Cloudflare Collaborates With Leading Browsers to Develop a Privacy-First Protocol For the Global Internet

Cloudflare, Inc. (NYSE: NET), , the leading connectivity cloud company, today announced a new initiative with major Web browsers - Mozilla Firefox, Google Chrome, and Microsoft Edge - committing to developing and submitting for standardization a privacy-preserving protocol to help humans and bots prove that their traffic is not malicious. As the Internet shifts from human-driven clicks to agent activity, website operators must now figure out how to stop aggressive automated traffic, without resorting to invasive tracking. This initiative will lay the foundation for a more frictionless, secure, and private experience for every Internet user and website owner alike.

“The way we interact with the Internet is facing a fundamental shift. Normal everyday tasks like ordering food previously required a user to personally navigate menus and payment gateways. Now, autonomous agents are starting to orchestrate these workflows on behalf of people," said Dane Knecht, CTO of Cloudflare. "As AI-powered traffic becomes widespread, existing tools to support its use are too generic and coarse. Now this collaboration lets us eliminate the friction caused by security protocols for every visitor - whether they are human or agent - without sacrificing privacy."

For decades, website operators have relied on a patchwork of imperfect defense mechanisms to manage automated abuse, but these imperfect techniques are increasingly failing to keep pace with modern threats. Now, with the explosion of Generative AI, the battlefield has shifted yet again. Malicious automation is more widespread, sophisticated, and economically damaging to site owners. As we move toward an era of agentic AI, the line between human behavior and bot activity is blurring, leaving the digital world with an unprecedented privacy problem. When websites attempt to verify that a request originates from a legitimate human or authorized bot, the traditional solutions - forced logins and invasive tracking - compromise user trust.

“In commerce, every extra challenge, delay, or false positive can turn a purchase into an abandoned cart. Merchants need effective protections against automated abuse, but buyers shouldn’t have to pay for them with unnecessary friction or invasive tracking. Shopify is proud to help develop PACT as an open, privacy-preserving standard that can help the millions of businesses on our platform distinguish legitimate shoppers and authorized agents from abusive traffic while preserving buyer privacy." – Ilya Grigorik, Distinguished Engineer at Shopify.

Private Access Control Tokens (PACT) are designed to allow sites with strong knowledge of “personhood” to issue anonymous tokens. A user's browser can then provide these tokens to other sites to prove that a human is in the loop, reducing the need for annoying and clunky captchas or invasive tracking. PACT is designed so that sites cannot leverage it to track or identify users or their browsing history.

"The health of the web depends on effective, interoperable, privacy-preserving tools that enable sites to combat abuse without unnecessary user friction. Microsoft is excited to collaborate on developing new standards and helping ensure their deployment across the open web." – Erik Anderson, Director of Engineering, Web Platform at Microsoft Edge.

"Mozilla is committed to defending openness and user privacy on the web. An avalanche of automated traffic is pushing sites to adopt blunt defenses - paywalls, identity checks, CAPTCHAs, and invasive tracking - simply to tell whether a request comes from a human. We can build a better solution that maintains strong privacy and provides a much less annoying experience for real humans using the web. This project requires collaboration across the ecosystem, and we're thrilled to work with Cloudflare and other like-minded partners to bring it to life." – Bobby Holley, CTO for Firefox at Mozilla.

PACT will further empower businesses to identify genuine visitors, ensuring they can focus their resources on the traffic that matters to them. PACT leverages trusted information from contexts that have authentic relationships with people while keeping that information private. This provides businesses with high-integrity assurances about their audiences with minimal friction. Using PACT on Cloudflare’s network raises the bar for trustworthiness and integrity online without the traditional costs.

About Cloudflare

Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.

Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest Internet trends and insights at https://radar.cloudflare.com.

TCS to Join Race for India’s New Data Privacy Permits

Tata Consultancy Services (TCS) is preparing to apply for a ‘consent manager’ permit under India’s Digital Personal Data Protection (DPDP) rules, aiming to tap into a compliance-as-a-service market projected at ₹10,000 crore over the next three years, with consent management alone worth about ₹1,000 crore. This positions TCS alongside Reliance Jio, which is already in the race.

A “consent manager” permit under India’s Digital Personal Data Protection Act (DPDP) is an official registration granted by the Data Protection Board of India to entities that act as neutral intermediaries, helping individuals give, review, and withdraw consent for the use of their personal data. In simple terms, it’s a license that allows a company to legally operate as a trusted platform for managing user permissions around data sharing.  

What This Means for TCS

• Strategic Move: Entering one of India’s largest emerging data-governance opportunities.
• Revenue Potential: Consent management is expected to be a ₹1,000 crore market.
• Competition: Reliance Jio Platforms has already applied, making this a competitive space.

DPDP Act & Consent Managers

• DPDP Act, 2023: India’s first dedicated digital privacy law, operationalized through DPDP Rules, 2025.
• Consent Managers: Registered entities that facilitate user consent for data fiduciaries.
• Must meet net worth and incorporation requirements to qualify.
• Serve as intermediaries ensuring individuals can grant, review, and withdraw consent easily.

Market Opportunity Breakdown

Segment	Estimated Value (3 yrs)	Key Drivers
Compliance-as-a-Service	₹10,000 crore	Privacy automation, regulatory compliance
Consent Management	₹1,000 crore	User-centric data governance, legal mandates
Other DPDP Services	₹9,000 crore	Breach management, compliance audits, automation

Implications for Businesses

• Legal Compliance: Companies must align with DPDP rules, making consent managers
• Operational Efficiency: Outsourcing reduces compliance burden.
• Trust & Transparency: Enhances consumer confidence in data handling.

Risks & Challenges

• Regulatory Scrutiny: Consent managers will be closely monitored by India’s Data Protection Board.
• Implementation Costs: High upfront investment in infrastructure and compliance systems.
• Competition: Market share will depend on speed, scalability, and trust.

Key Takeaway

TCS’s move to apply for a consent manager permit under DPDP rules is a strategic bet on India’s growing digital privacy ecosystem, potentially unlocking a scalable revenue stream while strengthening its role in governance and compliance services.

120,000 Home Cameras Breached: Privacy at Risk in the Digital Age

South Korean police revealed that over 120,000 internet-connected home cameras were hacked, with footage exploited to create and sell sexually explicit videos. Four suspects have been arrested in connection with the scheme.

National Police Agency (NPA) of South Korea has issued an official statement confirming the arrests of four suspects who hacked approximately 120,000 home and business IP cameras to produce and sell sexually exploitative material.

About 120,000 IP cameras (often called “home cams”) installed in private homes, karaoke rooms, Pilates studios, and clinics were compromised.

Four individuals were arrested. Importantly, police clarified that they acted independently and were not accomplices. The suspects created and sold hundreds of sexual abuse videos on overseas websites. Police noted they are working with overseas agencies to track website operators and buyers involved in distributing the material.

The NPA highlighted that weak passwords and poor security settings on IP cameras were the main vulnerabilities exploited. The case is being treated under South Korea’s strict digital sex crime laws, which have been strengthened in recent years after similar scandals. Authorities urged citizens to immediately change default passwords and update firmware to prevent further breaches.  

---

Key details of the case

• Scale of the breach: More than 120,000 surveillance cameras in homes and businesses across South Korea were compromised.
• Targets: Cameras were placed in private homes, karaoke rooms, Pilates studios, and clinics, making the intrusion deeply invasive.
• Suspects: Police charged four individuals. One suspect alone hacked 63,000 cameras and produced 545 exploitative videos, earning about 35 million won (~₹21 lakh) from sales.
• Method: Hackers exploited weak security in IP cameras, such as default or easy-to-guess passwords.
• Content: The stolen footage was turned into sexually exploitative material and distributed online.

---

Broader implications

• Privacy crisis: This case highlights how vulnerable consumer-grade surveillance devices can be when users fail to change default settings or manufacturers neglect strong security protocols.
• Legal crackdown: South Korea has strict laws against digital sex crimes, and this incident is expected to intensify calls for tougher regulation of surveillance technology.
• Global warning: Similar risks exist worldwide. Any internet-connected device with a camera or microphone can be hijacked if not properly secured.

---

How to protect yourself

• Change default passwords immediately on all smart devices.
• Enable two-factor authentication where possible.
• Update firmware regularly to patch vulnerabilities.
• Avoid cheap, unverified brands that may lack proper security safeguards.
• Use encrypted networks and avoid exposing devices directly to the internet.

---

This incident is a stark reminder that digital safety is inseparable from physical privacy. The exploitation of everyday devices for sexual crimes shows how technology can be weaponized when security is neglected.

Google Cleared to Scrap Cookie Rules as UK Watchdog Ends Oversight

In a landmark decision, the UK’s Competition and Markets Authority (CMA) has officially released Google from its binding commitments tied to the Privacy Sandbox initiative, ending four years of regulatory oversight over the tech giant’s efforts to reshape online advertising.

What Is the Privacy Sandbox?

The Privacy Sandbox is Google’s long-running project to phase out third-party cookies in its Chrome browser and replace them with privacy-preserving alternatives. These new technologies — including Topics API and Protected Audience — aim to balance user privacy with advertisers’ need for targeting and measurement.

Since its announcement in 2019, the initiative has faced scrutiny from regulators and industry stakeholders concerned that Google’s changes could entrench its dominance in digital advertising.

Why the CMA Got Involved

In 2021, the CMA launched a formal investigation into the Privacy Sandbox, fearing that Google’s proposed changes could:

• Limit competition in digital advertising
• Give Google an unfair advantage over rivals
• Reduce publisher revenues

To address these concerns, Google voluntarily offered a set of legally binding commitments. These included:

• Regular updates to the CMA and industry stakeholders
• Independent monitoring of Sandbox development
• Restrictions on self-preferencing and data misuse

These commitments were enforced under the CMA’s competition law powers and remained in place for nearly four years.

What Changed in 2025

Following a public consultation in June 2025 and ongoing monitoring, the CMA concluded that:

• Google’s implementation of Privacy Sandbox technologies no longer poses a threat to competition
• The company has acted transparently and in good faith
• The market has had time to adapt to the new advertising model

As a result, the CMA formally revoked the commitments on October 17, 2025, stating that continued oversight was no longer necessary.

Industry Reaction

The decision has sparked mixed reactions across the digital ecosystem:

• Advertisers and publishers remain cautious, with some worried about reduced visibility and control.
• Privacy advocates have welcomed the shift away from invasive tracking.
• Competitors are watching closely to see how Google’s ad tech evolves without regulatory constraints.

What’s Next for Google?

With the CMA’s oversight lifted, Google now has greater freedom to roll out Privacy Sandbox technologies across Chrome and Android. The company has signaled plans to fully deprecate third-party cookies by early 2026, a move that could reshape the global advertising landscape.

Global Implications

The UK’s decision may influence other regulators, including:

• The European Commission, which has its own investigations into Google’s ad tech stack
• The U.S. Department of Justice, which is pursuing antitrust cases against Google
• India’s Competition Commission, which is monitoring digital advertising practices under its evolving competition framework

As privacy and competition continue to collide in the digital age, the CMA’s ruling

HCLSoftware Launches Domino 14.5 with Sovereign AI to Strengthen Data Privacy for Regulated Sectors

HCLSoftware, a global leader in enterprise software solutions, announced today the launch of HCL Domino 14.5. Specifically targeting governments and regulated organizations concerned with their data privacy, HCL Domino 14.5 ushers in significant enhancements to the Domino+ sovereign collaboration portfolio, including the introduction of Domino IQ, a sovereign AI extension to the Domino platform that protects an organization's data privacy and ensures information security.

Users of the HCL Domino platform leverage powerful AI to automate tasks, analyse data, and more, by choosing the models that their organization or trusted sources have built. With compliance measures such as the European AI Act aimed at shaping the development and use of artificial intelligence within the EU, Domino IQ enables organizations to have more fine-grained control over AI investments and, additionally, remove their reliance on foreign cloud-based services.

“In an uncertain geopolitical landscape, governments and regulated organizations, such as private banks, are increasingly concerned about their data sovereignty and digital independence”, said Richard Jefts, Executive Vice President and General Manager, HCLSoftware. “The importance of data sovereignty and avoiding unnecessary foreign government influence extends beyond SaaS solutions and AI. Specifically for collaboration - the sensitive data within email, chat, video recordings and documents, With the launch of Domino+ 14.5, HCLSoftware is helping over 200+ government agencies safeguard their sensitive data.”

"Today more than ever, true digital sovereignty is the key to Europe's digital future. That’s why at IONOS we are proud to provide the sovereign cloud infrastructure for HCL’s sovereign collaboration solutions. Our platform is powerful, secure, and – above all – free from foreign access. Together, we are setting an example for responsible innovation and digital self-determination, a key factor for companies and institutions in regulated industries with particularly sensitive requirements," said Achim Weiss, CEO of IONOS, the leading European hosting provider and trusted cloud enabler.

