Risk of data breach in India will continue to rise: Omidyar-Deloitte study

As the Personal Data Protection Bill goes through final iterations, a study by social impact investment firm Omidyar Network and Monitor Deloitte said the risk of a data breach continues to increase especially from insiders, including employees or third parties with access to data. 

For the report titled Unlocking the potential of India’s data economy, 50 primary stakeholders including Indian private enterprises, investors, regulators and privacy experts were interviewed apart from individuals for their insights on data behaviour. 

The key challenges across the data value chain are:

*Limited monitoring of data practices of vendors that often lead to breaches

*Early-stage ventures often failed to maintain adequate security measures due to resource crunch

*Many enterprises do not provide an accessible option for users to deactivate their accounts

The study pointed out that among the data collected by enterprises, data from transactions on the app and background data which includes other permissions such as location and SMS make up 90% of the information associated with the user profile.

On the user side, the study found: 

*Respondents are least willing to share financial data

*Only 20% respondents would discontinue using a service in case of a data breach while 62% are willing to take temporary measures such as changing login details

*50% respondents said they did not read the privacy policy of service.

“We recognise that tech is not a silver bullet - the role of non-tech solutions and government, civil society and media in driving social change is vital, and we seek to actively engage and collaborate with them by the way of this report,” said Roopa Kudva, managing director, Omidyar Network. 

“As for the next steps, we’ll be working with our own portfolio companies to develop a deeper understanding and practical implications of these findings and recommendations.”