DYNAMICS OF DATA PRIVACY IN FACEBOOK – JIO PARTNERSHIP

May 16, 2020

Overview of Reliance – Facebook deal

 

The Facebook-Jio Platform deal has been in the headlines for the past one year, as the initial discussions had started as early in May 2019. The top leaders of both the companies – including Reliance Industries Chairman and Managing Director Mukesh Ambani and his son Akash Ambani and Facebook CEO Mark Zuckerberg – were involved in the talks from the initial discussion of the deal as it is important deal for both the companies.

 

Facebook’s acquisition of an almost 10% stake in Reliance Industries’ digital business Jio Platforms brings one of the world’s biggest Internet organizations on the table with India’s biggest telecom player. The $5.7-billion arrangement, which esteems Reliance’s digital operations at around $66 billion, pushes the Indian aggregate ahead in its arrangements of deleveraging its balance sheet while quickening the launch of its e-commerce business. It is said that the deal between Reliance Retail, Jio Platforms and Facebook-owned WhatsApp is to offer consumers the ability to access the nearest kiranas, or grocery stores, which can deliver products and services to their homes by transacting with JioMart using WhatsApp, has come at a very opportune time.

 

Key differences in policies of both the companies

 

The key elements of this deal are data sharing and privacy as Jio attempts to become a complete ecosystem. It is clear how this massive investment is going to help Reliance’s debt resolution plan. But another aspect to this investment is differences in data policies of both the companies.While Facebook has objected to any encroachment of data localization measures and flow of data across borders, Jio’s policies make it clear to store data within the country.

 

Reliance in its Integrated Annual Report has stated its strong support for storing data locally, considering it important for country’s interest and security has given the growing complexity of cyber-attacks. It believes that Indians are the real owners of their data and the same should not be transferred to any entity. It has even been reported how Mr. Ambani owner of reliance  group has hailed data as the new oil which must be regulated to end data colonization. On the other hand, we have seen how facebook’s CEO Mark Zuckerberg has kept on emphasizing how their data principles aren’t new and are important to sustain their community and business. The clash of opinions and policies of both the companies may result into a serious consequence on the privacy of the users.

 

Data Localization Norms in the Context of India.

 

Data localization can broadly be defined as ‘any legal limitation on data moving globally and compelling it to remain locally’. Data localization has been defined as the storage of data on a device locally. In simpler terms it may refer to storing data within borders of a particular country on any device that is physically present. Most of the data currently is been stored outside India. The main intention behind this has been to ensure greater accountability from firms so as to reduce data privacy breaches.

 

Talking about data localization norms in India, we have the following regulations

 

  1. Srikrishna Committee has recommended mandatory data localization norms for law enforcement, prevent foreign surveillance, create local jobs and strength Indian economy and strict standards for cross-border transfers. The committee has also proposed to store and process critical data at data centers of India only.
  2. Data Protection Bill 2018 which had been tabled in parliament focused on restrictions and conditions on cross- border transfers.
  3. The payment system is one of the few sectors where RBI mandates data related to payment systems  to be stored within India itself.
  4. Another sector is the telecom sector where companies are mandated to store user information only in India under clause 39.23 of the unified license agreement.
  5. Under Article 2.4 of the Draft of E-Commerce Policy mandates to store all data related to Indian users locally.

 

All these policies and regulations suggest a strong data localization framework so as to ensure citizens data and enhance data privacy. One of the prospective reasons for supporting the localization of data is the new age concept of considering data as the new oil.

 

How free flow of data can impact privacy of individuals

 

Referring to the Media release of the largest FDI for Minority Investment In India, it has made it clear that Jio Platforms will be collaborating with WhatsApp to enter into a commercial partnership to accelerate Reliance Retail’s New Commercial Platforms, JioMart. WhatsApp, via its bilateral agreement with JioMart, could provide Facebook with deeper, richer data. This may consist of different insights relating to consumption patterns. Which would give Facebook an accurate pulse of customer insights. India has around 400 million users of WhatsApp and around 328 million users of Facebook, which makes India a key market for US media majors. Since WhatsApp channels for digital commerce, it may even open up transaction details of SMEs to a foreign company. This would encourage free flow of data between both the companies.

