India Announces Project to Address Mobile Privacy ConcernsI-CAMPS Project Will Identify Security, Privacy Issues of Mobile Users
The Indian government has launched a project to identify security and privacy issues in mobile devices and applications, national cybersecurity coordinator Lt. Gen. Rajesh Pant tells Information Security Media Group.
The Internet and Mobile Association of India, or IAMAI, has been appointed to execute the project, which is called the Indian Citizens Assistance for Mobile Privacy and Security, or I-CAMPS, he says
The project was launched by the National Security Council Secretariat, or NSCS, in collaboration with the Ministry of Communication and Information Technology, the Ministry of Finance and the Ministry of Home Affairs, Pant tells The Economic Times.
The technology platform, which will be a mobile application as well as a desktop website, will help Indian citizens identify and fix vulnerabilities in their mobile devices based on the operating system and the apps - both pre-installed and on the app store, the financial daily reports.
Satyendra Verma, head of I-CAMPS and adviser for cybersecurity and mobile security at IAMAI, tells the newspaper that a framework for the project is being developed. After that, he says, a central database will be created and the information will be made available in the form of an API. Depending on the mobile device and the apps being used, the API will offer curated information on vulnerabilities in the app, Verma adds.
ISMG could not immediately determine the implementation date for the project.
Project a 'Necessity'
Akarsh Singh tells ISMG that the I-CAMPS privacy project is a necessity, as there is no certainty when the Personal Data Protection Bill - the only legislation that aims to protect citizen data - will come into effect. Singh is an advisory board member of the International Association of Privacy Professionals and CEO and co-founder of IAPP's official training partner Tsaaro Academy.
Several Chinese apps, including social media app TikTok and mobile gaming platform PUBG, were banned in India for collecting and using citizen data for profiling. "Now, a lot of bad actors can push notifications and control user behavior. These activities can prove to be a national security concern, and that's the reason the NSCS had to step in to help protect people's privacy, especially in the mobile ecosystem," Singh says.
He says the Personal Data Protection Bill would benefit corporate India more than the country's citizens. "India's IT prowess stems from exporting IT services and application development. The bill gives assurance to the U.S, European and Middle Eastern markets to do business with India. It is not intended to fulfil the requirements of Indian citizens, but that of Indian businesses," he says.
Addressing Privacy Rights
In contrast to the European Union's Data Protection Law Enforcement Directive, India's proposed Personal Data Protection Bill does not include regulations on monitoring citizen data by government entities, Singh says. Whether the latest privacy project can allay citizens' government-led surveillance fears remains to be seen, he adds.
When it comes to privacy, the government must take a nuanced approach, cyber and privacy law expert Prashant Mali tells ISMG. “National interest in some cases overrides citizens' right to privacy. Exemptions must be granted under the authority of law, as opposed to blanket executive orders,” he says.
In addition to the I-CAMPS project, Mali says that online gaming and content should be controlled by the Telecom Regulatory Authority of India and included in the Data Privacy Act.