By Arryan Mohanty

Published on: October 27, 2023 at 17:48 IST

With over 1 billion people linked via online social media, user confidentiality is becoming increasingly crucial, and it is actively debated in the media and investigated in academia. Social networking networks are a powerful and enjoyable method to interact with people all around the world.

The Internet is only secure for those who are aware of the risks and security issues and can take precautions to protect themselves, thus the best option is to educate yourself. Social media is a useful tool since it allows you to share what you want to share, but it may also be used for malicious reasons, in which case you are responsible for your security.

Protection and prevention strategies in the context of Internet usage are straightforward. However, it is imperative to exercise caution while engaging with online platforms. One must be vigilant in safeguarding personal information such as current address, hometown, email addresses, instant messenger usernames, activities, interests, favorite sports, favorite teams, favorite athletes, favorite music, television shows, games, languages, religious views, political views, inspirations, favorite quotations, service users history, education history, and relationships. Additionally, the user also contributes revisions through status updates or Tweets, which may encompass various forms such as an idea, an action, a link they desire to share, or even a video.

All of this information reveals a lot about the user, which will be of interest to a variety of people. Because of several such negative events, social networks have been blamed for violating their members’ privacy.

The relevance of a user’s secrecy has rarely been emphasized in academics or the media. In addition to some proposed technological solutions, a large number of projects have been launched to educate users so that they do not reveal excessive personal information.

Data is sometimes referred to as the “new oil” in today’s digital era, powering innovation, efficiency, and development across businesses. However, tremendous power comes with great responsibility, and the ethical implications of how organisations manage data are more important than ever.

Data security and privacy pose significant challenges in today’s increasingly digital society on a global scale. The extensive collection, storage, and utilization of personal data have raised awareness among individuals about the potential risks and vulnerabilities associated with their information.

The occurrence of prominent data breaches and privacy scandals involving large multinational corporations serves as evidence that robust legislation for safeguarding data is urgently required. Authorities worldwide have acknowledged the necessity of protecting individuals’ data rights. These international initiatives strive to strike a delicate balance between fostering innovation and economic advancement while preserving individuals’ privacy and control over their data.

“Even if society as a whole makes more personal information available to the public, there is still a right to privacy. People feel, often incorrectly, that they can control the personal information they make public by deciding who has access to it and how it will be used. It is incredibly difficult to describe a fluid notion like privacy because it affects practically every element of a person and society to some extent.”-

Daniel J Solove

Privacy and Security Issues: Violation of Data Ethics

The primary purpose of Online Social Networks (OSNs) is to distribute material with as many members as possible.

Users post their normal activities on OSNs such as Facebook, Twitter, and LinkedIn. OSN members occasionally share information about themselves and their lives with friends and coworkers. However, some of the exposed elements via the OSN in this public data are private and should not be shared at all. Users typically discuss various aspects of their everyday lives through status updates or the posting of images and videos. Currently, many OSN users use smartphones to snap photos and movies for posting on OSNs. These data may contain location information as well as metadata.

OSN service providers gather a variety of data about their customers to deliver personalised services, however, this information might also be used for commercial purposes. Furthermore, users data may be shared with third parties, resulting in privacy breaches. This information can be used by malevolent users to exploit and compromise an individual’s privacy.

Information retrieval and data privacy are two developing topics in computer science with distinct purposes. Data extraction strategies are provided by information retrieval. It also provides an organisation with a set of methodologies for data analysis and decision-making based on the information collected.

Data privacy safeguards information against unauthorised and harmful access that exposes, alters, assaults or destroys data saved or shared online. For example, information retrieval researchers may overlook privacy concerns when developing solutions for information retrieval and management. On the other side, data privacy researchers typically limit information-retrieval strategies to shield sensitive data from attackers seeking personal information.

More sensitive information about individuals is now available online, thanks to the rise of social media and the rising popularity of online communication via OSNs. Though a majority of the material published on OSNs is not sensitive, some individuals disclose personal information. As a result of the availability of publicly available sensitive data, user privacy may be compromised. When publicly available data may be traced and their actions can be linked with these data for mining and extracting sensitive information from it, users’ privacy is jeopardised.

Data ethics is a field of ethics concerned with the responsible and ethical use of data, specifically in the context of data collection, processing, analysis, and sharing.

It includes concepts and standards that help people, organisations, and communities make ethical judgements about data-related activities. Data ethics aims to balance the benefits of using data for various reasons with the possible damages that might result from its abuse.

