A senior official from India's Ministry of Electronics and Information Technology (MeitY) has asserted that the responsibility for ensuring digital privacy should lie primarily with engineers and system designers, rather than being a burden placed on end-users. This significant statement was made during a high-profile event focused on artificial intelligence.
Engineering as the Core of Privacy
Speaking at Google's 'Safe and Trusted AI' event on Thursday, November 20, Vikash Chourasia, a Scientist at MeitY, outlined a fundamental shift in approaching data security. He identified Privacy-Enhancing Technologies (PETs) as the "core engine" for implementing robust data protection and fostering trust in digital ecosystems.
Chourasia provided a clear rationale for this engineering-first approach. "I believe privacy is a problem which probably could be resolved at the engineering level more than at the user level," he stated. He explained that the end consumer often has little control over complex technical processes and should be able to safely use services without needing deep technical knowledge.
Real-World Examples and Shifting Security
To illustrate his point, the MeitY scientist cited the evolution of the One-Time Password (OTP) system. He noted that OTPs were initially effective as a second layer of security because they were delivered to a separate device, like a basic mobile phone, distinct from the computer where the banking transaction was initiated.
He highlighted a critical flaw in the current setup: today, both the banking operation and the OTP access typically occur on the same smartphone. This convergence, he argued, significantly reduces the security effectiveness of the OTP mechanism, demonstrating how a good idea can be undermined by poor technical integration.
India's Path Forward with PETs and Collaboration
Referring to India's recently notified data protection rules under the Digital Personal Data Protection Act (DPDP), Chourasia outlined the government's immediate priorities. The key focus for MeitY is to promote the widespread adoption of PETs through active collaboration with academic institutions and industry partners.
He emphasized that India is inherently a "privacy-conscious society," and urged businesses to view compliance not as a mere legal obligation but as a strategic opportunity. Building robust privacy systems is a way to enhance competitiveness and earn user trust, he advised.
Chourasia also highlighted the immense potential of open-source technologies and local innovation. He suggested that small and medium enterprises (SMEs), in particular, can leverage these open tools to fortify their privacy and security frameworks without prohibitive costs.
To drive this mission forward, MeitY plans a series of engagements with academic partners. Some of these meetings are already scheduled to take place in Chennai in the near future, aimed at expanding awareness and building national capability for deploying Privacy-Enhancing Technologies across the digital landscape.
