Lt Gen (Retd) DS Hooda
The revelation that a small Chinese company called Shenzhen Zhenhua Data Technology collected online and social media data of 10,000 influential Indians, including political leaders, was greeted with a great deal of shock. A few days later, there is a growing narrative that since this data is from open sources, it has limited utility, and the leak is, therefore, not very worrying.
Both these reactions somehow miss the big picture. It should come as no shock that there is a concerted effort by various countries to collect personal and other critical data about countries (both hostile and friendly). It must also be clearly understood that this data has enormous national security implications.Advertisement
Attempts to classify individuals by their emotions and use them to influence choices were turned into a sophisticated art by technology companies like Google, Facebook, and Twitter. To drive up revenues, depending on what you were viewing, Facebook fed you more and more of similar content. It then auctioned your viewing habits to various advertising companies who used this to sway your commercial decision.
As social media proliferated explosively and became the main source of news, the algorithms crafted by the technology companies created a parallel world of sorts. Facebook investor Roger McNamee’s observed that the platform’s “algorithm exists to maximize attention, and the best way to do that is to make people angry and afraid”.Advertisement
Social media created a filter bubble that constantly reinforced individual beliefs and shut out any alternative viewpoint. Reasoned arguments are difficult if two people are reading from entirely different scripts, and these are the only scripts that they have read.
Social media has now been weaponised. Its use to affect the emotions and beliefs of the target audience has become a subject of deep study as a part of 'Information Warfare’. It has come to be increasingly accepted that the centre of gravity in any future conflict is the human mind and that it is not difficult to create divisions by exacerbating differences that exist in all societies.Advertisement
We could say that the arguments about influencing people are valid for the masses and not for sensible political leaders and others in positions of influence and authority. We wish that this were true, but leaders today thrive on social media approbation. Some deliberately cultivate an image of a harsh and uncompromising stance on ideological issues to garner greater social media presence. Others acquiesce to the majority because of the fear of public backlash and trolling if they buck the trend.
We must also be conscious that while Zhenhua may only be collecting data from open sources, this would only be one part of the data that would be flowing into Beijing from other sources like our mobile phones, the hardware in our communication networks, and the numerous Chinese apps that we routinely use. All this will provide a more comprehensive picture of how leaders think. And as is commonly known in the military, battles are won or lost in the minds of commanders.
There is now talk in the media about creating a global coalition against Chinese snooping. I see this as a highly unlikely outcome. Let me quote an incident to illustrate this. A summit was planned between President Barack Obama and Xi Jinping on June 7 and 8, 2013, in which the Americans had planned to raise the issue of Chinese cyber thefts strongly. One day before the summit, The Washington Post and The Guardian broke the news about the PRISM program in which the US National Security Agency was mining massive amounts of personal data from internet companies.
The meeting between Obama and Xi is described in Fred Kaplan’s book, Dark Territory: The Secret History of Cyber War:
“Obama brought up Chinese cyber theft; Xi took out a copy of The Guardian. From that point on, the Chinese retort to all American accusations on the subject shifted from ‘We don’t do hacking’ to ‘You do it a lot more than we do’.”
The US runs the most extensive and sophisticated surveillance network globally, and India was the fifth most targeted country by PRISM. The ‘Five Eyes’ intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the US is monitoring private communications worldwide. Under these realities, hoping for some form of an international agreement is a mirage.
We should be clear that in the domain of cybersecurity, India must stand on its own feet. Two areas must be immediately addressed.
The first is the protection of personal data. Today, an individual in India has no control over his personal data that is being freely bought, sold, and traded. As has been brought out earlier, the mining and analysis of personal data enable hostile actors to influence sections of society to adopt a more extremist view and sow dissension. The Russian attempts to influence the 2016 US elections were centered not on the positives of the candidates, but, as brought out in the Mueller investigation, on promoting discord and undermining public confidence.
India's Personal Data Protection Bill continues to languish in Parliament. It is sometimes felt that the political class is content with this state as it permits them to leverage this data for electoral purposes with a fair amount of impunity. However, weaknesses in data protection and data localization leaves the country vulnerable to external actors.
The second area is our continuing reliance on foreign hardware and software. Despite many years of ‘Make in India’ policies, we are yet to make substantive progress in adopting Indian technologies, even in areas where they are available. One example of this is the Indian Army's initiative to adopt an indigenous Operating System in 2015 that was strongly resisted and finally rolled back due to internal resistance.
Now that a start has been made by banning Chinese apps, the government must undertake an audit of all hardware and software in our Information Technology networks. Obviously, we cannot run a sword through the whole system, but there are definite areas where indigenous technology can be applied. Some ruthlessness would also have to be displayed to break down long-standing practices and linkages.
The Zhenhua revelations are not an imminent threat, but a clear and present danger. Launching investigations and adopting an injured stance will have only limited value. A legal framework to protect and secure data and a concerted indigenization push is the only way forward.
The author is former Northern Commander, Indian Army, under whose leadership India carried out surgical strikes against Pakistan in 2016. Views expressed are personal.
No comments:
Post a Comment