Bengaluru Police wants to collaborate with Google to conceptualise data-driven solutions to the city’s infamous traffic predicament. Using Google’s Street View technology, Bengaluru Police aims to obtain detailed insights from the vast pool of driving trends and traffic information from Google Maps to find optimal traffic solutions, such as reducing traffic signal wait times, limiting congestion at intersections, and helping commuters obtain greater fuel efficiency.
While the move has been welcomed for its innovative approach, it raises pertinent concerns about the collection and use of crucial non-personal real-time data by Google.
In order to provide accurate, real-time traffic information to its users, Google Maps uses machine learning, along with data obtained from local government sources, aggregate location data and comparative data based on traffic insights, depending on the location of the user. Google’s Artificial Intelligence (AI) tools then optimise the collected data to provide predictive results, such as faster routes. However, in order to provide pinpoint accuracy and precision-based outcomes, Google relies on mining a tremendous amount of data from its users, which has raised alarm bells over a burgeoning ‘Surveillance Capitalism’.
Proposals for ‘smart, data-driven’ solutions are often dependent on, and assume, a state of ‘always-on’ universal surveillance. Essentially, the collection and use of any personal or non-personal data by tech companies like Google circumvent questions of transparency and accountability as to how the mined data is stored and how it can be accessed. However, such data has highly significant economic benefits for the collecting entity, as data which can reveal user preferences and behaviour is extremely valuable. The sale of user-based insights, and identifiable data metrics, to third parties has given rise to the threat of ‘Surveillance Capitalism’ – a phenomenon which should warn users about the threats posed by tech companies and their use of our data.
Identifiable user data has umpteen benefits for companies as it provides them the opportunity to “nudge” users into making consumer choices that benefit the companies. Non-personal data, which does not contain identifiable characteristics, does not offer much solace to users either, as encryption of data to hide identifiable traits, or to prevent disclosure of personal characteristics, has proven to be a less-than-ideal solution so far.
In the context of smart-city solutions, such as the proposal to collaborate with Bengaluru Police, the concerns associated with Surveillance Capitalism assume importance. In 2020, Google’s Sidewalk Labs backed out of a multi-million dollar project to develop Quayside in Toronto as the world’s “most innovative district” after a huge backlash from privacy and data security experts over the opaque framework of how user data would be collected and used by the company.
While the project garnered a lot of initial support from locals, fears of data harvesting, issues of privacy, and a lack of transparency over data storage soon followed. As these experts noted, in a paradigm where surveillance and collection of user data happened all the time, the fundamental value of consenting to the use of data suffered tremendously.
Sidewalk Labs’ failed Toronto experiment exemplifies the fears associated with data-driven solutions to everyday problems. The protection of privacy and transparency must be a parallel goal, and not a pawn sacrifice, for Big Data companies in their quest to provide data-driven solutions. The balance of greater efficiency through data-driven solutions, while maintaining security and privacy methods, has proven hard to come by so far for these companies. And in the absence of a stringent framework such as the GDPR in Europe, there does not exist an adequate deterrent for these companies to force them to imbibe the best practices on privacy and data security.
Specifically, in the Indian context, the discourse on these issues is still in its infancy. While the Supreme Court’s recognition of the right to privacy as a fundamental right under Article 21 of the Constitution in K S Puttaswamy v Union of India has provided much-needed impetus, issues surrounding data security and privacy still remain largely uncharted.
The Personal Data Protection (PDP) Bill, 2019, which was withdrawn from Parliament by the Ministry of Electronics and Information Technology recently, showed a significant stride towards the establishment of a robust superstructure regulating the use of personal and non-personal data. With the JPC recommending the development of a comprehensive legal framework to govern the digital ecosystem, India seeks to move towards more sustainable data-driven solutions in the immediate future. Google’s proposal to collaborate with Bengaluru Police should therefore aim to provide adequate privacy and data security safeguards for greater transparency and accountability, so that it can alleviate Bengaluru of its long-time nemesis without facing any roadblocks of its own.
(The writer is a Bengaluru-based commercial lawyer)