Other key capabilities of this Domino+ launch include:

• BSI certification of Information Security and use of Security Event and Incident Management (SEIM) tools.
• Compliance with the European Accessibility Act for web-based, business user experiences.
• Ready to deploy, and enhanced sovereign chat and meetings solutions.

HCLSoftware is a global leader in software innovation and the software division of HCLTech. We develop, market, sell, and support transformative solutions across various industries, including business and industry, intelligent operations, total experience, data and analytics, and cybersecurity. Our commitment to customer success and our core values of integrity, inclusion, value creation, people-centricity, and social responsibility drive us to deliver best-in-class software products that empower organizations to achieve their goals. With a rich heritage of pioneering spirit, HCLSoftware serves more than 20,000 organizations, including a majority of the Fortune 100 and almost half of the Fortune 500. Learn more about how we can help you achieve your goals.

Data Privacy in 2025: Trends in Security for Tech Businesses and Data Centers

In 2025, data security and privacy remain one of the most important areas of focus for many companies. Technology is changing rapidly, and people are more concerned about their rights in this field. At the same time, data protection rules are becoming stricter. Because of this, tech leaders pay more attention to security questions. In the article, we will discuss important trends that will shape the security of personal information in the future.

Importance of Privacy of the Information

Businesses should rethink their privacy strategies because data-driven technologies are becoming more complex. As a result, cyber threats are increasing. When we spend time online, we generate tons of data. The information reflects our interests, preferences, and latest purchases. Moreover, it can include information about your health, relationships, and problems. For example, the app on your smartphone may collect data about your pulse and track your daily steps.

This is why you should be careful when sharing your personal information or giving permission to mobile apps. The question is relevant to different spheres, including work, online shopping, entertainment, and others. For example, if you play online for real money, you must select safe payment options, such as with Google Pay payment method.

In addition, you should consider the regions and markets when you choose platforms for online gaming. In particular, players from the UK will benefit from the UK version of Roulette77, while some other options may be unavailable or inconvenient for different reasons. In any case, users need to pay attention to different policies and tools on websites and not skip these notifications.

Technologies for Data Security

Digital technology develops quickly, and it can create new threats. However, cybersecurity and various technologies are constantly improving to meet the challenges. Businesses use different tools and technology to protect their customer data. The tools include:

• Encryption.  Encryption tools help you to protect your data. They ensure that your data is unavailable to anyone who is not allowed to see it, and the tools help to protect your information even if someone gets it.
• Anti-malware software. The software finds and stops harmful programs and software.
• Secure access tools. Multi-factor authentication and other tools help companies control who can get access to the information.
• Firewalls. They protect networks and control what information can come in and go out. They act as a barrier and protect networks.

In addition, as more data is stored in the cloud, it is important to use different security measures.

Trends in Security and Privacy

Businesses will face serious challenges in 2025. The regulations are becoming stricter, and customers are more concerned about this. We have summarized the main data protection trends for 2025.

• Strict Regulatory Standards: Governments in different countries quickly change legislation to improve data protection. The International Association of Privacy Professionals states that more localized rules are important because people worry that someone can use their data without permission. This highlights how important it is to follow these rules actively.
• Privacy-enhancing Technologies (PETs): Businesses of different sizes can benefit from privacy technologies that used to be available only to big companies. The tools offer practical ways to protect sensitive information and allow businesses to earn. In particular, companies implement such tools as multi-party computation, zero-knowledge proofs, and others.
• Multi-Layered Security : In the past, data center security focused on building a strong perimeter to keep unauthorized people out. However, this approach has some drawbacks. In particular, we can expect more interest in security strategies for data centers with several layers in the future. For example, data center operators may not only install physical access controls at the main entrance but also limit access to server rooms.
• Ethical AI Tools : AI tools offer great benefits, but they also have some risks. Some of them are not transparent and have limited accountability. Top companies know that they should use AI carefully and remember ethical rules. Today, this approach is crucial for many companies and their operations. If a business uses AI without any ethical considerations, it can hurt customer trust. Moreover, it can also attract regulatory attention.
• Backup Power Systems: The main reason for investing in uninterruptible power supply (or UPS) units and other backup power resources is to reduce the impact of natural disasters. However, backup power is also becoming important for data center security. Data center operators should prepare their backup power systems.

Customer Consent

Today, customers want real control over their personal data, not just a simple consent checkbox. Businesses need to move beyond basic compliance and focus on creating experiences that truly empower their users.

Companies implement clear systems that allow users to control their data, including the following:

• Understandable dashboards for centralized privacy control.
• Clear and concise privacy policies.
• Several consent options that users can choose from.

Moreover, you can customize your preferences and decide what information to share.

Summary

The approach to information security is rapidly changing in 2025, and this presents businesses with both challenges and opportunities. Technology leaders create privacy strategies that build

Researchers Develop AI Model That Creates Invisible Digital Masks for Personal Photos

There's an innovative Al model called Chameleon, developed by researchers at Georgia Tech, that creates invisible digital masks for personal photos to protect against unwanted facial recognition.

This breakthrough innovation is a significant advancement in the digital privacy , offering a robust way to protect personal identity in a world where facial recognition is becoming increasingly prevalent.

The P3-Mask

Integrating P-3 Mask technology into smartphone cameras could allow users to automatically protect their photos as they are taken. Individuals concerned about privacy can use the P-3 Mask to anonymize their images in public surveillance footage. Companies can protect employee and client photos from being misused or recognized by unauthorized systems. Brands can use the P-3 Mask to ensure that images used in campaigns do not compromise the privacy of the people featured.

This model generates a personalized privacy protection (P-3) mask for all of a user's facial photos, making them unrecognizable to facial recognition scans while preserving the image quality.

The Chameleon Al model was developed by researchers at Georgia Tech University. The team, led by Professor Ling Liu, includes Ph.D. students Sihao Hu and Tiansheng Huang, along with Ka-Ho Chow, an assistant professor at the University of Hong Kong.

Chameleon creates an innovative single, personalized Personalized Privacy Protection (P-3) Mask for all of a user's facial photos, making them unrecognizable to facial recognition tools.

Unlike physical masks, the P-3 Mask is a digital layer applied to images, making it invisible to the naked eye but effective against facial recognition algorithms. The model is designed to be resource-efficient, requiring minimal processing power.

Further, Chameleon uses a perceptibility optimization technique to ensure that the visual quality of the protected photos is maintained.

A paper on Chameleon, Personalized Privacy Protection Mask Against Unauthorized Facial Recognition, was presented earlier this month at ECCV 2024.

The researchers aim to release the Chameleon code publicly on GitHub soon, allowing developers to integrate this technology into various applications.

Usage

The Chameleon AI model can be applied in various everyday applications to enhance privacy and security. Here are some potential uses:

1. Personal Privacy: Individuals can use Chameleon to protect their personal photos from unauthorized facial recognition scans, ensuring their images remain private and secure.

2. Social Media: Social media platforms can integrate Chameleon to automatically apply privacy masks to user-uploaded photos, safeguarding users' identities.

3. Smartphone Security: Mobile devices can incorporate Chameleon to provide real-time facial recognition protection, preventing unauthorized access and enhancing user privacy.

4. Public Surveillance: In public spaces, Chameleon can be used to anonymize individuals in surveillance footage, protecting their identities while still allowing for security monitoring.

5. Marketing and Advertising: Companies can use Chameleon to anonymize images used in marketing campaigns, ensuring that individuals' privacy is maintained while still showcasing products or services.

These applications demonstrate how Chameleon can be a valuable tool for protecting privacy in various aspects of daily life.

Keystroke Technology Got An 18-Yrs Old Employed Women Fired from Her WFH Job

After spending 18 years with a major insurance company, an Australian woman was let go after the company, using keystroke technology, found that she wasn’t typing enough while working from home.

Aussy woman, a 38-year-old Suzie Cheikho was fired from Insurance Australia Group (IAG) for not typing enough while working remotely. Australia's Fair Work Commission (FWC) rejected her "unfair" dismissal application, saying that she was fired for a "valid reason of misconduct".

The insurance firm used a sneaky technology referred as keystroke technology to monitor the work-from-home performance and productivity of an employee. Keystroke technology refers to any technology that records or analyzes keystrokes. It can include software-based keyloggers or hardware-based keyloggers. This particular software managed to pinpoint the employee’s inefficient working style using something as simple and mundane as typing.

Keystroke logging, often referred to as Keylogging/Keyloggers is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored.

According to the insurance firm's logger data, Cheikho recorded zero keystrokes over 117 hours in October, 143 hours in November and 60 hours in December. At most, she was found to be averaging 54 strokes per hour during the surveillance period.

Though Keyloggers are legal, with many designed to allow employers to oversee the use of their computers, keyloggers are most often used by by hackers for sinister activities like stealing passwords and other confidential information.

Speaking to few experts also gave an another perspective, that since the keystroke technology was primarily created for hacking confidential information (developed in 1970s by Soviet Union to target typewriters), for monitoring employees the technology wouldn't work all the time. Citing an example, the executive in one of the Big-four companies said, "the job profile of the Aussy woman in this case isn't clear. Some insurance employees or recruitment executives, for example, have to make calls then typing on their keyboards. So they might miss or have less key strokes than a software developer."

Notably, today most companies provide company-laptops at time of on-boarding employees and the number of companies providing laptop increased post COVID-19 pandemic when working remotely became a new norm, and new employees were welcomed with welcome-kits and laptops. Very few of these companies did have pre-installed keylogger software to track performance of their WFH employees.

Besides, Microsoft also publicly accepted that Windows 10 has a built-in keylogger in its final version "to improve typing and writing services". [Read – How to disable Microsoft keylogger in Windows 10]

Moreover, the web browser used within the TikTok app can track every keystroke made by its users. According to a research report, TikTok inserts code that can track activity on sites its browser is used to access. Although, TikTok said it uses the code for things like debugging. Noteworthy, TikTok is banned in both US and India, but keyloggers are not. 

Keyloggers are also being installed in the user’s smartphone through the keyboard apps and are being installed by the hackers silently without the user’s acknowledgment. It send the data to hackers secretly in the background. Android smartphone experts advice to install the authenticated keyboard from a trusted source and never install the keyboard from third-party platforms. If your phones' battery drains fast or the phone gets heated then you could also be carrying Keylogger in your phone. [Read – Remove Keylogger from Android]

Tsaaro Sees Heightened Interest From eSports Gaming Platforms for Data Privacy Solutions

Tsaaro, India’s premier data protection as a service provider, has seen a 4X times increase in interest and inquiries from esports gaming platforms for data privacy solutions this quarter. The development is indicative of the fact that the gaming industry is becoming more sensitive towards data privacy issues and wants to have effective protection for user data. Tsaaro has become a one-stop solution for gaming companies, ensuring that they comply with all applicable data privacy guidelines and laws while also having an effective endpoint security system in place.

Gaming has grown into a thriving industry in recent years, with nearly half a billion new players joining the mix in the last three years alone. According to an Accenture report, the global gaming industry will be worth more than $300 billion in direct and indirect revenue in 2021, which is more than the film and music industries combined.

Mr Akarsh Singh, CEO & CoFounder, Tsaaro

Tsaaro equips these platforms with power, control, and simplicity to prevent data privacy violations while providing the necessary tools to facilitate compliance. Penetration testing by Tsaaro helps these platform providers realize where they stand in the event of a real cyber attack on their systems and hence build a stronger system. Tsaaro advises a gaming company to obtain an ISO 27001 certification and use data masking and encryption to protect data from various vulnerabilities.

Commenting on the same, Mr Akarsh Singh, CEO and CoFounder, Tsaaro said: "According to recent reports, the gaming industry has been subjected to 12 billion cyber-attacks in the last 17 months, the vast majority of which occurred during the pandemic. The industry is undeniably thriving and growing in popularity among people of all ages. The most vulnerable are children and teenagers who have shared personal information with gaming companies and are now victims of data breaches. Tsaaro provides turnkey solutions and services to businesses to help them protect the personal information of their customers. It also offers game developers tools to help them better understand data and perform better in the gaming industry."

AI-driven Chat Service Company Shares People's Data with Its For-Profit Spin-Off

Crisis Text Line, which is a global not-for-profit organization providing free & 24X7 mental health texting service through confidential crisis intervention via SMS message, has allegedly used and shared the data as a sliced and repackaged version of that information to create and market customer service software.

The non-profit company collects data from its online text conversations with people and uses big data and Artificial Intelligence (AI) to help people cope with traumas such as self-harm, emotional abuse and thoughts of suicide, said a report by Politico, a political journalism company based in the United States and internationally.

According to the report, Crisis Text Line has allegedly shared data with its spin-off called 'Loris.ai', an AI-driven customer service software platform that uses machine-learning to provide companies AI-driven customer conversations with empathy. Customer companies can install Loris.AI as an app into their existing customer service platform such as Zendesk, Salesforce, etc.

