[ad_1]
Indian Railways’ catering and ticketing arm Indian Railway Catering and Tourism Corporation (IRCTC) has withdrawn a controversial tender — which proposed hiring a consultant to monetise a bulk of its passengers’ data — since the government has withdrawn the data protection Bill.
The tender had alarmed activists who said it could lead to a violation of privacy of people who have used IRCTC’s services since it sought to analyse data points like their names, contact numbers, addresses and even “login/password” credentials. In a notification to stock exchanges on Friday, IRCTC said it was withdrawing the tender since the Centre has withdrawn the “Personal Data Protection Bill, 2018”.
The company is also learnt to have informed about the tender’s withdrawal to the Shashi Tharoor-led Parliamentary Standing Committee on IT. The panel had summoned IRCTC officials for a hearing on Friday on the topic of citizens’ data privacy and safety after its passenger data monetisation plans had raised concerns among privacy activists.
The decision to withdraw the tender was taken at IRCTC’s annual general meeting on Friday before its representatives testified in front of the Parliamentary panel. The tender was also taken down from the company’s website on Friday.
An IRCTC spokesperson did not respond to an immediate request for comment.
According to the tender initially released in July, IRCTC customer data that could potentially be monetised included passengers’ name, age, mobile number, gender, email address, payment mode, “login/password”, among other things. The selected consultant also had to segregate monetisable data, identify its market potential and prepare a final roadmap for the monetisation of this data.
The company was looking to monetise its digital assets expecting that it would give it a revenue of around Rs 1,000 crore. “IRCTC is a reservoir of huge amounts of digital data which opens several opportunities for IRCTC for monetisation. IRCTC wishes to leverage its data assets and market position to drive strong growth in revenues,” the Corporation had said in the tender. “IRCTC envisages a revenue generation potential of Rs 1,000 crore through monetisation of its digital assets. IRCTC wishes to engage a consulting firm to help in identification, design, and development and roll-out of data monetisation opportunities.”
Newsletter | Click to get the day’s best explainers in your inbox
Incidentally, the tender document said that the selected consultant had to prepare the monetisation roadmap keeping in mind the “current Personal Data Protection Bill, 2018” along with other laws like the Information Technology Act, 2000 and EU’s General Data Protection Regulation (GDPR).
The data protection Bill that IRCTC had mentioned in the tender document is not even the latest version of the Bill that was withdrawn. Earlier this month, the government had withdrawn the Data Protection Bill, 2021 from Parliament, saying it will come out with a “comprehensive legal framework” for the online ecosystem.
While experts have welcomed the withdrawal, they also cautioned about the increasing efforts of data collection and monetisation in the country. “The withdrawal of the tender is a positive step and cause for cautious optimism. Structural incentives for ‘data maximisation’ remain in place in the country, however, and also need to be addressed in the near future,” said Prateek Waghre, policy director at the Delhi-based digital rights group Internet Freedom Foundation (IFF).
[ad_2]
Source link