Privacy in India: Attitudes & Awareness Ponnurangam K & Dr. Lorrie Cranor Computation, Organizations and Society School of Computer Science Carnegie Mellon University 1st June 2005 email@example.com
Motivations • Business Process Outsourcing in India • Security and privacy laws needed • Privacy law currently being drafted • Privacy has not been studied in India • Recent interest in privacy in India • Privacy and new technology (e.g. mobile phones) • Studies in the US, Australia and Europe • Westin (1978 – 2004) • Office of the Federal Privacy Commissioner in Australia • Others
Methods • Written Survey – 407 subjects • Sharing of different types of data • Internet privacy (e.g. web cookies, browser settings) • Interviews – 29 subjects • Computerization of the data • Information collection and misuse • Privacy technologies • Website study – 89 websites • Google – Shopping directory • Web privacy policies
General Privacy Concern Source for US: Westin 1992 and 1993 study with Harris Interactive
Sharing of different data types US Data: Source: Cranor, Lorrie, et al., "Beyond Concern: Understanding Net Users' Attitudes About Online Privacy." 1999.
Some quotes from the interviews • General • “I really don’t have anything to hide” • “My friends and relatives know all my financial, medical and personal information” • About shop • “They don’t know anything other than my physical presence” • About government • “They would not abuse it”
Observations • Identity Theft – physical impersonation • Publicly available travel information • Age, gender, source station, destination station, seat number, first name, last name, etc. • University grades • Notice boards • Trust factor finding • 86 % of people highly trusted the organizations • 87% of the people highly trusted the government
Conclusions • Unaware about privacy issues and related consequences • Trust is the driving factor for their behavior • Personal information is available, people are starting to misuse it • Some types of data are more sensitive than others • Need to create more awareness among public about the issues related to sharing of information • Consider the results from such studies while drafting privacy laws
Future Work • To conduct a study with representative samples across different states in India • To compare our results with other recent studies in the US and other countries • Conducting similar studies in the US and in India at the same time • To conduct periodic studies to see the trend in the behavior • To consider the results obtained in such studies for designing technological solutions
Thanks toCUPS Lab, CMUCyLab, CMUDr. Raj ReddyElaine Newton, EPP, CMUDr. Granger Morgan, EPP, CMU
Communication Technology Diffusion as of 2003 Source: ITU - 2003: World Telecommunication development report 2003
India & USA - Internet penetration Source: http://www.itu.int/ITU-D/ict/statistics/at_glance/Internet03.pdf for 2003
Peculiar “The Customers shall not disclose to any other person, in any manner whatsoever, any information relating to … or its Affiliates of a confidential nature obtained in the course of availing the services through the website. Failure to comply with this obligation shall be deemed a serious breach of the terms herein and shall entitle … or its Affiliates to terminate the services, without prejudice to any damages, to which the customer may be entitled otherwise.“ – Name of the organization removed.