Indian Railway (IRCTC) might sell your Personal Data

Asiana Times, September 10, 2022

Even before that, IRCTC believed that the projected revenue would increase by Rs. 1000 crore. Even if we believe IRCTC has a monopoly on booking, tourism, catering, and railways, it’s not important that they could sell our data.

There are so many that got offended by all those things, by which IRCTC said that everyone would get the option to opt-out of their data. Through that share, the market also increased.

Indian Railway (IRCTC) responds to data monetisatio

IRCTC has sought the services of a consultant to assist with the monetization process and has plans to garner Rs 1,000 crore via this proposed move. The company floated the tender document for hiring the consultant, and it believes multiple sectors, such as hospitality, energy, health, and infrastructure, are potential customers for the passenger data.

“As a commercial entity, the company explores business opportunities in new areas.” Like other business tenders, this tender has also been floated merely to appoint a consultant. The consultant will guide IRCTC and Indian Railways on monetisation activities and advise on the monetization value of digital assets, observing various Acts or laws including the Lt Act 2000 and its amendments, user data privacy laws including GDPR (General Data Protection Regulation), and the current “Personal Data Protection Bill 2018” of India, IRCTC said in a regulatory filing.

The publication quoted Amol Kulkarni, Director at CUTS International, saying that the sharing of passenger data creates the risk of violating consumer rights. “The data needs to be aggregated, anonymised, and protected.” There is the possibility that IRCTC will share personal data with different service providers without anonymising it. According to Kulkarni, there is a greater risk of breach, violation of privacy, and misuse of data if those things happen…

After all of it, the India digital advocacy group said, “The goal of profit maximisation will result in greater incentives for data collection, violating principles of data minimisation and purpose limitation.” Past experiences from the misuse of the Vahan database amplify fears of mass surveillance and security risks. “

This news item can also be viewed at: