The Data Protection Bill, which is to be tabled in the current monsoon session of Parliament, has received applause for using the term ‘she or her’ to refer to all genders in an attempt at “women’s empowerment.” Much has been debated about the exemptions granted to government agencies and the question of age and consent, but a gendered review of the bill remains missing.
The Internet is nothing but a virtual extension of the society we live in. Hence, patriarchal and misogynistic norms dictate even the virtual space. Online gender-based violence (OGBV) transcends any notions of “advanced progressive societies”. Examples are rife, from women in “first world countries” like the United States accounting for instances of sexual harassment in the Metaverse to 9 million women in Mexico who found their allies in the unexpected Luchadora (Fighters) Foundation, which helped set up a support service for victims of online abuse.
Closer to home, according to NCRB data for 2021, 10,730 cases of OGBV were reported by women. Of course, apologists always argue that “it’s not real” and “they can always just shut off the internet,” but this rhetoric fundamentally argues that women are lesser beings who do not deserve equal access to a space that men have equal rights to.
Studies have shown that women are more concerned about their data privacy and experience less control than men. They are also more profiled than men when it comes to being targets of e-commerce sites. If this is the Gold Rush of the 1800s, women on the internet are the proverbial gold mines of data.
This is not simply limited to online shopping. There are actual instances of threats to physical and mental wellbeing from the theft of sensitive personal data of women. In a recent attack on the famous lingerie site for women, Zivame, the hacker threatened to sell the personal data of thousands of women on the internet in exchange for cryptocurrency. This was also later given an ugly communal angle. The intersectionality of gender and religion puts minority women at the top of the list, as evident from the infamous ‘Sulli deal’ app case back in 2021. This explains why women are more hesitant to share personal data on the internet.
Apart from using ‘she and her’ pronouns, the bill (albeit creating special protection for transgenders) largely remains silent on the question of women. The bill classifies data regarding health and sexual life as sensitive data, which can be processed by foreign entities with special permission from the state. Does this mean that information about Indian women’s period flow, ovulation, and menstrual cycles can be processed in foreign locations? This is concerning as one of the reasons for low cybercrime convictions in India remains the increasing attacks from transboundary entities, and women are the primary targets of these attacks. Sexual health data of men and women cannot be treated in the same manner since women are the primary victims of cybercrimes like sextortion, blackmail, stalking etc. According to a study, in the past 5 years, the number of cases reported has been on a steady climb, with present legislation under the IPC and IT Act falling short of convictions.
Although the bill deserves credit for including the Yogyakarta Principles and the recommendations of the UN Special Rapporteur on the Right to Privacy while dealing with data on sexual and gender orientation, more needs to be done than simply using female pronouns in an ostentatious attempt to seem feminist. It should be a priority to have female members on the Data Protection Board. Vulnerability assessments of the information systems of companies and government agencies should have added parameters to review the data of female consumers. There needs to be gender sensitization training for staff of government agencies and companies who are used to seeing data in a gender-neutral way bereft of sociological understanding. Lastly, more women need to be a part of the legislative process so that they are not invisibilized in our laws and remain at the mercy of empty rhetoric of empowerment.
In a landmark judgement in 2017, the Supreme Court declared the right to privacy a fundamental right. The right to privacy is not only fundamental to a dignified human existence but also to the functioning of a democracy. Without it, societies would crumble. The UN Women Report on VAWG termed OGBV as having a “chilling effect” on women’s voices. The issue of cybercrime and data protection are inextricably linked and require a coordinated approach to policy making. With the development of Big Data and the Internet of Things, there is a paradox amongst consumers between desiring a smooth, personalised experience on the internet and the fear of being turned into products themselves as a price for it. But if half of the population is sidelined, overlooked, and victimised in the new era of Web 3.0, can we truly claim to be moving towards a more free and advanced society?
Mayurpankhi Choudhury – Motivated researcher with a strong academic record, currently working towards a career in public policy in India. I hold a B.A. (Hons) degree in History from Lady Shri Ram College for Women, New Delhi, and a Master’s Degree in History with a specialisation in Medieval History from Jawaharlal Nehru University, New Delhi.
