Trust is the backbone of the digital economy. When individuals trust the internet, they participate more freely. Building trust requires sustained efforts and is complex but can create immense value. Fostering trust, in the Indian context, has three key dimensions:
First, enabling India’s “Next Half Billion” (who mainly come from the bottom 60 per cent of the income distribution) to benefit from the internet to improve their lives. For this, we need to reimagine the internet to make it more contextual and relatable for them so that they build the trust and confidence to transact online. A related aspect is getting more women to participate in the internet. Protecting the next half billion from fraud and loss of data is crucial — such incidents can materially undo progress in their internet journey and require disproportionate efforts to get them back online.
Several innovative entrepreneurs focusing on this segment are addressing these issues through product and business design tailored for them. Technology-led models can help improve their lives by providing them access to basic services like education, healthcare, financial services, and transportation, as well as opportunities for employment and productivity.
Second, addressing broader concerns around excessive data collection, privacy and data security. These go beyond just the next half billion. Individuals prefer digital products they trust. Businesses can leverage privacy and trust as a competitive advantage. Also, for responsible data sharing, businesses need to acknowledge that the “burden of proof” on privacy rests with providers rather than consumers. It is unfair to expect consumers to have the time, knowledge and expertise to go through privacy policies, which are usually lengthy and complex. The onus must shift from over-reliance on “informed consent” by users to “quality assurance” by providers.
Third, tackling issues of misinformation and disinformation. With the democratisation of content-generation, especially due to social media, ensuring the authenticity of information online has become more difficult than earlier imagined.
Businesses need to meet the rising expectations from regulators and customers to be responsible stewards of data.
At a minimum, ensure compliance: So far, the issue of privacy and data protection has been addressed through a compliance lens. Businesses must comply with regulations and prepare themselves for increasing regulatory requirements, especially once Parliament passes the data protection bill. Globally, we are seeing regulators impose fines for poor data practices. In Europe, large fines have been imposed on Google, British Airways, and Marriott amongst other businesses. Several Indian businesses are exposed to regulations in Europe or the US, and India itself will soon have its privacy law.
Businesses also need to protect themselves against increasing online threats. India saw a 37 per cent increase in data breaches between 2019 and 2020, with over half of Indian companies in an IBM survey reporting a data breach in the past two years.
Some immediate steps that businesses can take include having clearer privacy policies and collecting only as much data as they need. Starting with a better understanding of how customer data is collected, where it is stored and who has access to it — most businesses do not know this today. Customers should also have the ability to delete their own data.
Business models that help build trust: Privacy-Tech is emerging as an attractive investment area, and has seen unicorns emerge in the US (One Trust), Israel (BigID) and several other countries. Globally, investments in privacy-tech have increased five-fold since 2011. We expect an acceleration in India as well.
The government must bring in the long-awaited data protection law. The current draft is with a parliamentary committee which is due to submit its report in April. A law will dispel the uncertainty and bring much-needed clarity. Further, the envisaged Data Protection Authority must be well-governed and adopt a transparent and consultative approach, since we are all still learning.
The government is also the builder and custodian of large scale public digital infrastructure as modular, open-source, interoperable systems. For these Open Digital Ecosystems (ODE), the tech layer alone is not enough. It is equally important to pay attention to the governance around these platforms and engage the community of developers, entrepreneurs and citizens around them. This would ensure that these platforms are leveraged fully, and meaningful solutions are built on top of them.
Regulatory bodies can step in to guide consumers. The food regulator’s food safety certifications have now become part of our everyday lives. Similarly, a “privacy rating” for apps can help individuals make more informed choices about their data. We also need new intermediaries that warn consumers about dangerous practices, represent them, and seek recourse on their behalf.
The widespread adoption of responsible tech practices — inclusion, privacy, security, transparency and good governance — is essential to building trust in technology and creating a thriving and well-governed digital society.
The writer is managing director, Omidyar Network India