Mozilla executive pens an open letter on India's data privacy laws and Aadhaar

Mozilla's chief executive chairwoman, Mitchell Baker, has penned an open letter that was published as a full-page ad in the Hindustan Times- one of the most widely read dailies in India. The letter is addressed to the Indian Ministry of Electronics and Information Technology's Committee of Experts headed by Justice Srikrishna, which is set up to establish a data protection framework for the country.

Mozilla's letter urges the committee, and specifically Justice Srikrishna, to "stand up for the privacy and security of all Indians," and comes weeks after the committee published a White Paper inviting discourse over the complexities of data protection. It's unclear at the moment whether Mozilla has officially submitted its suggestions to the committee.

The letter also talks about India's Aadhaar, a 12-digit unique identification number that is issued by the Government of India to its residents. Managed by the Unique Identification Authority of India (UIDAI), those who volunteer to register are required to provide their biometric information. Although the ID is voluntary - as far as legalities are concerned - its possession is a requirement for many government and non-government services, including things like having a bank account, a phone connection, or receiving government aid. In recent times, the Indian government has been pushing the system comprehensively onto its residents, sometimes leading to horrifying results.

That is not all, however, as there are grave concerns over the security and integrity of Aadhaar's massive biometric database and UIDAI's inability to maintain the privacy of those who have enrolled into Aadhaar. Several cases of forged cards, stolen identities, and fraudulent cases have come forth in the past few months, with the government going as far as prosecuting journalists who bring these issues to light. At the backdrop of all this commotion, the Supreme Court of India ruled in August last year that privacy is a fundamental right for every Indian.

Baker echoes a growing concern regarding the system's efficiency that many, including those involved with Mozilla, are worried about. She suggests a few points to the committee, that may iterate upon the currently-published version of the White Paper:

  • The current proposal exempts biometric info from the definition of sensitive personal information that must be especially protected. This is backwards, biometric info is some of the most personal info, and can’t be “reset’ like a password.

  • The design of Aadhaar fails to provide meaningful consent to users. This is seen, for example, by the ever increasing number of public and private services that are linked to Aadhaar without users being given a meaningful choice in the matter. This can and should be remedied by stronger consent, data minimization, collection limitation, and purpose limitation obligations.

  • Instead of crafting narrow exemptions for the legitimate needs of law enforcement, you propose to exempt entire agencies from accountability and legal restrictions on how user data may be accessed and processed.

  • Your report also casts doubt on whether individuals should be allowed a right to object over how their data is processed; this is a core pillar of data protection, without a right to object, consent is not meaningful and individual liberty is curtailed.

The letter is in keeping with one of the major principles of Mozilla's own manifesto that states: “Individual security and privacy is fundamental and must not be treated as optional online”. Baker also writes how essential data protection is in order to guarantee the right to privacy, and how the company's Indian community has been instrumental in making people aware of the importance of data protection; Mozilla is pretty clear about its own roll with regards to privacy as well. In a recent interview with Neowin, Mozilla's Barbara Bermes said that the company intends to provide "the most privacy by design and by default."

The Supreme Court of India is currently hearing a case on Aadhaar in which a senior advocate, speaking against Aadhaar, has argued that the system is unconstitutional. The court, however, disagrees; it is set to hear the advancing arguments on February 13.

Source: Mozilla

Report a problem with article
Previous Story

Xiaomi's Mi 7 could arrive with 8GB RAM and a 4,480mAh battery

Next Story

YouTuber Logan Paul gets his ad revenue suspended due to disturbing behavior... again

33 Comments - Add comment

Advertisement