Research Article

Data Privacy: Its Challenges

Charchit Khandelwal1, Mayank Jain2, Deepak Singhal3
Abstract
Information protection, additionally called Data Security, is the part of Data Innovation (IT) that arrangements
with the capacity an association or individual needs to figure out what information in a PC framework
can be imparted to outsiders.

In the course of the most recent four decades, the protection of individual information has been the
subject of enactment and prosecution in both the US and the EU. Insurance of individual information
protection under the law has been molded by the interests of numerous bodies electorate: people, business
associations, government organizations, law authorization, and national security administrations. The
complex and seemingly inadequate nature of US information security law is frequently scrutinized the
General Data Protection Regulation (GDPR), otherwise called the European Data Protection Regulation
(the GDPR is not examined in the white paper – it presumably justifies one of its own). Knowing how
information security insurance has advanced in the US so far should help advise its further movement.
What’s more, there is no doubt advance should be made. The trust-dissolving impacts of powerless
security insurance on our economy are obviously achieving quantifiable proportions.by nations that have
more far reaching information assurance enactment. The paper serves to give a nonpartisan survey of US
information protection enactment ; be that as it may, it additionally watches that intrigue’s other than
those of the individual have had a tendency to win in US information security enactment, prominently
the interests of trade, and additionally those of state security offices, especially those that react to the
mind boggling specialized substances of information correspondence and information preparing with
a “gather everything” way to deal with electronic reconnaissance. Our research is based on doctrinal
method however some parts will be conducted through empirical study where most of research is done
through journals, books, reports of NGO’s and other secondary sources. The following questions are-

• What is the Application of Right to Privacy and its importance in every ascept?
• Which Is More Important - National Security or Data Privacy?
• What is the Importance of Data Privacy for each individual ,every company & every Country?

In the Full Paper, we will briefly describe the starting point of the right to privacy, national security and
the Importance of Data privacy at the level of individual as well as national.

Keywords: Privacy, Gather Everything, Security, Right, Data Protection, Information

Introduction
Data Security refers to protective digital measures that enables to protect computers from unauthorized access. It also
helps in preventing unwanted actions from unwanted users which reduces the rate of cyber-attacks. It also prevents data
from corruption. The main focus of Data protection is to ensure protection of Personal as well as Corporate Information.
Information protection, additionally called Data Security, is the part of Data Innovation (IT) that arrangements with the
capacity an association or individual needs to figure out what information in a PC framework can be imparted to outsiders.
It is a pivotal task of the government since it surrounds legal as well as political issues.Data Security concerns the insurance

2nd year BBA LL.B (International Trade), 3(Taxation laws) University of Petroleum & Energy Studies, Dehradun.
1,2,

Correspondence: Mr. Charchit Khandelwal, University of Petroleum & Energy Studies, Dehradun.

E-mail Id: charchitkhandelwal54@gmail.com

Orcid Id: http://orcid.org/0000-0002-0468-3940

How to cite this article: Khandelwal C, Jain M, Singhal D. Data Privacy: Its Challenges. J Adv Res Comp Tech Soft Appl 2017; 4(3) : 1-5.

© ADR Journals 2017. All Rights Reserved.