Loris.AI is headquartered in New York, U.S. and also has an office in Tel Aviv, Israel. 

The report further said that Loris.AI has pledged to share some of its revenue with Crisis Text Line. Moreover, Crisis Text Line also holds an ownership stake in Loris.AI, and the two entities shared the same CEO for at least a year and a half. The two call their relationship a model for how commercial enterprises can achieve charity-tasks.

Crisis Text Line, however says that any data it shares with Loris.ai, has been wholly “anonymized,” stripped of any details that could be used to identify people who contacted the helpline in distress. Both entities say their goal is to improve the world — in Loris’ case, by making “customer support more human, empathetic, and scalable.”

Notably, Crisis Text Line has got financial backing from some of biggest tech names and VC funds including Reid Hoffman, Melinda Gates, The Ballmer Group, and Omidyar Network.

The services of Crisis Text Line are available 24 hours a day, every day, throughout the United States, Canada, UK, and Ireland.

Further, in a statement on its website, Crisis Text Line, said -"During these past days, we have listened closely to our community’s concerns...We hear you. Crisis Text Line has had an open and public relationship with Loris AI. We understand that you don’t want Crisis Text Line to share any data with Loris, even though the data is handled securely, anonymized and scrubbed of personally identifiable information.” Loris.ai will delete any data it has received from Crisis Text Line.

A recent story cherry-picked and omitted information about our data privacy policies. We want to clarify and fill in facts that were missing so people understand why ethical data privacy is foundational to our work.

A thread 🧵:

— Crisis Text Line (@CrisisTextLine) January 29, 2022

This incidence also raised questions on currently prevalent 'AI Ethics' in businesses. In an ideal "Ethical AI standards", a system of moral principles and techniques intended to inform the development and responsible use of artificial intelligence technology should be practiced.

Social Media Platforms Will Have To Adhere To Indian Privacy Laws Now: Tsaaro Survey

Tsaaro Conducts Survey On People's Expectations from Draft Personal Data Protection Bill 2019

Tsaaro, India's premier Data Protection as a services provider, today announced the key findings of its survey on people's expectations from the upcoming Personal Data Protection Bill 2019. The extensive study saw participation from more than 200 Privacy Professionals across Education, Healthcare, Information Technology, Banking & Finance, and other sectors. Tsaaro aimed to gather valuable insights and on that basis drafted a detailed report which depicted the stand of people on the draft of the Personal Data Protection Bill.

Over 51% of respondents said they thought the drafted Bill was at par with other global privacy laws such as the GDPR, CCPA & the PIPL. However, most of the participants recommended that the drafted Bill should provide for an independent Data Protection Authority similar to the GDPR. The drafted Bill in its current form allows for excessive Government intervention and therefore it is unlikely that the DPA will function independently.

When participants were asked whether they agree with the proposed provision of inculcating Data Localisation in reference to the organizations which are operating outside India, 70% of the participants agreed to the provision. 93% agreed that Social Media Platforms will have to adhere to Indian Privacy Laws now. A majority of the participants felt that the definition of critical data needs to be worked upon and a total of 71% of participants felt that the definition, as of now, was not up to the standard.

When asked if there should be a restriction on the number of Data Subject Requests an individual is entitled to, 69 % of participants agreed that there should be some form of limit that allows access without infringing on an individual's rights. While 76% of the respondents agreed that there should be a retrospective application of the provisions of the drafted PDP Bill. Only 10% of the participants responded that the upcoming Bill should be enacted as it is. When asked if consent should be the sole legal basis on which data may be processed, the majority of participants said no, adding that the law should allow for another legal basis on which data can be processed.

Regarding data subject rights, Tsaaro discovered that the majority of participants were worried that the drafted Bill does not guarantee the same rights to Data Subjects as privacy legislation such as the GDPR do.

Further, a majority of the participants were not satisfied that the existing data protection principles are sufficient in light of evolving technology. They felt that once the Bill is enacted there should be a given time wherein the organisation can ensure compliance and there must be a retrospective application of provisions and agreement on Data Localisation as a mandate for Social Media Platform especially to operate in India.

It was suggested that the upcoming Bill should state that in case of data breaches by public bodies they should be held liable for such a breach. Government bodies collect and processes large amounts of Personal Data and Sensitive Personal Data. Therefore they should not be exempted from complying with the provisions in the drafted Bill. In case of data access requests by public bodies, the entity subject to such a request should be obliged to inform this publicly unless the request is for crime or fraud prevention.

The majority of the participants felt that there must exist clear definitions of terms in the upcoming statute, as vague definitions create grey areas and further obstruction in the natural course.

Akarsh Singh, CEO & Co-founder, Tsaaro says, “Data Privacy is a growing concern amidst increasing number in Data Breach Incidents. The much-awaited personal data protection bill which is scheduled to be tabled in the winter session of the parliament starting today has received a mixed response. We wanted to deep-dive into the several possibilities, recommendations as well as a general overview of data privacy experts and professionals. The survey, conducted over the last 3 weeks, has been effective in bringing to light the key pain points of the industry and we hope to bring insights for people in general as well as the policy-makers to consider.”

The company aims to modernise training technologies and become a digital competence centre. The Academy is developing suitable strategies to partner with more specific and industry players to extend their services and also to provide more improvised training. The company take a pragmatic, risk-based approach to provide its clients with real-world, workable advice, guidance, and support that helps them to deal with a wide range of security and privacy-related challenges.

German State's Data Watchdog Warns Govt Against Zoom for GDPR Violation

Data Protection Authority for the German state of Hamburg, The Hamburg DPA (Hamburgische Beauftragte für Datenschutz und Informationsfreiheit), has been formally warned against using Zoom over data protection concerns, reported Techcrunch.

The Hamburg DPA has warned to use the video conference solution from Zoom Inc. in the so-called on-demand variant. This violates the General Data Protection Regulation (GDPR), as such use is associated with the transmission of personal data to the USA, said the public warning.

Zoom allegedly violated the European Data Protection Board's guidelines for transferring personal data to a third country.

In the public press release, the Germam Senate Chancellery further said - "The European Data Protection Committee has formulated requirements in order to be able to transfer personal data to a third country such as the USA in accordance with the GDPR. The HmbBfDI is based on this standard in business and public administration. The documents submitted by the Senate Chancellery on the use of Zoom show that these standards are not being adhered to. Other legal bases such as the consent of all parties concerned are also not relevant here."

