Karnataka Social and Educational Survey Sparks Privacy Concerns

The Karnataka High Court heard a petition challenging the ongoing social and educational survey, with petitioners claiming that the collection of personal details amounts to a violation of the fundamental right to privacy. The State Backward Classes Commission, however, maintained that there is no compulsion for citizens to disclose any information, and the process is purely voluntary. 

Petition Highlights Privacy Risks 

The petitioners argued that the survey, by requiring sensitive personal and socio-economic details, infringes upon the right to privacy as guaranteed under Article 21 of the Constitution. They raised concerns that the collected data could be misused, leading to profiling of individuals and communities. Citing the Puttaswamy v. Union of India judgment, the petition stressed that any exercise that touches upon personal data must meet the tests of legality, necessity, and proportionality. 

Commission’s Defense: No Compulsion to Participate 

The Karnataka State Backward Classes Commission, which is conducting the survey, clarified that respondents are not legally bound to disclose information. Officials emphasized that the data is intended to enable better policy-making for social justice and equitable distribution of resources. They further argued that the absence of compulsion ensures that no constitutional right is violated. 

Larger Debate on Data and Governance 

The issue brings back the spotlight on the tension between state-led data collection and individual privacy rights. While the government frames such surveys as instruments of welfare and inclusive policy, civil liberties advocates warn of possible misuse without strong data protection safeguards. The matter is expected to evolve further as the High Court examines whether the survey process aligns with constitutional guarantees. 

Source: The Hindu 

Stay informed about updates on the upcoming DPDP Rules and its analysis. Visit www.tsaaro.com to know more.

 News of the week

1. Data Leak Exposes Users of App Targeting Charlie Kirk Critics 

A privacy controversy has erupted after Cancel the Hate, an app aimed at identifying critics of conservative figure Charlie Kirk, suffered a significant data breach. The exposed database reportedly contained personal information such as emails, names, and even location data, leaving users vulnerable. 

Security specialists have warned that the incident could fuel harassment and online intimidation, as the leaked data can easily be misused. Civil liberties groups noted that the breach underscores how politically motivated apps are increasingly putting individuals’ privacy and safety at risk. 

The app’s creator, Jason Sheppard, has so far not issued a detailed explanation regarding the breach. The episode has renewed discussions on the urgent need for stricter oversight of apps handling personal data, especially those designed for political or ideological purposes. 

Source: App targeting Charlie Kirk critics leaks user data in huge privacy breach 

2. TikTok Child Data Protection Found Lacking by Canadian Authorities

   
   

   Canadian privacy regulators have raised serious concerns over TikTok’s handling of children’s data, stating that the platform’s safeguards are insufficient to protect minors. Investigations revealed weaknesses in age verification, unclear policies on data collection, and the use of profiling tools that track young users’ behavior. 

Privacy experts warned that these gaps could expose children to targeted advertising, exploitation, and other privacy risks. Advocacy groups highlighted that the findings underline the need for stricter regulations and accountability for social media platforms that cater to minors. 

TikTok has pledged to improve its age-assurance mechanisms and increase transparency regarding data collection for underage users. The Canadian authorities will continue monitoring compliance to ensure the platform implements meaningful protections for children. 

Source: TikTok child data protection inadequate, Canadian privacy officials say 

3. EV Charging Company Data Breach Exposes Customer Information

Digital Charging Solutions (DCS), a leading provider of electric vehicle (EV) charging services, has reported a data breach affecting customer records. The exposed information included names and email addresses, though payment details remained protected through encryption. 

Experts have cautioned that even non-financial data can be exploited for phishing, spam, or other cyberattacks. The incident highlights the need for robust security measures, especially for third-party support systems handling sensitive customer data. 

DCS has implemented enhanced security protocols, multi-factor authentication for third-party users, and has notified affected customers. Authorities have been informed, and investigations continue to ensure such breaches do not recur. 

Source: EV Charging Provider Confirm Data Breach – Customers Personal Data Exposed 

4. Critical Chrome Vulnerabilities Expose Users to Data Theft and System Crashes 

Google has confirmed multiple high-severity vulnerabilities in its Chrome browser that could allow attackers to access sensitive user data and crash systems. The flaws affect the browser’s memory handling and JavaScript engine, putting users at risk if exploited. 

Cybersecurity experts have warned that these vulnerabilities could enable unauthorized access to personal information, execution of malicious code, and disruption of normal browser operations. The incident underscores the importance of timely software updates and robust security practices for all users. 

Google has released security patches to address the vulnerabilities and urged users to update their Chrome browsers immediately. Users should ensure their systems are running the latest version to minimize exposure to potential attacks. 

Source: Chrome High-severity Vulnerabilities Let Attackers Access Sensitive Data and Crash System