Your name, address, password etc will be shared by IRCTC to monetise passenger data

Share Via:

Your name, address, password etc will be shared by IRCTC to monetise passenger data

A tender floated by IRCTC also talks about studying ‘behavioural data’ such as flow of passengers, class of journey, frequency of journey, tracking passengers’ travel timings, booking timings, payment mode etc in a bid to monetise it

The Indian Railways Catering and Tourism Corporation (IRCTC) is looking to onboard a consultant who can study railways passenger data in a bid to monetise it in the long run.

The corporation which has floated a tender in this regard, aims to earn Rs 1,000 crore revenue from the monetisation of digital data of Indian Railways.

The customer data which will be studied by the consultant includes name, age, mobile number, gender, address, email-id, no. of passenger, class of journey, payment mode, login/password.

These are part of a two-sectioned tender floated by the IRCTC. The first part, or Project A, talks about onboarding a consultant who will study the above-mentioned data points to identify a business model for monetisation of railways data.

The project B, talks about selecting an entity who can ‘identify, design, develop, build strategy and roll-out of data monetisation opportunities’.

A bidder can take part in either part of the project, or both.

This move is significant and also alarming because India still does not have a data protection law.

The Personal Data Protection Bill 2019 which was being discussed and deliberated upon for the last four years was recently scrapped by the Indian government.

It is not yet known when the new law would see the light of the day.

But with a development such as this, where personally identifiable data points such as name, gender, passwords and so on, are being talked about being monetised, that too without any safeguards, it is imperative that the government brings in legislation to protect citizens’ data.

Other data

Going by the tender, the data-points that will be studied by the consultant includes ‘behavioural data’.

The IRCTC tender reviewed by Moneycontrol talks about studying ‘behavioural data’ such as flow of passengers, class of journey, frequency of journey, tracking passengers’ travel timings, booking timings, payment mode and so on.

These data will be segregated into manageable datasets ‘conforming to the extent of legal provisions’.

Then, the consultant identify potential markets for specific dataset and establish a long standing protocol for monetising digital data of Indian Railways.

Over six months, the consultant will study these factors and prepare a detailed project report and submit it to IRCTC.

What about privacy?

Shall study various Acts or laws including IT Act 2000 and its amendments, User data privacy laws including GDPR (General Data Protection Regulation) and current ‘Personal Data Protection Bill 2018 of India, and accordingly propose the business models for monetisation of Digital Assets,” the tender said.

However, IRCTC fails to note that neither there exists amendments to the IT Act 2000, nor there is any Personal Data Protection Bill 2018 of India anymore.“IRCTC, a government-controlled monopoly, must not prioritise perverse commercial interests over the rights and interests of citizens. And given the recent withdrawal of the Data Protection Bill, 2021, such monetisation becomes even more concerning,” Internet Freedom Foundation said in a statement.

For Breaking News and Live News Updates, like us on Facebook or follow us on Twitter and Instagram. Subscribe us on Telegram and never miss a update!

Related Posts

Leave a Comment