It’s time social media authenticated its users (Comment)
By K. Yatish Rajawat
On August 20, the Supreme Court of India sought the response of the Centre and social media companies to respond on Facebooks plea to shift cases related to linking social media accounts with Aadhaar from various courts across the country to it. In all likelihood, the apex court will hear a matter that affects the very fabric of democracy of this country. This is a good step as finally the judiciary will address an issue that is becoming difficult for the executive to handle.
The government is helpless as all issues related to social media get muddled with concerns on privacy and security. There is a concerted lobby with a trust deficit with anything related to Aadhaar and/or control by the government. While social media users do not think about privacy before sharing information about their children, family and every location detail on social media they worry about privacy while sharing data with the government. When it comes to regulating the identification of users, even the Supreme Court confuses it as a privacy issue. This prevents any clear line of regulations and rules.
It’s important to understand why the government wants to link social media accounts to Aadhaar by understanding its objective with a detailed analogy below. The objective is to identify and authenticate real social media users from the fake ones. By authenticating users the misuse of these platforms can be prevented.
Social media platforms have become a medium for misinformation, disinformation, fake news along with information weaponisation. This is tearing down the fabric of democracy by creating and popularising extreme and negative narratives. Information weaponisation can lead to social unrest, and allow terrorist organisations to spread hate and violence.
All this is allowed to happen because social media platforms do not take any responsibility for identifying users on their platform, they do not take responsibility for the content on their platform, and they do not take responsibility for its misuse — by terrorists, pornographers or rogue countries.
They have more than 25,000 data points on every user but they still claim to law enforcement authorities and even to the judiciary that as per their user agreements they cannot the identify their users. Thus, it is not yet clear to what extent is this information safe as the Cambridge Analytica case proved. In the past, there have been plenty of instances where this information has been misused, mainly to influence the electoral outcomes in the US, during the EU referendum in the UK, in the West Indies, in Africa, etc. This can be prevented if users’ accounts are authenticated and fake accounts are removed as the responsibility for the content will be established to an individual.
The difference between usage pattern of real and disinformation campaign is crucial to understand as surreptitious activity is not done by real accounts. Removing fake accounts will bring down the total number of users on these platforms, as industry estimates that the number of fakes accounts is high and vary from 20-50 per cent of total user base. Since the social media companies have a user base determined valuation, a fall in user growth will affect their stock price more than a slowdown in revenue growth. This explains the opposition to authenticating users.
Now, that we have established the objective of identification and authentication of users and understood the opposition, let us understand the link to privacy and security with an analogy: the objective is to go from Mumbai to Brisbane. But, flying is not safe especially a long flight to Brisbane. To fly, identity has to be disclosed to immigration officials, airlines and even the airport’s security official. This could be considered as a violation of privacy, but is not. Everybody discloses their identity and authenticates that at several levels. The assumption is that the data will not be misused, it will not be leaked. The assumption is that there are norms for storage, access and usage of such personal data. Distrust is not default mindset for these disclosures. When it comes to Aadhaar linkages with social media, distrust is very high.
The distrust could be with the government or its capabilities to secure data. It could also be with social media platforms. To remove this trust deficit, the Supreme Court can lay down the norms for storage, use and security of the data. Beginning with removing the requirement for storing data that identifies the user. It can be limited to authentication transactions like done for a digital payment. Even for authentication, documents other than Aadhaar can be used, such as a passport or driving license. The important thing is to establish the onus of responsibility for the users’ identity with the social media platform.
Perhaps the Supreme Court will create a global precedence, which other countries can follow, by beginning the process of assigning responsibility to social media platforms that is long overdue.
(K Yatish Rajawat is a senior journalist. Twitter: @yatishrajawat, views are personal)