Fraud Management & Cybercrime , Governance & Risk Management , Privacy

India Announces Project to Address Mobile Privacy Concerns

I-CAMPS Project Will Identify Security, Privacy Issues of Mobile Users
India Announces Project to Address Mobile Privacy Concerns

The Indian government has launched a project to identify security and privacy issues in mobile devices and applications, national cybersecurity coordinator Lt. Gen. Rajesh Pant tells Information Security Media Group.

See Also: HIPAA Compliance: What The Healthcare Industry Needs To Know

The Internet and Mobile Association of India, or IAMAI, has been appointed to execute the project, which is called the Indian Citizens Assistance for Mobile Privacy and Security, or I-CAMPS, he says

The project was launched by the National Security Council Secretariat, or NSCS, in collaboration with the Ministry of Communication and Information Technology, the Ministry of Finance and the Ministry of Home Affairs, Pant tells The Economic Times.

The technology platform, which will be a mobile application as well as a desktop website, will help Indian citizens identify and fix vulnerabilities in their mobile devices based on the operating system and the apps - both pre-installed and on the app store, the financial daily reports.

Satyendra Verma, head of I-CAMPS and adviser for cybersecurity and mobile security at IAMAI, tells the newspaper that a framework for the project is being developed. After that, he says, a central database will be created and the information will be made available in the form of an API. Depending on the mobile device and the apps being used, the API will offer curated information on vulnerabilities in the app, Verma adds.

ISMG could not immediately determine the implementation date for the project.

Project a 'Necessity'

Akarsh Singh tells ISMG that the I-CAMPS privacy project is a necessity, as there is no certainty when the Personal Data Protection Bill - the only legislation that aims to protect citizen data - will come into effect. Singh is an advisory board member of the International Association of Privacy Professionals and CEO and co-founder of IAPP's official training partner Tsaaro Academy.

Several Chinese apps, including social media app TikTok and mobile gaming platform PUBG, were banned in India for collecting and using citizen data for profiling. "Now, a lot of bad actors can push notifications and control user behavior. These activities can prove to be a national security concern, and that's the reason the NSCS had to step in to help protect people's privacy, especially in the mobile ecosystem," Singh says.

He says the Personal Data Protection Bill would benefit corporate India more than the country's citizens. "India's IT prowess stems from exporting IT services and application development. The bill gives assurance to the U.S, European and Middle Eastern markets to do business with India. It is not intended to fulfil the requirements of Indian citizens, but that of Indian businesses," he says.

Addressing Privacy Rights

In contrast to the European Union's Data Protection Law Enforcement Directive, India's proposed Personal Data Protection Bill does not include regulations on monitoring citizen data by government entities, Singh says. Whether the latest privacy project can allay citizens' government-led surveillance fears remains to be seen, he adds.

While the concept of data privacy is relatively nascent among Indian citizens, Singh says the widespread uproar that stemmed from WhatsApp changing its privacy policy shows that Indian citizens are now more aware of privacy. "Nobody expected such widespread criticism of WhatsApp's privacy policy change - it shows we're slowly getting there," he says.

When it comes to privacy, the government must take a nuanced approach, cyber and privacy law expert Prashant Mali tells ISMG. “National interest in some cases overrides citizens' right to privacy. Exemptions must be granted under the authority of law, as opposed to blanket executive orders,” he says.

In addition to the I-CAMPS project, Mali says that online gaming and content should be controlled by the Telecom Regulatory Authority of India and included in the Data Privacy Act.


About the Author

Soumik Ghosh

Soumik Ghosh

Former Assistant Editor, Asia

Prior to his stint at ISMG, Ghosh worked with IDG and wrote for CIO, CSO Online and Computerworld, in addition to anchoring CSO Alert, a security news bulletin. He was also a language and process trainer at [24]7.ai. Ghosh has a degree in broadcast journalism from the Indian Institute of Journalism & New Media.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.