Ulrich Kühn, the acting Hamburg commissioner for data protection and freedom of information said, "Public bodies are particularly bound to comply with the law. It is therefore more than regrettable that such a formal step had to be taken. At the FHH (Free and Hanseatic City of Hamburg), all employees have access to a tried and tested video conference tool that is unproblematic with regard to third-country transmission. As the central service provider, Dataport also provides additional video conference systems in its own data centers. These are used successfully in other countries such as Schleswig-Holstein. It is therefore incomprehensible why the Senate Chancellery insists on an additional and legally highly problematic system."

Earlier in July, the Federal Data Protection Commissioner (Golem) of Germany has ordered govt authorities and agencies to leave social networking platform Facebook by the end of the year, due to the similar data privacy concerns.

Privacy-First Email Provider Letter Reports 260% Growth

• Demographic expansion expected to drive continued growth in 2021-22
• Introduces worldwide email delivery network across 15 locations globally
• Bags Enterprise Solution Rights For Browserling Inc, Kaksha.ai, SntHostings and BMG Informatics in 2021

New Delhi, July 29, 2021: India’s leading privacy-first email provider Letter, announces a phenomenal growth of 260 percent. New bookings have increased to 4 times and the existing customer base subscription has increased nearly 120 percent.

The company recently bagged enterprise solution rights for online cross-browser testing service Browserling Inc; stealth startup, Kaksha.ai; affordable web hosting, SntHostings and end-to-end IT solutions company BMG Informatics. The state-of-art email hosting provides business grade email with no limitations and offers exclusive features such as unlimited users, unlimited domain names, unlimited aliases and unlimited filtering rules. The Enterprise Solution comes with unrestricted emails, private communication with highest security and military grade encryption, better and faster support with efficient technical assistance.

Driving business operations across Education, IT Solutions, Software, Industrial Electronics and Web hosting sectors, Letter’s business ecosystem now includes national as well as international clientele from across 10 countries including India, Portugal, Bangladesh, Singapore, Netherlands, UK, Japan, Brazil, Chile and Australia.

Letter has also launched a new Email Delivery Network globally. Spanning across 15 locations including India, France, Germany, Netherlands, Bulgaria, Sweden, Russia, United States, United Kingdom, Canada, Brazil, South Africa, Singapore, Japan, and Australia, this new development has been optimized for faster access to emails. The worldwide server allows you to send emails to free email providers like Gmail, Outlook, Yandex, Zoho, Hush, Protonmail and the likes without unnecessarily getting lost or ending in spam as the new network is scalable enough to accept millions of emails per minute with 99.9999% deliverability. Ensuring technological excellence, the new service allows you to accept incoming emails even if your Letter account is taken down for maintenance as the mail delivery network accepts mails and queues them until your account is restored.

Commenting on the success Sunit Kumar Nandi, Founder and CEO of Letter said, “It has been a significant journey so far. With our unwavering commitment towards customer satisfaction and global standards of security, we have been reporting 14% growth month on month. Driven by industry first initiatives and technological innovations, we have been successful in achieving strategic milestones and expanding our footprints from India to 14 countries. It is indeed overwhelming to see that our new products have been experiencing accelerated demands and trust from global customer base.”

About Letter:

Founded by IIT Guwahati student Sunit Kumar Nandi, Letter is India’s privacy-first email provider start-up, which solves the problem of email communications being treated as an afterthought in a world where email is the backbone of everything. 

Packed with an array of advanced features- an intuitive user interface, impressive performance and global security standards which boasts of strongest data privacy and encrypted storage for emails. Letter is available worldwide for individuals, businesses and organizations, and email hosting plans can be purchased directly from https://letter.is. Plans start from as low as INR1320 / 15€ per year for 4GB storage. The existing client portfolio includes individuals and businesses from India, Portugal, Bangladesh, Singapore, Netherlands, UK, Japan, Brazil, Chile and Australia.

"Withdraw Privacy Policy Changes" - Asks India To WhatsApp

In a letter to WhatsApp CEO Will Cathcart, the Indian government pointed out that the Indian users are being subjected to differential treatment when compared to their European counterparts

The Indian government has asked WhatsApp to withdraw the proposed changes to its privacy policy stating that the changes raise “grave concerns” regarding the implications for the choice and autonomy of Indian citizens.

In a letter to WhatsApp CEO Will Cathcart, the Indian government pointed out that the Indian users, who have not been given the option to opt-out of data sharing with Facebook companies, are being subjected to differential treatment when compared to their European counterparts.

“Whether this [the new policy] will enable better provision of service to users or not is besides the point, the issue is the impact it has on informational privacy, data security and user choice,” the letter said.

It also added that sovereign independence of India’s distinct identity and its people must be properly respected and any unilateral changes to WhatsApp Terms of Service and Privacy would not be fair and acceptable.

The government also asked the Facebook-owned platform to reconsider its approach to respect the informational privacy, freedom of choice and data security of Indian citizens.

“The privacy policy offered by WhatsApp to its European users specifically prohibits the use of any information shared with a Facebook company for that companies’ own purposes, while this Clause is not present in the privacy policy offered to Indian users."

"This differential and discriminatory treatment of Indian and European users is attracting serious criticism and betrays a lack of respect for the rights and interest of Indian citizens, who form a substantial portion of WhatsApp’s user base."

Source - The Hindu

Telegram Founder Pavel Durov's Latest Blog User's Data Privacy

A latest blog has been posted by Pavel Durov, Founder and CEO of Telegram on the ongoing discussions about user data privacy and how it’s been managed by global communications apps. Below are details of same (in first person voice) - 

I hear Facebook has an entire department devoted to figuring out why Telegram is so popular. Imagine dozens of employees working on just that full-time.

I am happy to save Facebook tens of millions of dollars and give away our secret for free: respect your users.

Millions of people are outraged by the latest change in WhatsApp Terms, which now say users must feed all their private data to Facebook’s ad engine. It’s no surprise that the flight of users from WhatsApp to Telegram, already ongoing for a few years, has accelerated.

At about 500 million users and growing, Telegram has become a major problem for the Facebook corporation. Unable to compete with Telegram in quality and privacy, Facebook’s WhatsApp seems to have switched to covert marketing: Wikipedia editors have recently exposed multiple paid bots adding biased information into the WhatsApp Wikipedia article [1].

We have also detected bots which spread inaccurate information about Telegram on social media. Here are the 3 myths they are pushing:

Myth 1. “Telegram’s code is not open-source”. In reality, all Telegram client apps have been open source since 2013 [2]. Our encryption and API are fully documented and have been reviewed by security experts thousands of times. Moreover, Telegram is the only messaging app in the world that has verifiable builds both for iOS and Android [3]. As for WhatsApp, they intentionally obfuscate their code, making it impossible to verify their encryption and privacy.

