wordpress blog stats
Connect with us

Hi, what are you looking for?

Editorial: Consent can be manufactured

How can a user prove that they haven’t given consent to something?

For example, how does Nehmat Kaur, who did not consent to linking her Aadhaar with her bank account prove that she hasn’t given her consent? It’s her word versus that of the bank.

You might say biometrics may be needed for consent, but that isn’t a case here, and it’s probably not going to happen because it’s cumbersome to make people queue up outside bank branches for fingerprint authentication, like they have to queue up outside ATM queues last year. You could say that a One Time Password (OTP) can be sent for confirming consent, and a trail of digital records could be kept, confirming that data.

But that can be manufactured too: digital information in malleable and can be manufactured. There is precedence here, especially when it comes to telecom:

Telecom operators in India have a history of “manufactured consent”, in the literal, non-political sense: there was massive fraud in the Mobile VAS ecosystem, where customers were billed for subscribing to services that they never subscribed to. It happened to me a few times as well, once where I woke up in the morning to find that I had been billed for purchasing an animation at 3AM, when I was asleep. Often, telecom operators had logs to prove consent, and these could be faked. Click here to watch Vijay Shekhar Sharma, Paytm and One97 founder, explain how logs were manufactured to indicate out-bound dialers and consent for purchases of ringtones, when none of this had happened. If call logs can be manufactured, OTP logs can be manufactured too.

So how does someone prove that they haven’t consented?

Even when the logs haven’t been faked, and there is a tickbox which has been checked, how does someone prove understand and intent?Rahul Ajatshatru, lawyer, at our #NAMAprivacy Bangalore, said that “consent comes from when there is a meeting of minds, where people actually appreciate what they’re agreeing to. If the user does not understand the usage or the nuances, there is no consent even if I’ve clicked I agree. It can be challenged that I never thought it meant that. And courts have interpreted: it’s about what the parties understood what it meant at the time of signing.”

In the same vein, how can customers who found that Airtel had opened their payments bank prove that they have not given actual consent here? Sure, they might have clicked a checkbox, but is that really consent? Can consent not be taken with misinformation? We also have a history of mis-selling of telecom plans in India, where customers are shown a different plan from what they are signed up for.

With more services being connected to Aadhaar, and new users, facing issues of information asymmetry and bounded rationality coming online, the challenges that companies that sign up for this as they scale will face will not be around getting consent, but in proving that the consent taken is for real, and is informed and valid.

You May Also Like


A database of phone numbers of around 500 million Facebook users is up for sale on Telegram, even allowing customers to look up these...


By Sarada Mahesh Earlier this month, residents from Madhya Pradesh were enrolled in the COVID-19 vaccine trial conducted by the People’s College of Medical...


Following the raging debate around the latest updates to WhatsApp’s privacy policy, RSS ideologue K.N. Govindacharya urged the government to tax data transfers between...


Mobile numbers and WhatsApp chats of people using WhatsApp web were indexed on Google search results yet again, a security researcher claimed. This came...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