The makings of a digital kleptocracy
Jul 31, 2019 | Reetika KheraWhen data is monetised, as the Economic Survey advocates, it becomes toxic and harms public interest
Last year, I was denied information requested under the Right to Information Act (RTI) 2005. I had sought the names of agencies empanelled by the Unique Identification Authority of India for an “image makeover” and the expenditure on it. It was denied by invoking the exemption clauses of Sections 8(d) and 8(j), respectively, i.e. the ‘commercial confidence, trade secrets or intellectual property’ and ‘unwarranted invasion of the privacy of the individual’. Apart from the recent RTI Amendment Bill, 2019, there are many ways in which the RTI is being undermined.
In 2017, my co-author and I wanted to check what proportion of beneficiaries receive their pensions or rations using data provided through government portals, for example the National Food Security Act and State social security pensions. We found data without dictionaries, abbreviations that were not spelt out anywhere, figures that were inconsistent across different pages of the same website, and missing or broken links. It took us months to decipher public data. With several caveats about interpreting the results.
More recently, there has been public furore over the delay in the release of data, for example farmer suicides, suppression of data such as on employment, bungled migration data in the Census, and controversy over the methodology used to calculate GDP growth rates. These data are the backbone of policy making in India.
These three — information obtained through the RTI Act, administrative data and data collected by the statistical machinery of government — are examples of “data as a public good”. But these are scarcely mentioned in a chapter so-titled in this year’s Economic Survey. Instead, its focus is on the expanding digital footprint of people, falling costs of data generation and storage and the growing data mining industry. The thrust is on how to monetise these data, for example by selling data that we share with the government in trust. Another worrying suggestion is consolidation of our data across various ministries.
Under watch
The view in the Economic Survey is data utopic. In this data-fairyland, (near) real-time data collection can be a sufficient condition for remedying gaps. If only the officers-in-charge could receive a weekly report about school toilets that do not function, “they can take the required action”.
The day after I read this chapter of the Survey, a local Gujarati paper carried news of an e-memo being sent (thrice) to the owner of a scooter for a traffic offence; the scooter had been stolen 10 months ago. The police had spotted the scooter on a CCTV in various localities of the city but were unable to catch the culprits and return the scooter. This anecdote is at odds with the data-fairyland conjured up in the Survey. In the real world, remedial action on non-functional toilets is more likely to be hampered by a lack of funds, of accountability or an officer, rather than lack of data. Having data/information can only take us that far.
Each time you click on a link, or even hover your mouse over one, your behaviour is being tracked and analysed to understand your preferences and needs and being sold to companies to enable “targeted” advertising. The fact that it is often not very well targeted is something its proponents prefer to ignore. As a single person I regularly receive SMSes which offer a solution to this problem: “kya aapke pati aapki baat nahi maante? (does your husband not listen to you?”) Mistargeting is not always accidental. “Predatory lending” thrives on it. For instance, ICICI functionaries sold insurance policies to unsuspecting customers such as poor Mahatma Gandhi National Rural Employment Guarantee Scheme workers and Kisan Credit card holders whose premiums it was clear they would not be able to pay. The Survey’s data utopia is misplaced.
Data can easily become toxic. The Survey does not tell us this. Ever wondered why you get SMSes offering you companionship (“aao meethi meethi baat karen”), cures for baldness (“ganjapan door karen”) or strategies for losing weight (“vajan ghatayen”). Somewhere along the line, your mobile number and/or email ID got sold in the data market. Even as most of us delete these, others get trapped. A former Chief Justice of India was duped of ₹1 lakh recently as a result of a fraudulent email. In Mumbai, identity fraud was perpetrated by accessing personal data (address, phone number and Aadhaar). In phishing attacks in Rourkela, Odisha, fraudsters called bank customers asking for Aadhaar details to update their account, but used it to siphon off money. The Survey treats personal data (such as date of birth, mobile numbers and addresses) the same way as data on rainfall, temperatures and road networks.
In the examples above, the fraudsters had to get access to people’s data. The Survey is proposing that these be sold for a price. This has already started. In early July, the Union Minister of Road Transport and Highways, Nitin Gadkari, informed Parliament that the department had earned ₹65 crore from the sale of vehicle registration and licence data. Imagine the consequences of your health data being sold to private health insurance companies; or your data on your earnings being sold, or data being used in the way Cambridge Analytica did.
The many faultlines
If data can be toxic, centralising and consolidating it, as advocated by the Survey, increases its toxicity exponentially. Contrary to the widely advocated principle of decentralised/disaggregated data silos as a first line of defence by data security experts, the Survey portrays decentralisation as an obstacle. With decentralised data, data mining companies employ sophisticated tools to combine distinct data silos to create profiles of individuals. Consolidating it, for example if a unique number such as Aadhaar links them, reduces the company costs for profiling and targeting. Centralising it (in one data silo) means that a single data breach can compromise all aspects of your life.
There are two other toxic aspects of the personal data economy. Often they are collected and shared without our consent or knowledge, for example CCTVs or web browsing histories. When our data are used by opaque algorithms to make crucial decisions about our lives, such as shortlisting for jobs, getting health insurance or whether you were speeding, we cannot question them.
Some believe that a data protection and privacy law can, even will, take care of these concerns. Indeed, the Survey merrily assumes such laws to be in place. Given the government’s track record on Aadhaar, these laws are unlikely to protect citizen’s rights adequately. Further, privacy and data protection laws will face unique implementation challenges in India. This is on account of low levels of tech-digital and legal literacy combined with pre-existing social inequalities which directly bear upon power relations between us (as citizens/consumers) and them (government/corporations).
Jumping on the bandwagon
Even where such laws have been put in place, those societies/economies are grappling with the fallout of corporations whose practices can best be described as “digital kleptocracy”. To understand this, take the example of lending and credit scores. The literature documents unscrupulous use of algorithms to identify vulnerable targets such as search histories of single African American mothers in the United States that are used to sell them home or education loans which it is clear they are unlikely to be able to repay. Thus, digital kleptocracy is a means by which rich tech companies mine poor people’s data,in fact, steal; in most cases the person is unaware of their data being harvested and used for profit. What the Economic Survey advocates is not only for the government to facilitate such practices but also climb aboard this bandwagon of digital kleptocrats.
Reetika Khera is an Associate Professor at the Indian Institute of Management, Ahmedabad