The following are some of the key issues Linked with data ethics:

• Privacy: Individual privacy is protected by ensuring that data is acquired and utilised in ways that respect their right to manage their personal information.
• Consent: Obtaining informed and voluntary consent from individuals before collecting their data, particularly where sensitive or personally identifiable information is involved.
• Transparency: Being open and honest about how data is gathered, processed, and utilised so that people can understand and make educated decisions about their data.
• Fairness: Fairness is the assurance that data analysis and decision-making processes do not prejudice or hurt certain persons or groups based on variables such as ethnicity, gender, or socioeconomic position.
• Accountability: Accountability is the process of holding individuals and organisations accountable for their data-related behaviours and ensuring that systems are in place to remediate data breaches or unethical behaviour.
• Data Security: Putting in place strong security measures to keep data safe from unauthorised access, breaches, and cyberattacks.
• Data Ownership: Defining data ownership and the rights and obligations of persons and organisations concerning data.
• Data quality: Data quality is the assurance that the data utilised for analysis and decision-making is accurate, reliable, and up-to-date.
• Use Cases for Data: Considering the ethical implications of certain data use cases, such as predictive analytics, surveillance, or data-driven decision-making in fields such as healthcare and criminal justice.
• Social and Cultural Considerations: Recognising that data ethics differs between cultures and countries, and considering these variances when making ethical judgements.

Data ethics is especially important in the age of big data, artificial intelligence (AI), and machine learning, when the collecting and analysis of massive volumes of data may have far-reaching social consequences. Ethical data practises are critical for avoiding discrimination, prejudice, and other negative outcomes that might result from the indiscriminate use of data.

For several following compelling reasons, data ethics are extremely important in our increasingly data-driven world:

• Individual privacy is protected by data ethics. As organisations acquire and utilise data, it is critical to protect individuals’ rights and guarantee that their information is not misused or revealed without their permission.
• Trust is built through ethical data practises. Organisations that prioritise data ethics display a dedication to customer respect, which can lead to a stronger brand reputation and customer loyalty.
• When data is not managed responsibly, it can perpetuate or magnify biases. Ethical data practises aim to decrease prejudice in algorithms, decision-making, and data collection in order to promote fairness and equity.
• Many regions have enacted data privacy legislation (for example, the GDPR in Europe and the CCPA in California). Ethical data practises ensure that these rules are followed, lowering legal risks and potential fines.
• Many organisations and institutions have formed codes of conduct and ethical frameworks to govern their data-related operations, and legislative measures to enforce data ethics standards and safeguard individuals’ rights in the digital age are becoming more important.
• When collecting data from individuals, ethical data practises emphasise gaining informed consent. Individuals will be able to make educated decisions about giving their data if they understand how their data will be utilised.
• Transparency is promoted by ethical data practises, which provide clear information regarding data collection, utilisation, and sharing. This transparency aids people in understanding and trusting data processes.
• Strong data security measures are included in ethical data practises to defend against breaches and unauthorised access, lowering the chance of personal and sensitive data falling into the wrong hands.
• It is a matter of social responsibility to be ethical in data processing. Ethical data practises prioritise human and societal well-being over profit or convenience.
• Data accuracy is emphasised in ethical data practises. Data that is misleading or erroneous can have major implications, thus ethical organisations try to keep data quality high.
• Ethical data practises aim to reduce the potential harm that data misuse might cause, whether that harm be human harm, discrimination, or unjust treatment.
• Ethical data practises promote the use of data for good, such as solving societal problems, enhancing healthcare, and addressing environmental issues.
• Organisations that prioritise data ethics are more likely to be sustainable in the long run. Unethical data practises, on the other side, might result in public outrage, legal consequences, and, eventually, economic loss.

To summarise, data ethics is a critical component of responsible data management. They safeguard individual rights, promote fairness, and ensure that data is used to serve society rather than harm it. In the digital age, adopting data ethics is not only a legal and regulatory duty, but also a moral imperative.

Privacy Concerns Regarding Social Media Sharing

Social media enable their users to create and share many types of material. YouTube and Vimeo are examples of video and audio-sharing services, while Instagram and Flickr are examples of photo-sharing services, among many others.

However, the purpose of this article is not to go into detail about the many sharing service providers, platforms, apps, and so on that are available on the market, but rather to explore the privacy issues that occur when sharing various types of content on these networks. Posting content such as images and videos raises new privacy problems due to their context providing facts about the subject’s physical and social setting.

The expanding amount of personal content available online exposes consumers to a new set of privacy concerns. Digital cameras, and more recently, a new class of camera phone applications that can upload photographs or video content directly to the web, are making it easier to distribute personal content. Privacy concerns are particularly apparent in the case of multimedia collections, which may reveal a great deal about the user’s personal and social context.

