Google and Indian Privacy Laws (Part I)
Search engines are the most important actors on the Internet today and Google is the undisputed king of search. Google dominates the Internet, guiding users to the information they seek through an ocean of unrelated data with astonishing precision and speed. It is a powerful tool, evoking ambivalent feelings. On the one hand, we adore Google for its simple, modest-looking interface masking a hyper-complicated algorithm, which is the very essence of online ingenuity. We admire it for providing superb services at no (evident) cost, a practical miracle in today's market economy.
On the other hand, we grow wary of Google's increasing clout as the ultimate arbiter of commercial success ("to exist is to be indexed by a search engine") and as a central database for users' personal information, not only logging their search queries but also storing their e-mail (Gmail), calendars (Calendar), photos (Picasa), videos (YouTube), blogs (Blogger), documents (Docs & Spreadsheets), social networks (facebook), news feeds (Reader), credit card information (Checkout) – in short, their entire digital lives.
Google's access to and storage of vast amounts of personal data create a serious privacy problem, Princeton computer scientist Edward Felten had called "perhaps the most difficult privacy [problem] in all of human history." Every day, millions upon millions of users provide Google with unfettered access to their interests, needs, desires, fears, pleasures and intentions. Counter to conventional wisdom, this information is logged and maintained in a form which may facilitate the identification of specific users for various purposes, including not only their targetingwith effective advertising but also prosecution by the government or pursuit by private litigants. Let us put it like this, "link by link, click by click, search is building possibly the most lasting, ponderous, and significant cultural artifact in the history of humankind: the Database of Intentions." This "Database of Intentions" constitutes a honey pot for various actors, ranging from the CBI ,NIA, NTRO etc which expend crores of rupees on online surveillance and cannot overlook Google's information treasure trove, to hackers and data thieves, who routinely overcome information security systems no matter how robust.
A leading advocate for human rights, Privacy International, had initially ranked Google's privacy practices as the worst out of more than 20 leading Internet service providers, including Microsoft, Yahoo, Amazon and eBay. 1Privacy International describes Google as "an endemic threat to privacy."It criticizes Google's "aggressive use of invasive or potentially invasive technologies and techniques" and claims the company "fails to follow generally accepted privacy practices such as the OECD Privacy
Guidelines and elements of EU data protection law." EU data protection regulators time and again have also launched an investigation into Google's data retention and privacy practices, which was quickly expanded to cover other search engines as well. China’s Blockage is well known to the world.
How did Google evolve from being a benevolent giant seeking to "do no evil" into a privacy menace, an unruly private sector "big brother" reviled by human rights advocates worldwide? Are the fears of Google's omniscient presence justified or overstated? What personal data should Google be allowed to retain and for how long? Is Google Intermediary as per The IT Act,2000? What rules should govern access to Google's database? What are the legal protections currently available in India and are they sufficient to quell the emerging privacy crisis? What does India's New The Privacy Protection Act,2013 have to say? These are the main issues I will address in Part II
1.Privacy International, A Race to the Bottom - Privacy Ranking of Internet Service Companies, A Consultation report