will take place in July next month. The initiative started last year and we completed one year in June 2014,” said Mukhi.
He further added that DSCI also organises implementation courses on security and privacy where a group of people is trained to manage privacy of organisations. “Organisations such as Infosys, Wipro and Cognizant have taken part in such initiatives. If an organisation is willing, they have an option of training its people for the assessment programme.”
Mukhi believes data security and privacy is still in its early stages in India and that critical infrastructure needs time to build up. Presently, the National Critical Information Infrastructure Centre (NCIIPC) has the mandate to protect critical infrastructure around internet privacy and security. “The US took 15 years to build assets of critical infrastructure. India is only starting to do that. We are still playing the catching-up game. However, there are two ways to ensure consumer privacy: one needs to see how the sector itself adopts practices and what the current government does to address the issues. We need to adopt current systems before jumping on to new ones and ensure a baseline framework is put in place.”
At an individual level, the report suggests, consumers should pay attention to their own protection and be aware of dialogues around privacy. Mukhi adds: “If people are using latest services, they should also take the effort to know the threat perception involved.”
Some suggestions offered by EMC are as follows: Don’t use employer-owned devices or networks for personal business, log out of apps when not in use, use multi-factor authentication for email and other online accounts and change passwords frequently.