By Aaroosh Jairath
Ever since social media has come into the picture, there has been a constant fear about the wealth of data that the social media app giants collect and store on their servers.
Recently, there was a massive revelation about Facebook’s mishandling of its user data. The dust had barely settled down when another potentially earthshaking revelation came to light. Read ahead.
BJP has a history of data breaches
The BJP has already been at the receiving end of a substantial amount backlash regarding the security of Aadhaar data during their tenure with cases of data leaks being regularly reported. But don’t worry, it’s very secure.
In fact, it’s so secure that it’s specially kept behind walls that are 13 feet high and 5 feet thick. Don’t believe it? But, that’s what Attorney General K K Venugopal presented in his defense against Aadhaar in courts.
Needless to say, this didn’t inspire a lot of confidence in the government’s ability to safeguard data that the citizens willingly (kinda, sorta) provided. This recent revelation brought to light the fact that the government was actually unwillingly collecting data from its citizens.
The official mobile app of Prime Minister Narendra Modi, downloaded over five million times on Android alone, was accused by a security researcher who tweets under the pseudonym Elliot Anderson of sending the user data to a US-based company called WizRocket Inc. without the user’s consent.
What does this App do?
The app allows party cadre and followers of PM Modi to directly connect with him along with various MPs and MLAs from their constituency. Users can also by creating profiles at the app earn points and win some special awards for their actions that lends an interactive angle to it.
Through this, even a common worker can now connect to their local MLA or the PM through the New India Connect Section. Sounds too good be true?
Well, the catch 22 was that the user’s data was unwillingly harvested and sent to an analytics company which is headquartered in the US and is therefore not subject to Indian laws, thus removing it from the purview of the Indian judiciary, if anything goes wrong.
How BJP sought to defend themselves
“Certain information may be shared with third- party services to offer a better user experience”
It earlier it stated that:
“Your personal information and contact details shall remain confidential and shall not be used for any purpose other than our communication with you”.
In their defense, BJP has said the data was being used only for analytics using third-party service, similar to Google Analytics to offer users the “most contextual content”.
What do others have to say?
This expose was followed by a scathing attack by the Congress party with the INC President, Rahul Gandhi accusing Narendra Modi of being a “Big Boss” for secretly keeping audio records, video, contacts of friends and families and even tracking the location via GPS of the users. He said,
“Hi! My name is Narendra Modi. I am India’s Prime Minister. When you sign up for my official app. I give all your data to my friends in American Companies”
This began a war of words with Amit Malviya, the chief of BJP’s IT operations who hit back, claiming “The Congress were themselves sharing data from their official app to friends in Singapore.”
Additionally, Mr. Malviya did not respond to a specific question posed to him by various newspapers regarding whether this specific information was shared with a third party without the user’s consent.
The backlash was also met by criticism from over 13 lakh cadets of India’s National Cadet Corps who were asked to install the app and share information like phone numbers and email addresses with the Prime Minister’s office.
Experts remain critical of the fact that this information can be misused by private companies like Cambridge Analytica which could build voter profiles of volunteers who are active through the Narendra Modi application and then use these profiles for psychographic targeting during elections, thus negating free choice and acting against democratic interests.
The debate should be centered upon the manner in which these e-governance apps with poor security standards collect our vital data and then do little to none to protect it.
India’s public and private sector does not have the best of information security culture and one can be assured that when the government says something is secure, in all likeliness, it’s not.
One thing to note is the fact that the Congress party deleted its official app ‘With INC’ from the Google Play Store, making it unavailable for Android users. The deletion came amid allegations flying thick and fast between the Congress and BJP over potential accusations by Elliot Alderson over security issues with a web page associated with the Congress.
The business models of the new age social generation, broadly referred to as surveillance capitalism is particularly toxic when it is transformed by political parties and government through models like NaMo app or Aadhaar.
In the name of ‘state surveillance,’ this model of surveillance capitalism is hampering the idea of Right to Privacy of a citizen.
It remains to be seen what actions will be undertaken by the judiciary, which has been critical of these data breaches after regular instances as well as of the government to prevent such mishaps. With the Elections planned for next year, things certainly don’t look good for the “Modi Wave”, with their credibility amongst the audience wearing down after such instances.
Image Source: Google Images
You would also like to read: