Privacy Mode fellowship programme

Privacy Mode fellowship programme

Documenting privacy best practices in industry

Mahima Sood


Statement of Purpose

Submitted Jan 8, 2022

I’ve often found myself going to Ray Kurzweil’s words from “Singularity is Near”, where he talks about epochs. We are at the edge of epoch 5, where humans and machines are uniquely poised in an interdisciplinary collaboration. In today’s corollary, data is more valuable than oil. Machines are used to harvest and mine data, which in turn is used to determine the policies that govern us. This ranges from triage situations in hospitals and credit risk checks for loans, to determining prison sentences and bails for convicts.

While the plethora of work being done with data is astounding, it falls differently in Indian context. Global population, and the vastly unequal distribution of resources mean that normative, first-world utilisation of data needs to be altered. We need applications that can optimise resource distribution, aid an overworked judiciary, improve access to healthcare in the remotest of villages, and improve literacy. One aspect that often gets ignored in innovation narratives is that we need these applications to preserve citizens’ privacy, while maintaining their integrity and robustness.

To this end, I believe the key is concurrent discourse about data ethics while we continue building the digital infrastructure. Introduction of Personal and Non-Personal Data Protection bills is a welcome step, but when it comes to the masses, this is still a foreign concept. Ideas of privacy, transparency, accountability etc. are rarely included in a typical software development lifecycle. Academia mentions this but it falls short of practical implementation. At times, lack of clarity on how to operationalise these concepts is also a hurdle.

I want to bridge this gap between ideation and practice by creating a roadmap of recommendations. This can be accomplished as a simple checklist or a more detailed list of “things to do” that can be consulted while requirement gathering, and cross-checked against during deployment and testing. Apart from this, documentation and educative literature, both technical and for general public, can be done to bring the idea of ethical data practices to the forefront.

I plan to follow a multistep approach to do this. A systematic literature review to analyse current practices will be followed by interactions with various industry practitioners and stakeholders who are privy to various steps in creation of digital infrastructure. Once the common industry practices have been pinpointed, I want to identify the gaps where ethical principles of Transparency, Accountability, Robustness and Fairness ought to be considered. This will include steps on what to do, how to do and when to do. Once this is done, the stakeholders will be consulted again to discuss feasibility of these recommendations. A collaborative effort can ease theoretical concepts into practice.

My aim is to work towards creating a culture that values and considers data ethics while we navigate the 5th epoch. Gradual, dedicated steps like this are the only means of ensuring that we move towards an ethical, digitally equitable world.


{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more

Supported by