IRCTC to monetize passenger data

IRCTC floats tender for appointing consultant for digital data monetization". Now, what you will say, when your stored data is going sell to the prospective buyers ,who is ready to pay the price. Recently, A tender floated by The Indian Railways Catering and Tourism Corporation (IRCTC) also talks about studying ‘behavioural data’ such as flow of passengers, class of journey, frequency of journey, tracking passengers’ travel timings, booking timings, payment mode etc in a bid to monetise it.

Generally we raises our eyebrow when any site get hacked, we immediately talk about the technology they are using or their security architecture. Seems there is no need to hack any website, when data is available in the open market. The data you are going to get includes name, age, mobile number, gender, address, email-id, no. of passenger, class of journey, payment mode, login/password.

With the news comes out, IRCTC has reported promising quarterly numbers in Q1FY23 and market is buzz about the Indian Railways PSU selling its passenger data base, which may help them generate an additional revenue that would enable the company to improve its margins. IRCTC is looking to onboard a consultant who can study railways passenger data in a bid to monetise it in the long run. It aims to earn Rs 1,000 crore revenue from the monetisation of digital data of Indian Railways.

As per IRCTC, “As a commercial entity, the company explores the business opportunities for new areas. As other business tenders, this tender has also been floated merely to appoint a consultant. The consultant will guide IRCTC and lndian Railways on monetization activities and advise on monetization value of Digital Assets observing various Acts or laws including lT Act 2000 and its amendments, User data privacy laws including GDPR (General Data Protection Regulation) and current 'Personal Data Protection Bill 2018 of India. Further, being a Government Company, it is a regular practice to float tenders."

An expert says, the move is possible because India still does not have a data protection law. The present Minister Ashwini Vaishnaw currently serving as the Minister of Railways, Communications and Electronics & Information Technology in Government of India. The government said that it will be re-introduced after making the necessary changes.

The Personal Data Protection Bill 2019 which was being discussed and deliberated upon for the last four years was recently scrapped by the Indian government. It is not yet known when the new law would see the light of the day. Experts raise data privacy concerns as IRCTC moves to monetize passenger data.