Pursuant to the article published by @medianama @imsoumyarendra on CBSE’s facial recognition tool for students to download their academic documents, we had filed an RTI on 27.10.2020 seeking details of the facial recognition deployed by CBSE. https://www.medianama.com/2020/10/223-cbse-facial-recognition/

We had asked CBSE for a copy of the privacy policy governing the facial recognition tool, but it has responded that “there is no such need of any privacy policy since it’s a simple face matching process.”

CBSE also responded that no parental consent was sought “since it was not needed”.

CBSE’s stance on privacy policy is in contravention of the Sensitive Personal Data or Information(SPDI) Rules,2011. Rule 4 requires body corporates,dealing with sensitive data,to have a privacy policy in place & to provide for the purpose of collection & usage of such information

We had also asked whether CBSE carried out a privacy impact assessment before launching the facial recognition system.

However, it did not address our question directly, and instead just said that “no template consent form” was created. It appears that no privacy impact assessment was carried out.

CBSE also clarified that no private company was involved in deploying the facial recognition tool, and it was developed in “technical collaboration” with the National e-Governance Division, under the MeitY.

You can help us do more!
To support our work and help us in the empowerment of #Indiancitizens about their digital freedom and rights, #DonateNow.
Visit - https://instamojo.com/@SFLCin 

#LetTheNetWork
#AarogyaSetu #AarogyaSetuApp
#Resistance #DigitalDefenders