If the usage of media in elections has changed, and the Election Commission took it upon itself to expand its scope for enforcing the model code of conduct beyond traditional media to Social Media, it should also have brought in restrictions in terms of how political parties, collect, link, process and use data, especially in the absence of a data protection framework in place in India. Where voter lists were once a means of enabling candidates to canvass more votes more effectively, what has changed now is the ability to link multiple datasets, and with that, combine information on voters to build a 360 degree profile about their income, caste, usage of government schemes, along with, potentially, their social media profiles to ascertain views on national, regional, religious and international issues. Datasets from private insurance schemes, mobile operators, banks, ecommerce companies, lending firms or even millions of apps can potentially be stolen or bought from data brokers and potentially even hackers. Even simpler: a political party app can potentially seek and gain access to entire mobile phone usage, with consent from unsuspecting individuals. Once databases/networks such as the Public Credit Registry, National Health Information Network and others are in place, more information will potentially be available for linking to profiles. This data can then be processed for profiling of citizens, in a manner that many state governments in India have sought to do, for example, in case of the State Resident Data Hubs for Odisha, Tamil Nadu, Madhya Pradesh, Delhi,…
