Ram is looking for help with his College assignment but the library does not have the book he is looking for. He pulls out his laptop, browses to a multi billion dollar search portal and retrieves the information he was looking for in a few seconds.

Colonel Singh is warming up for his morning run when he gets a notification on his mobile. His comrade and batch mate since military school has just bested his 5k time by a few seconds. He smiles, straps on his GPS fitness tracker and goes for a run determined to win his best timing title back.

Priti is bored. It’s pouring cats and dogs outside and she has been stranded at home for 3 days now. She switches on her Smart TV and goes to a popular video streaming app and continues where she had left off. She has been binge watching a TV show and is on to the 3rd season.

Doctor Khan checks into the hotel for a much needed vacation. He suddenly gets a pager message about an emergency. The 70 year old whose hip he replaced last week has suddenly developed complications in rehab. He pulls out his Tab and sees an email with a link to access the medical records of his patient, calls his subordinate and prescribes a few medicines and issues instructions to keep him posted every 2 hours.

Welcome to Digital India, where the Internet is fast becoming a basic necessity. With the push towards paperless offices, digital medical records, cashless transactions, widespread adoption of social media as a primary mode of communication, the amount of data being generated is humongous and the issues that come with it, are also at the same scale, if not larger.

Every website Ram visits after finishing his assignment, shows him advertisements to buy the books closely related to the online search he used to get help for his assignment. Colonel Singh just ran around the secret military base and uploaded the GPS location and the route he took to a server on the other side of the globe. The streaming website now knows that Priti is a “rom com” addict and keeps on suggesting movies and soap operas that’ll interest her to keep her glued to the app and renew her subscription. Doctor Khan was on the free public WiFi in the hotel and the medical records of his patient have been leaked to a hacker.

The days where your data was just piles of files and folders gathering dust in a basement are long gone. A data center in a foreign country works 24/7, slicing and dicing your internet activity and is putting together a scarily accurate psychological profile about you.

With Digital India, India needs to look at its data privacy and residency laws. India with its huge demographic and widespread adoption of Internet is handing its data to a foreign enterprise on a platter. While this does not mean following the footsteps of China and regulating the usage of Internet all together. India must follow the lead of the European Union which has been working tirelessly to keep their citizens’ data out of the hands of foreign conglomerates and NSA spooks. Any violations are dealt with heavily. While EU is telling multi-billion dollar companies to behave, we have ministers arguing that right to privacy is not unconditional and comes with a few caveats.

Meanwhile in April 2016, EU parliament unanimously passed General Data Protection Regulation which has to be enforced by all companies dealing with its citizens’ data by May 25th 2018. Companies must store, process any and all data within its geographical borders. It defines various compliance norms that all companies must adhere to and most importantly, it returns the right to privacy back to the citizen who must explicitly provide his consent to share his data and reserves the right to have his data deleted at any point in the future. This has given nightmares to many multi-billion dollar Internet giants who previously took the data for granted.

While Digital India is a great initiative that suggests India is finally opening up to widespread adoption of Internet in all aspects of life. Data plans has never been cheaper, and Internet accessibility is no longer restricted to Tier 1 cities. But it also opens the Pandora’s Box of privacy issues and security problems. India must begin adopting the GDPR template to protect its data. Frequent breaches of Aadhar data and concerns over privacy is a testament to this risk. As they say, Data is quickly becoming the Crude oil of the 21st century and India must control who can access its citizens’ data and hand the rights to data back to its citizens.