Individual privacy must underpin data security
A big heist has refocused attention on data protection, but our proposed law would empower the state more than citizens. Legal ownership of one’s data should be our guiding principle
The rate at which we have been uploading the internet with our data has gone exponential so painlessly that it takes the shock of a massive online leak for us to sit up and wonder if we have exposed ourselves as sitting ducks for hackers. Last August, news broke of a data heist when Bengaluru-based Juspay, which processes digital payments for the likes of Amazon, Swiggy and MakeMyTrip, admitted a major database breach. This year, the efforts of online sleuths have revealed the extent of it. Credit and debit card transaction details of about 100 million Indians were found being hawked on the dark web, a stealthy part of the internet designed to stay off search-engine radars, and the details on sale suggest Juspay’s hacked servers as their source. Confidential card details of at least 20 million cardholders are reportedly up for grabs, putting them at risk of not just swipe fraud, but other financial swindles as well. As online payments rise, the dark web expands and hackers upgrade their skills, this menace is likely to multiply. Our data urgently needs protection by way of legislation as much as advanced security software systems.