Javascript on your browser is not enabled.

Advertisement

Subhashish Bhadra

The author is Principal at Omidyar Network India

More From The Author >>

Beat Compliance Fatigue With PrivacyTech

The proposal is understandably making businesses anxious. Privacy, however, also helps businesses attract and retain customers. Businesses need not choose between compliance and customer experience. With PrivacyTech, they can do both!

After making its way through several committees and public consultations, India’s Data Protection Bill is on the cusp of becoming reality. While a Parliamentary Committee is putting final touches, it is clear that businesses will now be forced to revisit how they collect and process customer data. If they fail to meet their fiduciary obligations, the draft bill envisages fines of up to 4 percent of global turnover. The proposal is understandably making businesses anxious. Privacy, however, also helps businesses attract and retain customers. Businesses need not choose between compliance and customer experience. With PrivacyTech, they can do both!

Take data breaches, for example. From Mobikwik to Air India, many iconic Indian businesses have reportedly suffered data leaks of their customers’ personal information. Data breaches are almost inevitable – 73 percent of Indian companies expect to face it in the next year. Today, these incidents pop up as headlines for a few days. But with the data protection bill, failure to notify the regulator can lead to a fine of up to Rs Five crore or two percent of global turnover, whichever is higher. Leaked data, however, could be floating in the open, deep or dark web for months before it is noticed. Companies that detect breaches faster can reduce its financial impact by 25 percent. Thankfully, PrivacyTech start-ups like CloudSEK serve as sentinels who constantly scan the internet to detect any data-based risks for their clients. Such AI-based software scan billions of documents to find traces of breached data.

60 percent of data breaches are caused by company insiders. These, however, are the very people who need to access customer data in order to develop or market the product. Companies can create a win-win situation by clearly identifying which department has access to what kind of data. The marketing department, for example, may only need aggregate data and not individual data. But enforcing such rules was hitherto technically impossible. PrivacyTech start-ups like SecurelyShare now make it a reality, by helping clients automatically detect where all personal data is stored, placing it in a secure vault, and restricting who can access it. This ensures that companies have greater control over internal data flows.

Companies will need to be vigilant not just against data breaches, but during everyday data operations, to ensure that their internal processes are compliant. If they fail to process data according to the draft bill, they may attract a fine of up to Rs 15 crore or four percent of global turnover. This is not a trivial task – today’s businesses write and re-write code frequently, and compliance teams struggle to maintain light but effective oversight. Thankfully, PrivacyTech start-ups like Ayottaz enable businesses to choose from a marketplace of products and services that make compliance easier for already over-worked compliance teams. Its AI-based algorithm makes recommendations based on factors like a company’s size, geography, and industry.

Many other obligations under the draft law now have technical solutions. For example, several start-ups have products that remove customers’ personal information from datasets, while still allowing businesses to get value from it. Others help clients securely verify employees, vendors, or customers logging on to the platform without collecting much data. Such innovations show that businesses need not worry too much about meeting the impending data protection law – tech start-ups have made it much easier. Instead, they should focus on identifying their most critical data gaps, understanding the available solutions, and getting themselves ready to not just be compliant, but also to win customer trust through better privacy

Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house



Around The World

Advertisement