Home » Data Protection » Emergence of data regulations

Emergence of data regulations

Dominance of data based organizations and emergence of data regulations

Changes across world

The economies across world are going through churning due to Technological Changes that have transformed the whole business paradigm in last several decades. It is being predicted for quite long that Internet is going to change the world, and the information will be a key aspect at business marketplace for staying competitive. And it is very evident today by way of organizations like Amazon, Facebook, Google, Alibaba being dominant in the market place.

Market Leaders and data-based dominance

If you see the fast rise to dominant place, one thing is clear, it has happened because of the way these organizations have utilized data as key currency, and personal information is soul of that data.

  1. Google and Facebook have platforms that provide targeted marketing infrastructure to its customers. Google key offering has been online advertising (over Google and YouTube), but it has diversified to offering to provide software suites, cloud services, map & traffic services. For lot of services like Google Maps, crowd sourcing of data from users has played a key role.
  2. Amazon has not only become a market place offering its products and services, it has created an ecosystem offering products & services for which the underlying supply chain and logistics has been enabled by it only. Through this, it has taken on & beaten both traditional Brick & Mortar competitors like Walmart, and tech organizations like Google and Facebook, despite being consistently low on profitability.
  3. If one compares other media platforms, capturing user’s base & behaviour patterns data, most of them have already been acquired, LinkedIn by Microsoft, Instagram by Facebook. Few organizations like Twitter and Pinterest are still operating independently, though their only way of making money is through advertisements.
  4. Comparatively pure tech companies (IBM, HP, Dell, and likes) that don’t have general user penetration though at stable level, don’t have valuations like earlier ones.
  5. In few cases, an approach for valuation of user data based on market capitalization of organizations and corresponding user base has been used, which estimate the size of per user

    Source: https://www.forbes.com/sites/tristanlouis/2013/08/31/how-much-is-a-user-worth/#6490c1891c51

    data to be around $120 per year on an average(Ref: Forbes article).

Accelerating Factors

  1. The relative ease with which information can be captured about end users (Social Media, electronic input on web / mobile, cross validation (oAuth2)
  2. Commerce possibilities among entities across world has become easy to be done at ease of button. Digital payments, payment gateways, ACH / ECS etc have further accelerated the pace. (Bio-metric based authentication platforms provided by state bodies.)
  3. Location independence of processing that is taking place, and ease with which data can be transported across world.
  4. Emergence of big data and analytics that support faster and accurate decision making for commercial decisions.

Impacts on end users

While these changes have helped end users, they have lead to serious side-effects of significant exposure of user’s contents and behaviour patterns to Corporate and State bodies and has a potential to impact them more seriously if not taken care of. To cite, look at few of factors:

  1. Both general and sensitive data of world citizens is lying with Big Corporates, Government bodies, that if misused can lead to serious consequences. (This includes credit card summary, purchase transactions and related patterns etc.) Few organizations like Facebook are targeting financial data of customers
  2. Crowd sourcing  of data has increased the possibility of lot of personal data being made public with services like Truecaller. Further, any breach into this data can have serious consequences. Take the example of Truecaller, a user that has installed and using TrueCaller application is not only sharing his personal data, but of other contacts (who may have shared data only with user based on some relationship). In such a case, any serious incident can lead to compromising of personal data of a user who may not be willing to share his data with TrueCaller. (Infact, a security incident was reported by Truecaller on 18-July-2013, though as per their claim the attack did not disclose any passwords or credit card information.)
  3. Level of interference into citizens day to day life has increase significantly. (Unsolicited calls, behavioural re-targeted  marketing)
  4. In number of cases, data inaccuracies lead to citizens being devoid of services in day to day life (financial rating, government services, Health facilities, devoid access to premises etc)
  5. Further, the level of commitment of providing organizations (both Private and Government) is not clear, leading to various scandals coming to lime-light across multiple locations and time-points. (Facebook / Cambridge Analytica scandal , UIDAI data leakage in India)
  6. Control of few leading nations over world economics: Though not talked openly, nations have apprehension over losing control or edge in world market by consolidation of user data with big corporate of select countries. Few leaders have already quoted as Big Data becoming such an important aspect, that nation states will fight over it. The few incidents that came to light recently, may be tip of the iceberg.

Data Protection Regimes

Nations across whole world are gearing up for creating an environment to provide protection and privacy to its citizen regarding their personal data. The need has been realized as early as around 1970s, and effort started gradually to provide privacy to citizens. The impact on such data has got significant with proliferation of mobile technologies.

The evolution has been gradual and following could be observed regarding laws:

  1. Several codes, standards and acts (laws) have evolved across nations for covering the privacy domain.
  2. Few regulations have emerged that are suggestive in nature and at some places prescriptive in nature.
  3. Few laws covered private entities, while several other were created for public & governance bodies.

While US has been traditionally on liberal side for Data Privacy regulations that leads to organization (Data controllers, processors) being able to utilize the opportunity, EU has been at other end being tilted heavily towards citizens, with recent GDPR setting bench mark for expectations from Data Controllers & processors.

We can expect significant changes due to ripples of new Privacy regulations getting introduced across world. 

In next article, I will be sharing brief overview of Personal Data Protection Bill introduced in India on 27th July 2018, and this bill seems to strike a balance among various considerations of user’s, providers’, and nation states.




Leave a Reply

Your email address will not be published. Required fields are marked *