Insights

In May 2024, a young beauty queen and influencer in Ecuador was shot dead in a restaurant when her murderers tracked her location on social media. The lady posted details of her whereabouts online and paid for it with her life.

Digital footprint (like human footprint) is unique. It helps in personal identification. They are found everywhere, even virtually. Decoding the elephant in the room.

Meaning
Also known as electronic footprint, the phrase ‘digital footprint’ denotes data left online while using the internet. It enables to track a person’s online activities and even devices used for online activities.

Most common sources of digital footprint :

• Websites browsed including social media platforms, shopping, ticket booking for movie or travel,
• Apps downloaded,
• Financial data and
• E-mail communication and related activities.

Most common data that can be traced online:

• Personal details: Name, age, date of birth, location, phone number, e-mail, IP address, pictures, images, audio messages, video content.
• Professional details: Qualification, identity of corporate where employed, details of business being carried on, work experience, accreditations etc.  
• Financial details: Login credentials – username, passwords, debit / credit card information, payments made or received.
• Social media content : profiles, online searches, blogs, vlogs, likes, dislikes, comments, preference, choices, opinions, viewpoint etc.  
• Mobile phones: Apps, Trackers, subscriptions

Types
For convenience, digital footprint is categorized into the following:

Active digital footprint
Data created intentionally online such as sending emails, posting views or likes or opinions or sharing pictures and data on social media, participating in online forums etc. is known as active digital footprint. If a person has logged into a social media platform using his /her login credentials and passwords, then it will be considered as active digital footprints. Further putting up posts, likes, or views on social media platforms will be considered as social media footprint. Usually, such content or data directly indicate a person’s choices, preferences, opinions, and views. Financial footprint refers to details of financial transactions made online, say payments made during online retail shopping, or recurring payments made to vendors or service providers.

Passive digital footprint
Passive data is data about users collected without their knowledge. It is usually collected by third party websites and is based on a person’s browsing history; the number of times website have been visited etc. Typically, these types of data collection are for advertising companies to promote products or services based on the person’s usage and preferences. There are several instances of anonymous footprint – data left online by persons who do not reveal their identity.

Sensor Footprint
Images, details, and data captured through sensory equipment such as cameras, microphones CC TVs etc in private and public spaces also contribute to an individual’s or business entity’s digital footprint.

What’s the fuss all about?
Nearly everybody has an online presence in one way or the other. Be it social media platforms or WhatsApp, an online presence seems to be a necessity. Such need is doubly important for businesses to thrive on. In a densely populated country like India where more than half the country has access to internet, the volume of digital footprint is unimaginable.

Like with any practice, there is a positive and not so positive aspect of digital footprint.

The upside of digital footprint is the creation of a favourable reputation for individuals and businesses. Lately, employers’ hiring decisions is based on online reputation as much as the offline credibility. A positive social media presence has become one of the key factors in hiring talent in the corporate world. Educational institutions also thorough check the social media presence and online activities of students while admitting them. Besides this, search engines may customize a person’s internet experience by advertising products and services based on the search / browsing history of a person or his / her likes, preferences, and choices. To this extent, the internet experience becomes personal and exclusive to each person. Businesses use data mining process and constitute in house teams to analyse consumer data to curate and customize such experience.

The downside of digital footprint – lack of control over information once shared online. Such information can be accessed by others with or without the knowledge of the owner of such information. Images, pictures, or photos posted online is liable to be misused by third parties or hackers putting the people in such images to much risk and vulnerability. Hackers and cybercriminals access critical personal information to their gain and the persons’ loss. Fake identities can be created using personal information provided online. Bank details can be accessed, and financial frauds committed. Simply put, digital footprint has made privacy a myth. Lack of privacy is the biggest pitfall of the internet.

Importance of managing and protecting digital footprint
It is practically impossible to function without the internet and the ease / convenience that technology has brought to our lives. Yet it can be done with caution. The virtual trail of data can be managed / protected by following some checks and balance.

1. Enhanced privacy settings – Most online platforms – social media or emails or search engines have default privacy settings which offer least privacy protection. This means it is easy to access personal information by any third party. A tighter privacy setting will enable limited persons or unknown persons or third parties from accessing one’s information. To that extent, data in digital footprint can be protected.
2. Regular cleaning up of system – Periodic deletion of browsed history, cookies and other searches, typing in passwords at every use (as against enabling the system to ‘remember’ password) will go a long way in safeguarding credentials to gains entry / access to any online activity. Periodic changing or passwords is recommended and now offered as a default service in most online sites especially in online banking. Using strong and complex passwords will restrict hackers from gaining access. Using cybersecurity software or tools will help safeguarding personal information. It is important to delete old, unused and inactive accounts.
3. Using social media with caution – Social media platforms reflect a person’s life, lifestyle, opinions, preferences, and choices. Hence there is human tendency to overshare details to create a favourable impression of oneself in other’s minds. This often manifests as sharing pictures, images or photos of family members or sharing current location or places travelled to. Such sharing of information is done without a thought about how it will be further accessed by others. Hence it is important to use discretion while sharing photos or pictures especially of children and youngsters for there is a great risk of misuse of such images. Periodic archiving pictures of information shared or deleting them could reduce the risk of misuse. At the risk of sounding narcissistic, it is not wrong for a person to ‘search’ about himself / herself online to understand the nature and extent of information available online!
   One of the most common forms of data invasion by third parties is when people take online surveys or questionnaires or ‘personality’ tests which are very interesting to take. The hidden agenda – collect information.

Basically, digital footprint is a glorious phrase given to leaving personal data online long after the person has gone offline. It is invasion of privacy at the highest level. A taut legislation is very much the need of the hour.

Law(s) to tackle digital footprint and data invasion.
Private businesses and use personal data of individuals for various purposes. The business sector seeks personal data of individuals to understand likes, preferences, choices and accordingly categorize target consumers, adopt marketing strategies, advertisements and the like. The government also seeks and processes personal information for regulating law and order, framing effective policies, and protecting national security of the country. However, there is a very thin line between use and misuse.

Hitherto, the usage / storage of personal data was governed by the Information Technology Act 2000. Though not an express law, there have various cases in High Courts which recognized the ‘right to be forgotten’ as a fundamental right as part of right to privacy. It is a right for personal information available publicly to be removed from the internet, websites, search engines and any search databases once such information is no longer relevant or required.

The Digital Personal Data Protection Act (DPDP Act 2023) was enacted on 11th August 2023. The Act 2023 lays down procedures and processes to procure, store and use personal data in lawful manner and for lawful purposes. Issues relating to privacy – consent, transparency, accountability, and end use have been the pillars of the Act. The Act also contains provisions for establishing exclusive statutory authorities governing data regulation and levy of heavy penalties to act as a deterrent by all parties who access personal data of an individual. With the 2017 Supreme Court judgment declaring right to privacy a fundamental right, the DPDP Act 2023 couldn’t have been enacted at a better time. The Act aims at striking a delicate balance between use of personal data for lawful purposes while ensuring right to privacy of person(s).