When individuals post things online, they frequently do not consider or are unaware of the risks. However, after the statement has been typed, it can be copied, saved, and transmitted. Furthermore, the user no longer owns all of the information shared to social media.

“So, if you use Gmail, Yahoo Mail, Flickr, etc. If you use YouTube or Facebook, you have given up entire control over your personal information.” Because of their susceptibility, video and photo-sharing platforms can pose a significant risk, particularly to teenagers and young people. Although. However, it is crucial to note that there have been a number of situations where children have been harassed online by pedophiles, and these cases have also resulted in suicide.

Challenges of Social Media and Its Governance

The right to free expression has long been a source of contention. Various legal systems in various regions of the world have attempted to control free speech on various grounds. The fundamental right to free speech and expression is guaranteed under the Indian constitution. However, under Article 19(1) of the Constitution¹, this right is not absolute.

Article 19(2)² allows the state to apply various reasonable restrictions. These can be imposed in the interests of India’s sovereignty and integrity, the state’s security, cordial relations with foreign governments, public order, decency, or morality, or in relation to contempt of court, defamation, or incitement to a crime. The Supreme Court has likewise ruled that such restrictions are reasonable.

According to Article 19(1)(a)³ of the Indian Constitution, all citizens enjoy the right to free speech and expression. The principle underlying this paragraph is found in the Preamble to the Constitution, where a solemn resolution is created to provide liberty of thought and expression to any or all of its citizens. The exercise of this freedom, however, is subject to reasonable constraints provided by Article 19(2) of the Constitution.

Freedom of speech and expression are frequently simply defined by the fact that everyone has the right to speak and express themselves in our country. The right to free expression may be a complicated one. Because freedom of expression is not total and carries with it special duties and responsibilities, it should be subject to some limitations. This right is protected under the constitution’s article 19(1)(a). It unequivocally grants Indian citizens the right to free speech and expression.

Freedom of speech and expression refers to the right to freely express one’s ideas and opinions by word of mouth, writing, printing, photographs, or other media. It also involves the right to spread or publish people’s opinions.

The courts can carve out the right to privacy by creatively interpreting Article 19 (1) (a) and Article 21⁴ of the Constitution. After examining the evolution of privacy laws in India, it was determined that these rules arose primarily from torts and the Constitution.

Both laws take various approaches to protecting privacy. Damages for invading one’s private space are recognised in common law, and appropriate restrictions for such invading are contained in Article 21.

Without a doubt, the right to privacy has been recognised and accepted as an essential human right throughout the world, and it is commonplace in modern law that privacy is an integral component of human personality. Human rights have been established through international and regional accords. Each of the regimes described above prioritises privacy.

 As a result of India’s signing of international treaties, Indian law has grown to be informed by them. These ideas are crucial in the evolution of rights in India. Looking back in history, it is clear that enormous effort has been made to improve privacy laws, but there is still no such complete law to deal with the legal and techno-legal concerns of safeguarding privacy and data privacy in e-commerce.

The Data Protection Tribunal stated in the case of Innovation (Mail Order) Ltd. v. Data Protection Registrar that fair data collection means that when information is collected, the data user must inform the data subject of certain matters that will allow the individual to decide whether or not to provide the information. This includes, in particular, information regarding the intended uses for the data, unless such use is evident.

The incapability of the IT Act and the Need for Separate Data Protection Law

Because of the fast growth of technology and the increasing digitisation of personal information, the relevance of data privacy and security has grown. People are concerned about third parties gaining unauthorised access to, using, selling, and abusing their personal information.

Although India has privacy legislation in place, the Information Technology Act of 2000, it does not effectively address the situation of data protection concerns today. The Act, which was passed more than 20 years ago, represented significant progress in the regulation of electronic transactions and the development of legal frameworks for digital governance, but it has lost some of its efficacy in safeguarding people’s data privacy in modern times.

One of the IT Act’s primary shortcomings is its limited scope in tackling developing challenges such as data breaches, cyber threats, and privacy violations in the digital realm. The Act has no particular laws governing how corporations obtain, keep, and utilise people’s personal information, nor does it provide clear criteria for ensuring people’s permission and control over their data. Furthermore, the 2000 Act falls short of addressing the issues raised by cross-border data transfers, data localisation, and cutting-edge technologies such as artificial intelligence and machine learning.

The Digital Data Protection Act, 2023: An Overview

The Digital Personal Data Protection Bill, 2022 seeks to provide a comprehensive framework for the protection of personal data in India. Its primary goals are to promote safe digital environments and appropriate data processing in organisations. The scope of the law includes both public and private entities who handle personal data, such as data fiduciaries and processors.