Myth 2. “Telegram is Russian”. In fact, Telegram has no servers or offices in Russia and was blocked there from 2018 to 2020 [4]. Telegram is still blocked in some authoritarian countries such as Iran, while WhatsApp and other “supposedly secure” apps have never had any issue in these places.

Myth 3. “Telegram is not encrypted”. Every chat on Telegram has been encrypted since launch. We have Secret Chats that are end-to-end and Cloud Chats that also offer real-time secure and distributed cloud storage [5]. WhatsApp, on the other hand, had zero encryption for a few years, and then adopted an encryption protocol funded by the US Government [6]. Even if we assume that the WhatsApp encryption is solid, it’s invalidated via multiple backdoors and reliance on backups [7].

In 2019 alone, Facebook spent almost 10 billion dollars on marketing [8] (I guess this includes paid bots on Wikipedia and other sites).

Unlike Facebook, Telegram doesn't spend any money, let alone billions of dollars, on marketing. We believe that people are smart enough to choose what is best for them. And, judging by the half a billion people using Telegram, this belief is justified. 

[1] – WhatsApp Gives Users Ultimatum – Share Data with Facebook or Lose Access  (https://www.trustedreviews.com/news/whatsapp-gives-users-ultimatum-share-data-with-facebook-or-lose-access-4117377)

[2] – In December 2020, the Wikipedia article about WhatsApp had the label “This article may have been created or edited in return for undisclosed payments, a violation of Wikipedia's terms of use”. Related investigation is discussed here (https://en.wikipedia.org/wiki/Wikipedia:Sockpuppet_investigations/VentureKit/Archive)

[3] – Telegram Source Code (https://telegram.org/apps#source-code)

[4] – Reproducible Builds for Telegram Apps (https://core.telegram.org/reproducible-builds)

[4] – On Digital Resistance in Russia (https://t.me/durov/117)

[5] – On Telegram Encryption (https://t.me/durov/57)

[6] – U.S. Government Funded The WhatsApp Encryption (https://www.vocativ.com/news/307106/whatsapp-encryption/index.html)

[7] – Why WhatsApp Will Never Be Secure  (https://telegra.ph/Why-WhatsApp-Will-Never-Be-Secure-05-15)

[8] – Facebook Marketing Spending from 2010 to 2019 (https://www.statista.com/statistics/506867/facebook-marketing-spending/)

26-year old IIT Guwahati Student Launches India’s 1st Ever ‘Privacy-First’ Email Provider Startup ‘LETTER’

• Most affordable email hosting services especially for startup community
• Made in India initiative for customised e-mail solutions 
• Global standards in security, usability and optimised email deliverability
• Letter secures data and makes the host unable to read any emails unless they explicitly have the user's password
• Letter adds an additional encryption layer over and above email encryption that not only secures emails but also the infrastructure from cyberattacks.

An IIT Guwahati student today announced the launch of an email provider startup called – 'Letter'.

Letter is a powerful email hosting provider packed with an array of advanced features, an intuitive user interface, impressive performance and global standard security which boasts on sharing strongest data privacy and encrypted storage for emails

 

Email communication in today's world is often treated as an afterthought even though online businesses have to depend on it the most. Major email providers not only mine user data but also use this data to display ads or sell to third parties. Some email providers do not allow you to import or export your email data, and some even lock you to their own apps. On the other hand, privacy-oriented email providers do not implement industry-standard email access protocols and also do not implement search functionality. 

"I have often suffered due to the lack of business email solutions that properly implements the basics such as email deliverability, contact sync, calendars, search, etc. and also respects user privacy and right to their data," shares Sunit Nandi, founder of startup Letter.

Devising a solution to these issues, Nandi self-hosted his own work emails for several years before finally launching Letter. "I was so frustrated with the state of email hosting that I self-hosted my own work emails for several years, and spent countless days improving the security & optimizing email deliverability. Finally, the product was completely finished and I decided to launch Letter," explains an excited Nandi who is also a serial entrepreneur and started when he was 18years. 

Currently pursuing his PhD from IIT Guwahati Nandi wants to offer 'Letter' as a Made-In-India well thought product offering business uncompromised data privacy.

Letter has created a strong market presence by offering highly affordable solutions with yearly plans starting for as low as INR1320. This gets better when it comes with 4GB storage, Bitwarden password manager and up to 4 custom/own domain mailboxes. Other plans have an offering of up to 50GB storage which too is on private cloud that doubles up to intense privacy and data security. Check out more details at www.letter.is.

Letter is a Mailcow based email provider, which is hosted in France and uses relays in Switzerland and Iceland. The aim of Letter.is is to create a secure email platform and protect user privacy which is the main concern of the Internet of today. The start-up provides email encryption by encypting the emails of the user on the disk with an AES-256 key which is encrypted with the user's password. This secures data and makes the host unable to read any emails unless they explicitly have the user's password.

Letter provides complete customer support in its packages unlike most business email solutions. This makes them unique with their fully managed solution that even includes assistance with adding DNS records. They believe in simplicity and generous offerings. The billing is not done on the number of email accounts or domains the customer has, but only on the disk space and number of outgoing emails on the plan of their choice. Letter does not compromise convenience over security. Therefore, it uses indexing that helps customers to find their emails through the search bar which many privacy-oriented providers still fail to offer. Letter adds an additional encryption layer over and above email encryption that not only secures emails but also the infrastructure from cyberattacks.

The bottom line is to combine simplicity with security!

India Ranks 2nd in Govt Requests for Facebook User Data, Spike in Emergency Requests in H1'19

India came in second after the US in terms of nations asking Facebook to divulge information related to user accounts, with such requests increasing by moe than 9 per cent to 22,684 in the first half of 2019, according to a report by the social networking giant.

In January-June 2019, India made 22,684 requests for user data of 33,324 users/accounts from the social media company.

This was only behind the US that asked the social media giant for 50,714 user data requests of 82,461 users/accounts in the period.

Facebook, in its half-yearly Transparency Report, noted that government requests for user data were at an all-time high at 1.28 lakh total requests in the first half of 2019. This is up by over 16 per cent from 1,10,634 requests in July-December 2018 time frame.

The UK (7,721), Germany (7,302), France (5,782) and Brazil (5,683) were also in the tally.

In the first half of 2019, India made 21,069 requests under 'legal process' and 1,615 emergency requests with 33,324 users/accounts requested. The US-based company said some data was produced in 54 per cent of the requests.

