Last updated: December 3, 2019
A most accepted definition for privacy is the “right to be let alone” popularised by Warren and Brandeis. They recognised right to privacy had evolved in the 19th century to not only physical privacy a concept embedded in most European legal systems since the middle ages but also a potential injury of the feelings, which could, result from the public disclosure of embarrassing private facts. Non-electronic environments, where privacy intrusion was typically based on fresh information, referring to one particular person only, and stemming from traceable human sources. Today, details about an individual’s activities are typically stored over a longer period of time and available from multiple electronic sources. Privacy breaches can therefore also occur indirectly. customer segmentation, a practice where companies divide their potential customers into groups that share similar characteristics, can lead to an exclusion of people from services based on potentially distorted judgements. From a privacy perspective, user devices should be fully controllable by the people who own them. Data should not flow in and out of them without their owners being able to intervene. Additionally, devices should respect their owners’ physical privacy, allow access only when needed and at appropriate times.
When building a platform, from a privacy perspective, there are two architecture design strategies.
- Privacy by policy
- Privacy by design
Network centricity is the degree to which a user’s system relies on a network infrastructure to provide a service, the degree of control a network operator can exercise over a client’s operations. More network centricity means potentially less privacy for clients. A decentralised system will limit platform vendor, owner, or even infrastructure provider. The platform is developed by following a privacy aware design process. This is often referred as privacy by design.
Identifiable is defined as the degree to which data can be directly attributed to an individual. Personal data can be entered into a system anonymously (e.g., e-voting) or by identifying oneself (e.g., when conducting online banking transactions). Naturally, anonymous transactions imply a higher degree of privacy for the data provider.
Indian privacy state
A very often referred research on privacy consciousness in India suggests that, both rural and urban population is not paying enough attention. The study states that Indian subjects are less concerned about their personal data misuse than Australia, Great Britain and Germany. Only a 7 percentage of the subjects are really informed and took measures to restrict data collection. The study concludes by notifying the need for proper privacy education for every undergraduate programs.
Banking sector in India is totally unaware about data protection. In India, there is no legal framework for data protection like European Union. The user has to carry the burdens of platform inaccuracies. Traditional banks who provide fin-tech services don't met compliance with international standards.