The Indian government has refused to share copies of responses received from the US-based social media giant Facebook over global data breach scandal involving London-based data mining firm Cambridge Analytica, saying the information was shared by the companies “in confidence”.
“The responses received cannot be shared since the companies have shared (it) in confidence. They have requested to treat the information contained in their letter as confidential and has furnished (it) only for use of authority,” the Ministry of Electronics and Information Technology said in reply to an RTI query filed by this PTI correspondent.
It was asked to provide copy of replies received from Facebook and Cambridge Analytica on the notices sent by the ministry.
Facebook had in April admitted that nearly 5.62 lakh people in India were "potentially affected" by its global data breach involving Cambridge Analytica, and asserted that the UK-based firm's use of such data did not have its consent.
In response to the Indian government on the scandal, Facebook had informed that "only 335 people" in India were directly affected through the installation of an application and another 5,62,120 people were "potentially affected" as friends of those users.
Facebook has over 20 crore users in India.
Facebook had said that the data of about 87 million people -- mostly in the US -- might have been improperly shared with Cambridge Analytica.
After the data breach came to light, the ministry had in March and April this year shot off communications to Facebook and Cambridge Analytica seeking clarification on the issue from them.
The ministry's move came after Christopher Wylie, who blew the lid off the scam involving mining of Facebook user data to manipulate elections, tweeted details that claim to expose the British consultancy's work in India dating back to 2003.
Wylie claimed that SCL India (formerly Strategic Communication Laboratories, the parent company of Cambridge Analytica) was asked to provide electoral research and strategy for the 2010 Bihar elections for the Janata Dal (United). The JD(U) has rejected this claim.
Asked to share details of action being taken by the Indian government to check recurrence of such incidents, the ministry said it has set up an expert committee to draft a data protection framework for India.
“This is an ongoing effort. Further, government has set up an expert committee to draft a data protection framework for India and the report is expected soon,” it said in reply to the RTI application.
In its letter sent to Facebook CEO Mark Zuckerberg in March, the ministry said India has clear constitutional and legal frameworks designed to secure the integrity and sanctity of the Indian electoral process, including guidelines regarding campaigning, exit polls, etc.
“Therefore, in such cases of data breaches at the international level, it is incumbent on the government of India to determine the scope and extent of the impact on Indian citizens and/or the Indian electoral process,” it said, seeking the company's response on seven questions.
The Indian government, in its letter to Cambridge Analytica sent in April this year, cited Facebook's response over the issue.
“Cambridge Analytica's acquisition of Facebook data through the application developed by Dr Aleksandr Kogan and his company Global Science Research Limited (GSR) happened without our authorisation and was an explicit violation of our platform policies,” reads the Facebook response quoted in the missive.
Quoting Facebook, it also said “at no time did Facebook agree to Cambridge Analytica's use of any Facebook user data that may have been collected by this app, including with respect to users located in India”.