Requests from India in the July-December 2018 quarter was at 20,805, of which 861 were emergency requests, and 19,944 requests were under legal process.

"Facebook responds to government requests for data in accordance with applicable law and our terms of service. Each and every request we receive is carefully reviewed for legal sufficiency and we may reject or require greater specificity on requests that appear overly broad or vague," it said.

The company added that it accepts government requests to preserve account information pending receipt of formal legal process.

"When we receive a preservation request, we will preserve a temporary snapshot of the relevant account information but will not disclose any of the preserved records unless and until we receive formal and valid legal process," it added.

Facebook said it restricted access to 1,233 items of content, including 1,211 posts, two profiles, 19 Pages and Groups and one comment on its social media platform.

It added that the company permanently restricted access to content in India in response to legal requests from law enforcement agencies, court orders, and the Ministry of Electronics and Information Technology.

Content restricted was alleged to violate Indian laws on the grounds listed under to Section 69A of the Information Technology Act, 2000, and was primarily in the categories of hate speech, anti-religion content constituting incitement to violence, defamation, extremism, anti-government, and anti-state content, it added.

"We also restricted access to 217 items in response to private reports related to defamation," Facebook noted.

The company, which has faced flak previously over breach of user data, said it also "temporarily restricted access to 448 items in response to reports received from the Elections Commission of India alleging that the content was subject to election blackout periods".

Access to this content was restored following the end of the applicable blackout period, it added.

India also topped the list of Internet disruptions, with 40 disruptions in the first half of 2019, lasting cumulative period of over eight weeks. This included regions like Jammu and Kashmir, Tripura, Manipur, Arunachal Pradesh, Assam, Uttar Pradesh and Rajasthan. PTI SR

77% Indian Consumers Against Use of Technology Tracking Buying Patterns: Survey

As many as 77 per cent of Indian consumers in a recent survey believe that organisations collect too much data about them and 74 per cent were against the use of technology tools to assess their buying patterns. Buying pattern refers to the typical way in which consumers buy goods or avail services like buying-frequency, quantity, duration, timing etc.

A survey conducted by Verint Systems across 18 countries and 34,000 consumers highlighted how an 'always on' era has led to explosion of unstructured data from digital channels of customer engagement.

In India, more than 2000 consumers who have access to a digital platform took part in the research to reveal their assessment on issues like how customers perceive data privacy, their readiness to accept data breach, and use of technology to analyse customers' buying patterns, a Verint statement said.

As per the findings, nearly 77% of the Indian respondents agreed that organisations collect too much data about them and 74% of the Indian respondents said it is "creepy" to use technology to analyse their buying patterns and preferences, the statement noted.

"Out of the 18 surveyed countries, Indian customers take lead as 73 per cent of the respondents voted in favour of actively avoiding brands that use technology to analyse and track their buying/engagement patterns," it added.

About 755 of the Indian customers who were surveyed agreed that service providers cannot do much to prevent data breach, but majority did not wish to engage with a brand that has experienced a data hack.

The survey however noted that Indian customers are willing to share their personal information to receive personalised services and in exchange of discounts.

Commenting on findings, Anil Chawla, managing director - Customer Engagement Solutions, Verint said "with democratisation of data, it is important for organisations to sync up their teams, processes and technology to fulfil several data privacy norms. Organisations must encourage a culture of compliance by maintaining data security, being transparent about their data collection and data management processes". PTI MBI

Facebook slapped with $5 Bn Fine, Restrictions in a Privacy Probe by US Regulators

US regulators on Wednesday formalized a record $5 billion fine on Facebook for privacy violations in a settlement requiring the world's biggest social network to "submit to new restrictions and a modified corporate structure."

The Federal Trade Commission said the penalty was the largest ever imposed on any company for violating consumers' privacy and one of the largest penalties ever assessed by the US government for any violation.

"Despite repeated promises to its billions of users worldwide that they could control how their personal information is shared, Facebook undermined consumers' choices," FTC Chairman Joe Simons said in a statement after the split decision by the agency, with two members saying the penalty was insufficient.

This year in May, India too has had reportedly joined European Union (EU) in investigating Google over alleged Android antitrust concerns. Indian competition watchdog Competition Commission of India (CCI) had reportedly ordered an investigation into Alphabet Inc's unit Google for allegedly abusing the dominant position of its popular Android mobile operating system to block rivals.

In February last year, India's CCI imposed a fine of Rs 136 crore (~$21.1 million) on Google which was for unfair business practices in the Indian market for online search.

A World Economic Forum (WEF) 2017 report took everyone in the financial services sector by surprise when it suggest that it is the technology giants like Facebook, Amazon and Google that pose a bigger threat to the longevity of banks and their services.

WhatsApp Partners with Indian School of Public Policy

WhatsApp on Wednesday said it has partnered with Indian School of Public Policy to help future policy makers understand importance of privacy-centric design in product development, even as the app faces pressure from India to bring in traceability of fake message originators.

The partnership was announced by WhatsApp Global Head Will Cathcart during a discussion with Indian startups and entrepreneurs in Mumbai.

During the session, Cathcart discussed how designing products with privacy as a key principle is critical for building successful consumer and business products.

"...we're committed to helping people in India have private conversations with others that matter to them. We believe our partnership with ISPP will help future policy makers understand that designing products with privacy as a core tenet helps deliver the fundamental right to privacy people should have in today's digital world," Cathcart said.

Last year, fake news circulated on WhatsApp incited mob fury that led to the lynching of over a dozen people across India. The Indian government has asked WhatsApp - which has over 200 million users in India - to devise ways to identify message originators to trace the origin of fake messages circulated on its platform.

The Facebook-owned company, on its part, has maintained that doing so will undermine end-to-end encryption and affect privacy protection for users.

Cathcart, who previously worked with Facebook and took over the role at WhatsApp from Chris Daniels, is scheduled to be present at an event around technology enabling digital inclusion with Niti Aayog Chief Executive Officer Amitabh Kant on Thursday.

Under the partnership with ISPP, a series of privacy design workshops (co-hosted by TTC Labs) will be held. These workshops, aimed at future policy makers, will start from September 17.

Luis Miranda, Founder Director of Indian School of Public Policy (ISPP), said the changing Indian landscape will require leaders who can tackle its unique problems and begin to formulate creative solutions for the future.

"We are glad to be partnering with WhatsApp and TTC Labs to help our students better understand privacy centric product design so they can help create a robust policy ecosystem that creates positive impact for India," Miranda said. PTI SR