It attempts to govern the full personal data lifecycle, including data collection, storage, processing, and transfer, with a focus on cross-border data transfers and sensitive personal data. According to reports, this measure is a key legislative initiative for India intended to reindustrialise data protection and privacy standards.

The Digital India Act, 2023 is another law that has been submitted and is considered to be complementary to the DPDP bill. It is stated to be established to focus on multidisciplinary elements of the country’s digital progress.

While the Digital Personal Data Protection Bill focuses on data protection and privacy, the Digital India Act addresses a wide range of modern-day digital governance issues, such as infrastructure, artificial intelligence, competition among internet platforms, and cyber security.

The essential requirements are critical for data protection and privacy rights. These regulations aim to protect individuals’ personal data, give them control over it, and promote responsibility in data processing.

It is critical to obtain explicit consent before processing personal data. To enable individuals to make informed decisions about their data, data fiduciaries must get consent from people in a clear and open manner.

It should be stressed that consent must be precise, freely provided, and reversible. Individuals are granted power over their personal information under this clause, giving them even greater control.

Individuals are given access to personal information maintained by data fiduciaries, fostering transparency and responsibility. They may now check and validate the authenticity of their personal information. Furthermore, customers will be able to request adjustments if any mistakes or omissions are identified, protecting the accuracy and integrity of the data.

The measure recognises the right to be forgotten, commonly known as the right to erasure. People will be able to request that their personal information be erased or deleted in specific circumstances, such as when it is no longer necessary or after consenting to withdrawal. This provision is intended to provide consumers with more control over their data while also protecting their privacy.

Another key element is data localization, which requires sensitive personal data to be handled and maintained in India. This step is intended to strengthen and safeguard data security and individual privacy rights under Indian data protection regulations, as well as to mitigate the dangers associated with cross-border data transfers.

The law also addresses the regulation of profiling practises and computerised decision-making procedures. Such systems must be used in a transparent, fair, and responsible manner, and data fiduciaries must adhere to these standards. This section protects individuals from unfair or discriminatory outcomes caused by computerised decision-making mechanisms.

To ensure compliance, the bill establishes the India Data Protection Board. The Board is in charge of handling complaints and monitoring data protection problems. In the case of a data breach, it has the authority to make judgements, investigate, and respond promptly. The Board operates using technology, and for optimal operation, it employs techno-legal means.

Conclusion

To sum up, the widespread existence of social media platforms in our daily existence has presented crucial apprehensions relating to the security and secrecy of data. As this digital landscape keeps evolving, so do the challenges involving the safeguarding of user information from unauthorized access and misuse.

The resolution of data protection violations committed by social media giants necessitates a collective endeavor involving regulatory bodies, technology experts, legal practitioners, and notably, the platforms themselves.

The resolution of these violations necessitates a multifaceted approach that encompasses comprehensive legal frameworks, robust enforcement mechanisms, and a commitment to ethical practices in handling data.

That being said, obstacles continue, including the global reach of these platforms and the intricate jurisdictional issues that arise during investigations and enforcement. Attaining a balance between innovation and compliance remains an ongoing challenge, compelling companies to prioritize data protection in line with technological advancement.

Besides, the significance of user awareness and advocacy cannot be downplayed. Empowering individuals to comprehend their rights, assert their privacy preferences, and hold social media giants accountable is crucial for establishing a more secure and trustworthy digital ecosystem.

When we think about the future, it is apparent that emerging technologies and evolving societal expectations will persist in shaping the landscape of data protection. The collaboration between stakeholders, such as governments, industry leaders, and civil society, will have an incredibly crucial role in adapting to these changes and ensuring that the rights and privacy of users continue to be at the forefront of this digital revolution.

In navigating the data protection violations perpetrated by social media giants, it is crucial that we maintain watchfulness, flexible, and dedicated to the principles of openness, responsibility, and user-centeredness. Only by means of such joint endeavors can we plot a route towards a more secure and privacy-respecting digital era for all.

References

• The Digital Personal Data Protection Bill, 2023
• A Paradigm Shift In Data Protection: Analyzing The Digital Personal Data Protection Bill In The Context Of India’s Privacy Landscape
• Data Privacy in Social Media Platform: Issues and Challenges
• Digital technologies: tensions in privacy and data | Journal of the Academy of Marketing Science
• Data Ethics in the Digital Age : Navigating the Ethical Waters of Data in Business | Data Ethics Vs. Business Ethics

Endnotes

1.  Constitution of India, 1949, Art.19(1)

2.  Constitution of India, 1949, Art.19(2)

3.  Constitution of India, Art.19(1)(a)

4.  Constitution of India, 1949, Art.21