Khandelwal C et al.
from coincidental or deliberate yet unproved alteration,
demolition or exposure using physical security, regulatory
controls, sensible controls and different protections to
constrain availability. Guaranteeing data security inside your
association is significant in the event that you are to stay
consistent against the expanding data security directions,
also guaranteeing that you keep up a decent association
safety efforts will place you in great stead for insurance
against data misfortune and data security breaks. Data
Security is also important since Sensitive information of
an individual may be leaked and can cause huge losses to
his/her reputation. Right to Privacy, in recent period, has
been coined as the Fundamental Right under Article 21
of the Indian Constitution. It also says that one’s personal
information should be protected from public perusal.
Right to privacy is being mentioned in over 155 national
constitutions. Elements of Privacy arise from contexts of
facets of freedom and dignity recognized under Part III.
Informational Privacy is a facet of the Right to Privacy.
Privacy laws are important for a Collective Value as well of
Human Right. It also claims to Privacy laws only increases
Government Surveillance. In-turn Government Surveillance
has developed negative nuance due to government’s
assembling of personal information of millions of citizen
misleading claims & in preventing terrorist attacks.As per
the Supreme Court of India, every aspect of right to privacy
is not fundamental, rather it is subjected to reasonable
restrictions. Privacy is multi-faceted and every faceted
can’t be considered as fundamental right.
Government Associations holds gigantic measure
of information- natives information, military insight
information and significantly more. This basic information is
likewise the reason for most savvy activities the legislature
and nearby experts embrace. In the meantime government
systems and endpoints are under steady danger from
outside governments, digital assailants, and other hostile to
national components. Any break of security and information
can affect the whole country, region or state.
Local, state, common and civil- to guarantee that the
delicate information they hold is enough secured. We
ensure million of government workers and secure some
prominent government offices. We give an advanced scope
of encryption, system, entryway and security suites that
are as they are easy to send, oversee and live with.
Challenges of Data Privacy
One of the pivotal challenges of Data privacy is utilizing
the data while protecting individual’s right and Personal
Information. Since laws and regulations related to data
privacy are dynamic, there should be a constant check on
changes in law & continuous reassessment with privacy &
security issues. Organizations with limited resources and
rapid growth need proper data privacy software and better
J. Adv. Res. Comp. Tech. Soft. Appl. 2017; 4(3)
solutions to overcome the challenge. Getting a Secure, Cost-
efficient data protection software is a constant Challenge for
many Companies. More than 50% of the companies failed
to recover business data effectively due to unreliability each
year. Also, there are not enough Resources to manage the
growth of the Company. But, Technology Improvements
have increased the rate of Protective Solutions. More than
70% of companies were using cloud services till 2014. There
are many tools introduced like ‘Think Positive’ which has
been created to understand articulation of challenges faced
by the employees of all the organizations. Companies like
Facebook, Apple are attracting Customers by their Privacy
concern & using it as a marketing tool for effective sales.
They use Cloud Data Protection for protecting information
of both companies as well as customers.
What is a Cloud Data Protection?
Can Cloud Data Protection Overcome the Challenges?
Cloud Data Protection is type of advanced protection model
used to protect stored & moving data in a cloud form. It
uses industry standard encryption algorithms which ensures
end-to-end Protection which reduces the rate of Data
Loss Risk. Most Importantly,it protects the Organization’s
Investments. This model also centralizesresources which in-
turn helps in improving security level & reliability of backup
tasks. It also helps in reducing expenditures and assists
company in becoming a more-cost effective management.
This Model also helps in improving recovery reliability by
removing hardware dependencies & automated processes
speed recovery. By adopting this model, Companies are
able to store daily, which in-turn helps them to reduce their
capital expenditure & can focus on paramount step i.e.,
Implementing the strategic business Priorities.
In the course of the most recent four decades, the protection
of individual information has been the subject of enactment
and prosecution in both the US and the EU.
Which of the following is more Pivotal for a country -
National SecurityorData Privacy?
This issue has been debated for a while now. Both the
phenomenon holds an equitable share of Importance since
both are pivotal at their levels. National Security, concept
developed in United States, basically means that protection
of State and the Citizens against all kinds of crises. It has the
motto of ‘Protecting Our Country, Protecting Our People’. It
should protect against all power projections existing in the
dynamic environment such as political power, economic
power and such as present there. Protecting of critical
infrastructures has been growing role in National Security
Issues. These include water supply, financial services and
communication networks. Initially, Military Security and
Political security were only considered as National Security
but now, as the time Progressed, Cyber security is also
2
 J. Adv. Res. Comp. Tech. Soft. Appl. 2017; 4(3)
considered as the most indispensable one. Electronic
Information Systems & Devices are vital for maintaining a
National Security of any State. Unauthorized Access can
cause serious damages to the country and then intake to
the people of that country. It has been seenthat ‘Cyber
Threat’ is one of the most serious economic and national
security challenges being faced by the world.
Data Privacy
