Most of us recently heard about how Domino’s data with respect to its employees and customer details including personal information such as Name, Phone No., Email Address, and Physical Location of Delivery (most which includes residential information) got leaked and is easily accessible by all. The data leaked consists information of about 18 crore orders. As of now nearly 3 crore searches have been made by people who visited the link, which shows how easily your personal information is being accessed by anybody. In the world today, where everyone is being encouraged to go digital, it is very important to realize and notice the dark side of the technology as well. Even if any financial information (such as card/payment details) are not leaked, the sensitive personal information can be extremely threatful to one's privacy. If you have ordered from dominos in the past, people who have your number or email id can get such information about you. 

  

There have been concerns with respect to WhatsApp’s privacy. Further, a similar incident of data leak was witnessed recently in Facebook’s data breach of around 533 million users, Air India's hack wherein information of 45 lakh passengers was leaked including passport information, payment information and last year when BigBasket faced a data leaked wherein data of around 2 crore people was online. 

  

This information is then misused for several purposes including-


Spear Phishing- The fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.


Political Gains- Votes can be manipulated.


Doxing- Search for and publish private or identifying information about (a particular individual) on the internet, typically with malicious intent.


Online Vandalism- Defacing the digital assets of a company or individual to cause nuisance or permanent damage.


Threat to intellectual property, damage to reputation, targeted advertisements, extortion, stalking, etc. amongst others.  

 

The question that arises in such gross negligent circumstances, what are the potential safeguard measures? Why isn’t there a law to punish those who do not maintain the privacy and to those who hack the information? 

  

The Data Protection Bill, 2019 is still being analysed and isn’t enforced yet. The joint committee examining the bill has further extended the submission of report to monsoon session. Currently, the Information Technology Act, 2000 and its corresponding rules regulate the personal data. However, the scope of the same is very narrow. Article 21 of the Indian Constitution also covers personal information under Right to Privacy. This being a fundamental right can only be enforced against the State under Article 12.  

  

Since the law is not enforced yet, the least the people can do to protect their data is to change your passwords to much more complex ones and remove all the card information which is saved on the applications. People should also use the two-factor authentication which acts as an extra layer of security as it requires two different forms of identification in order to make something accessible. 

 


Also read- Is Live-in Relationship Legal in India?