white_paper_on_data_protection_in_india_171127_final_v2
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>in</strong>form <strong>in</strong>dividuals/authorities of a security breach and establishment and ma<strong>in</strong>tenance of<br />
privacy enforcement authorities. 46 Further cross-border flows of <strong>data</strong> 47 and <strong>in</strong>ternati<strong>on</strong>al<br />
cooperati<strong>on</strong> to improve global <strong>in</strong>teroperability of privacy frameworks have been recognised<br />
as essential for a global <strong>data</strong> ec<strong>on</strong>omy. 48<br />
The 2013 OECD Guidel<strong>in</strong>es have been criticised as be<strong>in</strong>g fundamentally <strong>in</strong>compatible with<br />
modern technologies and Big Data analytics which have revoluti<strong>on</strong>ised how <strong>data</strong> is collected<br />
and processed. 49 Presently, corporati<strong>on</strong>s possess <strong>data</strong> that has been generated or collected<br />
from a wide variety of sources. Such <strong>data</strong> may <strong>in</strong>clude f<strong>in</strong>ancial <strong>data</strong>, employee <strong>data</strong> and<br />
customer <strong>data</strong>. It may be relevant to note that at the time when these guidel<strong>in</strong>es orig<strong>in</strong>ated,<br />
<strong>data</strong> process<strong>in</strong>g, <strong>in</strong>clud<strong>in</strong>g collecti<strong>on</strong> activities were more l<strong>in</strong>ear and easier to def<strong>in</strong>e.<br />
However, now the situati<strong>on</strong> has changed with <strong>data</strong> be<strong>in</strong>g collected and used <strong>in</strong> ways not<br />
envisaged at the time these pr<strong>in</strong>ciples were developed. We have, as a c<strong>on</strong>sequence, been<br />
ushered <strong>in</strong>to the era of modern technologies and Big Data analytics. While Big Data does not<br />
have a precise def<strong>in</strong>iti<strong>on</strong>, it can be understood as essentially <strong>in</strong>volv<strong>in</strong>g gather<strong>in</strong>g large<br />
quantities of <strong>data</strong> and apply<strong>in</strong>g <strong>in</strong>novative technology (such as predictive analysis) to them to<br />
extract knowledge. 50 Big Data is usually characterised by 3 Vs, namely ‗volume‘ as <strong>in</strong><br />
massive <strong>data</strong>sets, ‗velocity‘ which relates to real time <strong>data</strong>, and ‗variety‘ which relates to<br />
different sources of <strong>data</strong>. 51 Other technological developments such as artificial <strong>in</strong>telligence, 52<br />
mach<strong>in</strong>e learn<strong>in</strong>g 53 , the Internet of Th<strong>in</strong>gs 54 are all part of the Big Data ecosystem and their<br />
use is becom<strong>in</strong>g <strong>in</strong>creas<strong>in</strong>gly comm<strong>on</strong>place.<br />
45<br />
OECD, ‗Thirty Years After: The OECD Privacy Guidel<strong>in</strong>es‘ (2011), available at:<br />
http://www.oecd.org/sti/iec<strong>on</strong>omy/49710223.pdf (last accessed 31 October 2017).<br />
46<br />
OECD, ‗Thirty Years After: The OECD Privacy Guidel<strong>in</strong>es‘ (2011), available at:<br />
http://www.oecd.org/sti/iec<strong>on</strong>omy/49710223.pdf (last accessed 31 October 2017).<br />
47<br />
OECD, ‗Thirty Years After: The OECD Privacy Guidel<strong>in</strong>es‘ (2011), available at:<br />
http://www.oecd.org/sti/iec<strong>on</strong>omy/49710223.pdf (last accessed 31 October 2017).<br />
48<br />
OECD, ‗Thirty Years After: The OECD Privacy Guidel<strong>in</strong>es‘ (2011), available at:<br />