is the ability of the organization to deal with what they
have shared with third parties. After the Landmark Ruling,
Privacy is Fundamental and this is considered to be a right
step in Right Direction. Since it was Important for India
since it is a nation with one of the highest terror and cyber-
threat perceptions should now look into major legislative
drafting from a national security Perspective. The Most
Crucial Aspect of privacy is that it helps in weakening the
ability of counter-terrorism and helps our intelligence
units to stay a step ahead in this darkening digital world
which would have grave long-term consequences. In this
digital world, Individual’s every like or dislike, every action,
every application could be traced by complex algorithms
which could bring all the large generated information
together from his/her financial transactions to the shopping
transaction with records. This can cause a lot of harm to
reputation as well as identity. In Present times, Cyber crimes
rate has increased a lot, with the internet being used as a
primary tool for several activities from smuggling to Money
laundering to recruitment into terror outfits. Terrorist
Organizationslike ISIS have started using internet as a mean
to execute a crime and help them in indentify thefts and
data breaches. For counter parting this problem, Strong
data protection and privacy laws were to be made, similar
to European Union General Data Protection Regulation
(GDPR), which is considered to be the most important
change in Data Privacy Regulation in last 20 years. There
are Rumors that European Union is ensuring that from
2018, we will be able to control our own data, allowing us
to have the right to whom we want to share the concerned
data. Moreover, Measures are taken to curb government
efforts i.e. few private institutions colonize the bulk of
data which in-turn reduces the government ability to
provide proper living of the citizen and create turbulent
social and economic eruptions. The best solution can
be the Creation of Independent watchdog institutions
with substantial constitutional authority to ensure that
any organization whether public or private working with
data abide by with draconian data privacy, protection and
security regulations, would be an ideal steps in ensuring
that our citizens effectively preserve their privacy in this
digital world. This will help in keeping stability & flexibility
in the organizations. With new Technologies, The country’s
privacy laws needs to be updated & individual’s surveillance
needs to be regulated for the betterment of all.Technology
has reached a next level that Mobile Aadhaar can be used
3
Khandelwal C et al.
as ID proof to enter airports. Government after enactment
of ‘Right to Privacy’ made the Aadhaar Card linked with the
account mandatory.By these, every individual’s personal
details and information is with the government and it needs
to be handled with care else It can lead to gigantic loss to
all as well as to the Nation. This linked up accounts have
lot of benefits but losing of this information to any other
party can cause enormous loss to one and all.
Role of USA in development of data privacy
United States of America being a developed nation has
an pre-eminent role in development of data privacy and
its laws. There are no general laws in USA regarding data
privacy but there are various sectoral laws and guidelines
regarding data privacy .
USA has a crucial role in the development of data privacy
of their citizens as even the collection of email ids and
telephone numbers are regulated . The citizens are even
given the right to seek redress in courts for violation of
their privacy when the personal information of the person
is shared with the law enforcement agencies .
As more and more use of computerised database to store
information about individual became widespread in the
1970s, the data protection legislation started to appear
.In the last four decades from the 1970s USA has started
developing various legislature to accommodate the interest
of individuals, commercial organizations, government
agencies, law enforcement, and national security services
for the privacy of data .
As USA is the country with the highest usage of computers
making it the country with most possible data theft attacks
. USA has paid a great emphasis on protection of the data
privacy and has also shown the rest of the world the new
era of technology and the protection which should be taken
care of by every other country to avoid the abominable
circumstances that could arrive in future .
General Data Protection Regulation (GDPR)
GDPR means a formation of sets ofpersonal information
of person and it collect the data and process the data.
The EU GDPR is supplanting the Data Protection 95/46/
EC set in 1995. The Data protection Directive was far
reaching for now is the ideal time before the blast of the
information gathering and huge information. However
the more established report was non-authoritative, and
the genuine laws authorizing the Directive have varied
uncontrollably among the nations.
As the nation has developed, companies from everywhere
throughout the mainland started business connections and
associations with different nations inside and outside. As a
feature of these cooperative energies, client information has
Khandelwal C et al.
openly streamed between associations open and privately
owned businesses, and crosswise over nation fringes and
even landmasses, each with its own information security
approaches set up, making real gaps for information security
and protection issues. That reality combined with the fast
pace of innovation, which now bolsters general society
utilization of individual information, regularly called Pll at
a worldwide scale and with unreliable outcomes are the
driving elements behind the GDPR. It has set a deadline
until which every organization should be registered under
it, if not it will face a heavy fine for non-compliance.
Requirements of GDPR
• Free consent
• Consent of written documents
• Age of minor between13 to 16 must have consent of
parents or guardian.
• It can with draw from this anytime.
• Access and restriction of the information
Data
It basically means, facts or pieces of information together. It
may be defined as information in unorganized or raw form.
