Indian Railways Catering and Tourism Corporation (IRCTC) is looking for to attend a consultant who can study train passenger data in an effort to monetize it in the long run.
The corporation that has floated tender in this case, aims to obtain RS 1,000 CRORE revenue from Monetization of Digital Data from India Train.
Customer data to be studied by consultants including name, age, mobile number, gender, address, email-id, no. passengers, travel class, payment mode, login/password.
This is part of the two-part tender floated by IRCTC. The first part, or project A, talks about the onboarding of a consultant who will study the data points mentioned above to identify the business model for rail data monetization.
Project B, talking about choosing an entity that can ‘identify, design, develop, build strategies and launch opportunities for data monetization’.
A bidder can take part in the second part of the project, or both.
This step is significant and also worrying because India still does not have data protection laws.
The 2019 Personal Data Protection Bill which is being discussed and deferred over the past four years has only been canceled by the Indian government.
It is not yet known when the new law will see the light that day.
But with this development, where the data points that can be identified personally such as name, sex, password and so on, are being discussed about being monetized, that also without protection, it is very important that the government brings laws to protect citizens ‘data’ data .
Other data
Going with a tender, the data point that will be learned by consultants including ‘behavioral data’.
The IRCTC tender reviewed by MoneyControl talks about studying ‘behavioral data’ such as passenger flow, travel class, travel frequency, tracing passenger travel time, ordering time, payment mode, and so on.
This data will be separated into dataset which can be managed ‘in accordance with the level of legal provisions’.
Then, the consultant identifies the potential market for a particular dataset and builds the old protocol to monetize the digital data of the Indian train.
More than six months, the consultant will study these factors and prepare a detailed project report and send it to IRCTC.
How about privacy?
Will study various actions or laws including IT ACT 2000 and its amendments, the Law on User Data Privacy including GDPR (General Data Protection Regulations) and the current 2018 Personal Data Protection Bill from India, and therefore propose a business model for digital asset monetization, “The tender said.
However, IRCTC failed to note that there was no amendment to IT ACT 2000, or there was a 2018 India Personal Data Protection Bill.
“IRCTC, a monopoly controlled by the government, must not prioritize the heretical commercial interests about the rights and interests of citizens. And considering the withdrawal of the new data protection bill, 2021, such monetization has become more alarming, “said the Freedom Foundation Internet in a statement.