Privacy Advisor

Researchers Publish Study of Indian Privacy Perceptions

February 1, 2013

By Angelique Carson, CIPP/US

In an effort to better understand privacy perceptions in India, two researchers have conducted the largest-ever survey on the topic. Prof. Ponnurangam PK (PK) and Niharika Sachdeva of the research group PreCog, Indraprastha Institute of Information Technology, Delhi, India, have published “Privacy in India: Attitudes and Awareness V 2.0,” which follows a smaller version of the study, published in 2005.

The survey involved interviews with 20 participants, four focus group discussions of 31 participants and a survey that elicited responses from 10,427 individuals— the largest study conducted on privacy in India. It aimed to better understand how Indians’ view their own privacy, particularly given advances in technology and government projects such as Unique ID (UID), which aims to give each Indian citizen an identifying number.

“The concept of privacy in India has not been investigated in detail, and we also lack empirical data with respect to privacy perceptions among Indian citizens,” the report’s executive summary states. “Recent developments in the Indian scenario; e.g., privacy bill, NATGRID, UID project, signify need for privacy awareness and understanding in Indian masses.”

Participants were asked questions on their perceptions of mobile phone privacy, Internet and online social media privacy, financial privacy and privacy when it comes to the government. Some of the study’s “key takeaways” include participants’ concerns about privacy surrounding mobile phones and the Internet—more than other platforms or venues; participants’ lack of awareness about privacy concerns in public, such as surveillance cameras; participants’ increasing likelihood to store private information on mobile devices; participants’ beliefs that privacy laws existed where they did not, and a decline in government trust since 2004. The authors say this indicates an overall concern and awareness of privacy since 2004 and that India is “on the path” to becoming a “privacy-aware and privacy-concerned” society, a sentiment recently reflected in a blog post by Simon Davies in reaction to the report.

The Privacy Advisor asked PK to discuss the survey’s findings and what it reveals about perceptions of privacy in India.

The Privacy Advisor: In your survey, you discuss cultural influences on Indian attitudes about data collection and privacy, but you say this is starting to shift?

PK: The majority of the participants felt passwords to be the most protected personally identifiable information (PII) and then financial information, such as bank and credit card details. In comparison to this, religion, mobile phone numbers and health-related information were rated as less protected PII. In spite of India being a caste- and religion-sensitive country, these were rated low in the survey. Of participants surveyed, 76.63 percent felt that consumers have lost control over how personal information about them is circulated and used by companies, and almost 71 percent felt websites collect information that can be a probable threat to their privacy whereas in 2004, seven percent of participants mistrusted the businesses.

These changes might be the outcome of some of the recent developments in the media about cases like stalking on online social networks or more awareness regarding identity thefts, etc., as reported by the participants in the study. We also believe this could be because of the technology penetration in India in the form of mobile phones, Internet, etc.

The Privacy Advisor: Was there an aspect of your research findings that most surprised you?

PK: From our understanding, privacy awareness of various issues has increased from the 2004 study. We are still analyzing this data in detail to provide more quantitative numbers to it.

  • About 46 percent of the participants read the privacy policy while creating accounts on online social networks.
  • About 63 percent of the participants changed their default privacy settings on the social network service they use.
  • Most participants were conscious of the information they store on mobile phones. We asked participants what they did before selling their mobile phones, and 71.7 percent mentioned deleting their personal data from the mobile phone.

The Privacy Advisor: You note that citizens have “misinformed mental models of the privacy situation.” Can you explain?

PK: Forty-two percent of the participants felt, “Since I have specified my privacy settings, my data is secure from a privacy breach.” After setting the privacy settings, participants felt secure about the access to various information. Also, 49 percent of participants mentioned privacy laws that pretty much don’t exist in the country. Finally, people felt that if they deleted information from the mobile phone, it would be deleted forever, whereas it is possible to get information from these.

The Privacy Advisor: You also note that trust in the government has reduced from 2004. Is there a reason for that, and how might this hamper adaptation of the UID and NATGRID projects?

PK: About 55 percent agreed that “Government agencies could have access to details—e.g., banking, land records, Internet logs, phone records, arms records, driving license, property records, insurance and income tax records—which can be misused by government agencies.” We got similar numbers about government sharing data with private organizations from projects like UID. We still have to dig more into finding out the actual reasons for this behavior.

The Privacy Advisor: Will you conduct a follow-up survey in the future to study a potential shift in attitudes and behaviors around privacy?

PK: We are inspired by Alan Westin. We plan to do it on regular basis—medium term, couple of years once. We also want to develop a privacy index for India. Our hypothesis is that the classification of Fundamentalist, Pragmatist and Unconcerned is going to be different from what is in the US.

Read more by Angelique Carson:
Data protection was not a game at London’s 2012 Olympics
Getting to know a privacy pro
Chief privacy officers discuss employee privacy training
Young privacy pros make their way onto the scene