Data is limitless and present everywhere in the universe
that is why it is very hard to store it.
Personal Data
Data which relates the information of privacy of the person
like- social, economical. By this identify the data of natural
person. It includes the Article 2 and 4 of Data Protection
Act it out automated the processing the personal data of
a person.
Sensitive Personal Data
It concerns about the places, religion, there sexual life,
personal ideas and theory. Sensitive information of a person
must be protected at any cost with higher level of security.
It includes the Article 8(1) of DPA. Data includes that racial
and the political opinions, alleged the processing of crime
or offences.
Basis threats to the Data
• Hackers use anyone personal information without their
permission use them copy, delete the files.
• Virus is programs of software that corrupt and infected
the files in the computer. By this all the data saves in
the computer erase and window crash.
• Web sites- while surfing online there are some fake
sites which hack our information by open these sites.
These unsecured sites don’t have and http address or
IP address it corrupts the information.
• Removable media likes pen-drive, hard disk, USB cable,
CD drive it can take information from to the sources.
J. Adv. Res. Comp. Tech. Soft. Appl. 2017; 4(3)
• On social networking sites FB, Gmail uses the poor
password which easily cracked.
Threats to information system
Thecontrol over what individual’sinformation organization
gather from them and how they utilize it. Straight
forwardness or effective justifiable and open data about
protection and security rehears. The gather utilizing and
exposure of individual information to be done in way
that are steady with the setting in which customers give
information. Access to their own information in usable
organization , with the ability to remedy mistakes. There
are Sensible breaking points on the individual’s information
that organization gathers and holds.
Risk Management
Data Privacy should be our Responsibility & It should be
protected since it can harm the reputation which is hard
earned and easily lost. Data Protection has been long
dependent on‘Risk Management’ as a tool for complying
with the laws & the Fundamental rights & interests of
Individuals are protected effectively & ensures that data
are processes appropriately. Basically, Risk Management
refers to a valuable tool for calibrating the compliance
& implementation of privacy requirements, informing
about the risks. This presents both an opportunity and a
challenge. The opportunity is to develop effective, modern
risk management tools & its impacts depending upon
experience with risk management broadly. The Challenge
is to do so quickly to keep pace with dynamic environment
and dramatic changes in technology & human behavior.
There are insurances which help us be protected with
uncertainties and unauthorized access.
Role of Risk Management In Data Privacy
• Indentify Impacts & effects
• A Balancing test
• Goal of Risk Management- Role of proportionality
• Mitigating measures in Risk Management
• Organizational Support
• Efficient and Flexible Risk Management
Cyber Insurance
Cyber Insurance is a kind of insurance used to users from
internet based risks. It provides coverage against losses
such as data destruction, extortion, theft, hacking etc.
The market of cyber insurance is very limited, there is
not much growth in the sector of cyber insurance though
the market is huge there is lack of awareness among the
people regarding cyber insurance and it is the need of the
hour as there are cyber attacks on day to day basis, where
the user has to either suffer some losses or compromise
with the loss of data .
4
 J. Adv. Res. Comp. Tech. Soft. Appl. 2017; 4(3)
Cyber insurance also helps in compensating the data loss
which one could suffer due to a cyber attack or some kind
of hacking. We hear the news of hacking on a regular basis
which could lead to loss of various useful and important
information which we need not seek to compromise .
So, proper protection should be taken to minimize the
threat of data loss and also the person or the organization
should insure themselves if possible as it has become the
need of the hour. So, that they can get some compensation
if some kind of loss takes place.
Conclusion
In Digital World,The country’s privacy laws needs to be
updated & individual’s surveillance needs to be regulated
for the betterment of all. USA has a crucial role in the
development of data privacy of their citizens as even
the collection of email ids and telephone numbers are
regulated which is a crucial step. The citizens are even
given the right to seek redress in courts for violation of
their privacy when the personal information of the person
is shared with the law enforcement agencies. By this, Data
can be saved and individual’s privacy and rights can’t be
infringed which will in-turn improve the Quality of life of
citizens. Privacy has also helped in weakening the ability of
counter-terrorism and helps our intelligence units to stay
a step ahead in this darkening digital world which would
Khandelwal C et al.
have grave long-term consequences. The best solution
can be the Creation of Independent watchdog institutions
with substantial constitutional authority to ensure that
any organization whether public or private working with
data abide by with draconian data privacy, protection and
security regulations, would be an ideal steps in ensuring that
our citizens effectively preserve their privacy in this digital
world. In Conclusion, Individuals should be aware of this
right and should take measures to stop unwanted access
to his information and should be careful while surfing.
References
1. http://www.eugdpr.org/
2. https://en.wikipedia.org/wiki/General_Data_
Protection_Regulation
3. http://searchcio.techtarget.com/definition/data-
privacy-information-privacy
4. https://www.welivesecurity.com/2016/04/26/
data-privacy-data-protection-us-law-legislation-
white-paper/
5. https://www.networkcomputing.com/storage/
data-protection-cloud-basics/798260399
6. https://www.seagate.com/www-content/
services-software/data-protection-solutions/_
shared/seagate-tech-insight-top-5-data-
challenges-econ.pdf