Undeniably, the pandemic has brought our digital dependencies to the fore. Be it a video call with loved ones, connecting to social media to stay abreast with the latest, watching a movie on Netflix, buying essentials from delivery aggregators, and collaborating with peers during work from home through Skype or Zoom; ‘going digital’ has certainly eased our lives during these tough times. But just as all great offerings come with an asterisk the rapid-digitization has raised questions around data privacy & protection.
We are all aware that data sets are digital assets. Any leakage or unauthorized access of such data can be detrimental to someone’s personal life. With increased digital adoption, the world is also experiencing a spike in cybercrimes, scams & online frauds. The internet has become a playground for miscreants who are running wild to monopolize the situation by taking advantage of the fear surrounding Covid-19. While stringent regulations regarding electronic transactions, data privacy, and cybercrime are in place, one still has a lot to catch up with in terms of educating the ecosystem to effectively implement these at all levels. Stronger ground-level implementation is critical to reinstate consumer confidence in digital platforms. Companies across the world are trying to implement the same especially now since the customer is heavily relying on such services.
While data protection & privacy, as stated above, helps with larger consumer confidence, it is also imperative for businesses to understand the legislations of their respective operational geographies. It is not only vital from a consumer perspective but also a legal framework, and employee rights perspective. With health currently the most crucial aspect of our lives, some of the common questions that the operators in the digital domain need to answer are:
- Is an individual’s health status, personal data?
- Can we seek an employee’s health data concerning coronavirus?
- Can we check visitors for their health status when they are visiting corporate offices or factories?
- Is contact tracing or location tracking a feasible option?
- If captured who can the company share the information with?
If we speak of India – the government has mandated the collection of most of these information sets to ensure that the spread of the disease can both be monitored and controlled. For example, the government has made it mandatory to monitor and record temperature and symptoms of all employees or visitors, in case an industrial or corporate unit is allowed to operate during the lockdown. As per an update, the Aarogya Setu app has been made mandatory in all government-controlled setups to detect and track potential carriers of the pandemic.
While this can be leveraged for data collection & monitoring through contact tracing, there can be certain downsides to it. A large part of this practice, in the absence of specific tools, may require collecting data manually. In such cases, the data can be exposed to those looking to manipulate it or use it for purposes other than it was intended to. Here, the corporates have the onus to respect the privacy of the users whose information is being collected and must protect this data from being accessible to anyone but the requisite authorities.
With concentrated and joint efforts, the pandemic will die down but the experiences might live with sufferers for long. And when that happens, people wouldn’t be reacting to these instances with fear but anger. Certainly, no enterprise would want to be at the receiving end of such angst, be it of a user or an employee. Hence, it is in our vested and greater human interest to handle all data with utmost care and protection and convert the maximum amount of information into anonymous data at the first possible instance.The author is CEO & Co-founder, Aiisma - India’s first data marketplace with operations in United Arab Emirates, Switzerland and Africa.