 

If data localization is not the dome then cross-border data flow will start happening, which can create a serious cyber security threat to consumers. The main reason for measures to restrict cybersecurity in relation to data is the protection of citizens and infrastructure from potential risks, which result from cybersecurity malpractices. These risks can be related to consumer risks, eg. the risk to personal data due to unauthorized hacking or cyber-attacks. Risks that threaten public order due to security deficiencies in ubiquitous digital technologies; Network attacks on the domain name system; and finally, the national security risks that result from attacks on a country’s critical infrastructure, including a cyber-war situation. Data can also be processed in countries that may not have adequate privacy regulations.

 

The company may have collected high quantum of data related to customer preference, their purchasing behaviours and the things they search in volume. If this data is utilizedfor the personalization of a customer’s experience and for the improvement of their e-site or sell this data to any third party. By following users’ activities online, marketers could deliver targeted advertising and content. The personalization this data permits, for example, steady adjustment to users’ preferences, has become central to the product experience. The user’s data is reused for discovering sales to existing customers and to realize their interest patterns. This data is used for aggregation and resale.

 

Another aspect to the problem is Facebook having a long history of data breaches in past. For example,in 2010, Facebook launched a platform called Open Graph for third-party apps. Through this update, external developers could reach out to Facebook users and request permission to access their personal data and that of their Facebook friends. Once the users agreed, the apps gained access to their information like their name, gender, location, birthday, education, political preferences, relationship status, religious views, online chat status, and even their private messages. In the context of a number of data-related scandals, such as Cambridge Analytica, governments have come to realize that the protection of personal data of citizens and residents of the country is now an essential requirement.Cross-border transfers carry the possibility of a security risk due to the use of fiber optic cable, rendering networks vulnerable to multiple attacks. This risk is reduced by the localization of the data.

 

Moreover, the requirement to store personal data locally would reinforce law enforcement efforts to access the information required to detect crime and collect evidence of law enforcement. This is because law enforcement agencies have easier access to information in their area of responsibility than requests to foreign companies that store data abroad.While in the case of data hosted abroad, an Indian citizen may not have an effective remedy against foreign-based services providers as Localisation may however make it easier for local authorities to exert jurisdiction and therefore help local citizens’ secure effective remedies.

 

The fundamental right to privacy has been recently recognised as a fundamental right emerging primarily from Article 21 of the Constitution, in Justice K.S. Puttaswamy (Retd.) v. Union of India.To make this right meaningful, it is the duty of the state to put in place a data protection framework which, while protecting citizens from dangers to informational privacy originating from state and non-state actors, serves the common good.

 

Conclusion

 

Facebook and Jio are both market leaders in their respective fields and taking into consideration the pool of data that is going to be invested in the deal, it will not be wrong to say the access to massive data may set the stage for “digital colonization”. As said there are always two sides to a coin. With data localization policies helping a country to secure its data it can also increase the cost to facilitate such infrastructure. Maintaining multiple local data centers may lead to significant investment and can restrict digital economy.With data protection laws still to be implemented, this deal may have serious implication on the privacy of individuals. After all, what has been left unsaid in this deal is the inherent data give-and-take. It is need of the hour to draft significant norms which help protect data and review all data sharing aspects of this deal.

Authors –

 

Akshat Kothari

1st year B.Com LLB student at Institute of Law, Nirma Univeristy

 

Harsh Khanchandani

1st Year BBA LLB student at Symbiosis Law School, Pune

 

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2020 Samacharline – Blog. | Design & Developed by Eway IT Solutions Pvt Ltd.