http://www.oecd.org/sti/iec<strong>on</strong>omy/49710223.pdf (last accessed 31 October 2017).<br />
49 Jordi Soria-Comas and Josep Dom<strong>in</strong>go-Ferrer, ‗Big Data Privacy: Challenges to Privacy Pr<strong>in</strong>ciples and<br />
Models‘, 1(1) Data Science and Eng<strong>in</strong>eer<strong>in</strong>g (March 2016), available at:<br />
https://l<strong>in</strong>k.spr<strong>in</strong>ger.com/article/10.1007/s41019-015-0001-x (last accessed 31 October 2017).<br />
50 Kate Crawford and Jas<strong>on</strong> Schultz, ‗Big Data And Due Process: Towards A Framework To Redress Predictive<br />
Privacy Harms‘, 55(1) Bost<strong>on</strong> College Law Review 93 (2014).<br />
51 Informati<strong>on</strong> Commissi<strong>on</strong>er‘s Office (UK), ‗Big Data, Artificial Intelligence, Mach<strong>in</strong>e Learn<strong>in</strong>g and Data<br />
Protecti<strong>on</strong>‘, available at: https://ico.org.uk/for-organisati<strong>on</strong>s/guide-to-<strong>data</strong>-protecti<strong>on</strong>/big-<strong>data</strong>/ (last accessed 31<br />
October 2017).<br />
52<br />
Artificial Intelligence perta<strong>in</strong>s to ‗giv<strong>in</strong>g computers behaviours which would be thought <strong>in</strong>telligence <strong>in</strong><br />
human be<strong>in</strong>gs‘. See The Society for the Study of Artificial Intelligence and Simulati<strong>on</strong> of Behaviour, 'What is<br />
Artificial Intelligence', available at: http://www.aisb.org.uk/public-engagement/what-is-ai, (last accessed 3<br />
November 2017); See generally Informati<strong>on</strong> Commissi<strong>on</strong>er‘s Office (UK), ‗Big Data, Artificial Intelligence,<br />
Mach<strong>in</strong>e Learn<strong>in</strong>g and Data Protecti<strong>on</strong>‘, available at: https://ico.org.uk/for-organisati<strong>on</strong>s/guide-to-<strong>data</strong>protecti<strong>on</strong>/big-<strong>data</strong>/<br />
(last accessed 31 October 2017).<br />
53 Mach<strong>in</strong>e Learn<strong>in</strong>g is def<strong>in</strong>ed as: ‗the set of techniques that allow computers to th<strong>in</strong>k by creat<strong>in</strong>g mathematical<br />
algorithms based <strong>on</strong> accumulated <strong>data</strong>‘. See Deb Miller Landau, ‗Artificial Intelligence and Mach<strong>in</strong>e Learn<strong>in</strong>g:<br />
How Computers Learn‘, IQ Intel (17 August 2016), available at: https://iq.<strong>in</strong>tel.com/artificial-<strong>in</strong>telligence-andmach<strong>in</strong>e-learn<strong>in</strong>g/,(last<br />
accessed 3 November 2017).<br />
54 ‗The c<strong>on</strong>cept of the Internet of Th<strong>in</strong>gs or IoT refers to an <strong>in</strong>frastructure <strong>in</strong> which billi<strong>on</strong>s of sensors embedded<br />
<strong>in</strong> comm<strong>on</strong>, everyday devices – ‗th<strong>in</strong>gs‘ as such, or th<strong>in</strong>gs l<strong>in</strong>ked to other objects or <strong>in</strong>dividuals – are designed<br />
to record, process, store and transfer <strong>data</strong> and, as they are associated with unique identifiers, <strong>in</strong>teract with other<br />
devices or systems us<strong>in</strong>g network<strong>in</strong>g capabilities.‘, See Article 29 Data Protecti<strong>on</strong> Work<strong>in</strong>g Party Op<strong>in</strong>i<strong>on</strong>,<br />
‗Op<strong>in</strong>i<strong>on</strong> 8/2014 <strong>on</strong> the <strong>on</strong> Recent Developments <strong>on</strong> the Internet of Th<strong>in</strong>gs‘, European Commissi<strong>on</strong> (16<br />
8