There is a lot of publicity about misuse of customer data by
Internet-based services companies. Regulatory agencies and the government
should do their work and reduce risks to citizens. I have some suggestions:
1) An
App demanding blanket access to customers’ contacts, photographs, etc. should not be
allowed. They cannot harvest your contacts and bother all those in those contacts
with commercial solicitation. The App could ask for limited access, such as the email address of a person in my contacts when I ask the App to send him an email. The service provider should not misuse his email address to solicit business from him.
2) Terms
and Conditions for online apps should not exceed 200 words and should be in
simple English. The T & C are not for obfuscation.
3) For
Indian customers, the legal jurisdiction should always be local Indian courts according
to the customer’s location.
4) Irrelevant
information should not be demanded. It is no business of the email provider
whether the customer is male or female, and what the customer’s age is.
5) No
credit card or debit card of the customer should be stored by the online
service provider. The customer can always provide them for one-time use,
whenever required, directly to the payment gateway.
6) No
customer data should be taken beyond the Indian border. If an Indian customer goes
abroad, his customer data should continue to stay in India and not be migrated
abroad.
7) Selling
of customer data should not be allowed.
8) The
government should consider encouraging Indian companies to provide Internet-based
services provided they offer greater privacy and security to Indian customers.
9) The
use of cookies should be regulated by law. They should be used only for the
essential functions, not for gathering data beyond the minimal requirements for
the service provided and commerce in such data.
Online services do provide free services and earn their costs and profits through advertising. The indirect costs to the customer of being spied upon all the time and having one's privacy violated should be considered in this context.
Srinivasan Ramani
No comments:
Post a Comment