Ant Financial, China’s biggest online payment company and an affiliate of the e-commerce giant Alibaba Group, has apologized for default enrolling of its users in a tracking program called Sesame Credit, which monitors personal relationships and behaviour patterns. On a yearly basis, for hundreds of millions of its users, the company offers a breakdown of their yearly spending, which many of these individuals use to share on their own social media. As the media reports, the Sesame Credit program plays an ‘Orwellian’ role in Government’s efforts to use technology in order to keep a closer look on its citizens. The Sesame Credit collects users’ data and shares the analysis with its partners. The Cyberspace Administration of China (CAC), China’s cyber watchdog, called out Ant Financial over users’ privacy breach. They stated that the company has failed to meet the country’s personal information security standards. Reuters reports the CAC said: ‘step up efforts to conduct a comprehensive investigation of the Alipay platform, carry out special rectifications, and take effective measures to prevent similar incidents from recurring.’ Along with their apology, Sesame Credit cancelled the default option.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.