A beta version of the project – which intends to reduce wait time at airports – has been launched at the Delhi and Bengaluru airports.
Though the authorities have maintained that passenger data would remain secure, privacy experts are split on the issue, with some arguing that it would lead to misuse of data and unwarranted surveillance.
“It’s fairly clear that they will be storing data for all kinds of things,” Prasanto K Roy, a cyber and tech policy expert, told ET.
“They may integrate unsolicited data from other sources and there are absolutely no data protection laws, so they are not bound by anything. Purpose limitation and how they will use the data is the major concern,” Roy said.
Concerns of law enforcers (especially with regard to false positives) do not all apply in this case as the issues are to do with privacy, a lack of any data protection law, and the lack of true informed consent, he added
Discover the stories of your interest
The Ministry of Civil Aviation did not respond to ET’s email seeking comment until press time Tuesday.
While the Digi Yatra facility is voluntary, Roy said once the system is in place, most people would be coerced to go through with it as “nobody would want to hang around at the airport and debate on privacy.”
This is the reason why ‘purpose limitation’ becomes crucial, he said.
“There is no clear restraint on purpose limitation right now,” Roy said. “But if the data can be stored and used for other things like sales and marketing or for government use, then it is pretty worrying as a very wide ambit of usage has been allowed.”
Aditya Ranjan, a research fellow at the Vidhi Centre for Legal Policy, flagged issues of the veracity of the technology and said it would be dangerous in the absence of a proper data protection framework.
“The technology (facial recognition) is not really sound as of now and is still developing,” Ranjan explained. “The other aspect of concern is regarding privacy. The data protection Bill has been withdrawn and the government has said that they are bringing in comprehensive legislation, but the timeline is not clear. Legislation will help a lot so that these technologies can then be tested.”
Other activists are not unduly perturbed by the scope of the project.
“I don’t think there is too much to worry about on the privacy front,” said technology analyst and consultant Faisal Kawoosa. “There is already a lot of video surveillance that happens 24/7 and that typically gets stored for a minimum of six months. That data is already available and can be analysed at any time with a lot of new tools that are around now. You can also analyse the video streams that have been recorded, so I don’t feel it’s a big issue and think that all the privacy challenges can be managed well.”
The lack of a proper legislative framework is not something to be worried about, said Hitesh Jain, managing partner at Parinam Law Associates.
“Privacy has been recognised as a constitutional right,” Jain said. “So, if there is any data breach, under the existing laws, you have the mechanism and the remedy to take action.”