#FactCheck - Viral Video of US President Biden Dozing Off during Television Interview is Digitally Manipulated and Inauthentic

Introduction

The advent of Electronic Vehicles (EVs) represents a transformative leap towards a more sustainable and environmentally conscious transportation future by nations. However, as these vehicles become increasingly connected and reliant on advanced technological systems, a parallel concern emerges—data privacy. Integrating sophisticated technologies in EVs, such as GPS tracking, biometric authentication, and in-car connectivity, raises substantial questions about the collection, storage, and potential misuse of sensitive personal information. This intersection of automotive innovation and data privacy underscores the need for comprehensive solutions and regulatory frameworks to ensure that the benefits of electric vehicles are realised without compromising the privacy and security of their users.

Electronic vehicles primarily record three types of data;

1. Driving behaviour and patterns: The e-vehicle records braking and driving patterns, including acceleration, speed, and swerve. Some vehicles even track air conditioning usage and airbag deployment to determine the point of failure in the event of a crash.
2. Location data: The e-vehicles also track GPS systems to gauge the speed and direction of the vehicle.
3. EV functions and use of telematic services: Monitoring of EV functions includes battery use management, battery charging history, battery deterioration, electrical system functions and software version information.

Data Privacy requirements of companies

Companies manufacturing e-vehicles are saddled with several data privacy requirements as concerns about consumer safety. Data collected by e-vehicles may be sensitive in nature. Location tracking is a key issue that has garnered attention. The constant recording of a driver's whereabouts can lead to the creation of detailed profiles, raising questions about the potential misuse or unauthorised access to this sensitive information. The risk of surveillance, stalking, or even theft of valuable personal data is a genuine concern for EV owners.

Moreover, integrating smart features, such as voice recognition, biometric authentication, and in-car personal assistants, adds another layer of complexity. These features require the collection and processing of personal data. If not handled securely, they may become vulnerable to hacking or unauthorised access, leading to identity theft or other malicious activities. Additionally, Smart charging systems offer convenience by allowing remote monitoring and control of charging, but they also gather extensive data. The geographical data collected during charging may raise concerns about location privacy.

Striking a delicate balance between leveraging this data for enhancing vehicle performance and user experience while safeguarding the privacy of EV owners is paramount. Transparent privacy policies, secure data storage practices, and stringent encryption protocols are essential components of a comprehensive approach to data protection. If a company is eyeing the international market or utilising cloud-based software with decentralised global data storage, it must also navigate international privacy and data protection laws. A prime example is the General Data Protection Regulation (GDPR), a globally recognised and stringent data protection law applicable to both European-based companies and international entities providing goods, services, or monitoring activities of residents within Europe. 

Manufacturers of these vehicles are subjected to compliance with this comprehensive legal framework. Obligations on companies are levied by them being data fiduciaries; dual liability may also emanate since some data fiduciaries may also qualify as data processors. Special care must be taken when data is being transferred to third parties. 

Further, compliance with consumer safety laws is also an important consideration. In India, the Consumer Protection Act of 2019 safeguards the rights of consumers, holding manufacturers, sellers, and service providers responsible for any harm resulting from faulty or defective products. This extends the Act's coverage to include manufacturers and sellers of internet and technology-based products. When read with the Digital Personal Data Protection Act of 2023 (DPDP Act), the Consumer Protection Act of 2019 takes on additional significance. The DPDP Act, focusing on the security of an individual's digital personal data, introduces provisions such as mandatory consent, purpose limitation, data minimisation, obligatory security measures by organisations, data localisation, and enforcing accountability and compliance. These provisions apply to information generated by and for consumers, offering a comprehensive framework for protecting digital personal data.

Conclusion

The intersection of e-vehicles and data privacy necessitates a careful and comprehensive approach to ensure the coexistence of automotive innovation and user security. As electric vehicles record intricate data related to driving behaviour, location, and telematic services, companies manufacturing these vehicles must navigate a complex landscape of data privacy requirements. The potential risks associated with location tracking, smart features, and the extensive data collected during charging underscore the importance of transparent privacy policies, secure data storage practices, and stringent encryption protocols. Moreover, as companies expand globally, compliance with international privacy laws like the GDPR becomes imperative. Balancing the enhancement of vehicle performance and user experience with the safeguarding of privacy is paramount. Manufacturers, deemed as data fiduciaries, must exercise diligence, especially when transferring data to third parties. Additionally, adherence to consumer safety laws, such as the Consumer Protection Act of 2019, further emphasises the need for a holistic and vigilant approach to ensure the responsible use of data in the evolving landscape of e-vehicles.

References

• https://digitalcommons.law.scu.edu/cgi/viewcontent.cgi?article=1556&context=chtlj 
• https://cyberswitching.com/electric-car-charging-and-data-privacy/#:~:text=Smart%20charging%20systems%20provide%20convenience,in%20safeguarding%20EV%20user%20privacy

Introduction

Cert-In (Indian Computer Emergency Response Team) has recently issued the “Guidelines on Information Security Practices” for Government Entities for Safe & Trusted Internet. The guideline has come at a critical time when the Draft Digital India Bill is about to be released, which is aimed at revamping the legal aspects of Indian cyberspace. These guidelines lay down the policy framework and the requirements for critical infrastructure for all government organisations and institutions to improve the overall cyber security of the nation.

What is Cert-In?

A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organisation’s cybersecurity incidents. A CERT may focus on resolving data breaches and denial-of-service attacks and providing alerts and incident handling guidelines. CERTs also conduct ongoing public awareness campaigns and engage in research aimed at improving security systems. The Ministry of Electronics and Information Technology (MeitY) oversees CERT-In. It regularly releases alerts to help individuals and companies safeguard their data, information, and ICT (Information and Communications Technology) infrastructure.

Indian Computer Emergency Response Team (CERT-In) has been established and appointed as national agency in respect of cyber incidents and cyber security incidents in terms of the provisions of section 70B of Information Technology (IT) Act, 2000.

CERT-In requests information from service providers, intermediaries, data centres, and body corporates to coordinate reaction actions and emergency procedures regarding cyber security incidents. It is a focal point for incident reporting and offers round-the-clock security services.  It manages cyber occurrences that are tracked and reported while continuously analysing cyber risks. It strengthens the security barriers for the Indian Internet domain.

Background

India is fast becoming one of the world’s largest connected nations – with over 80 Crore Indians  (Digital Nagriks) presently connected and using the Internet and cyberspace – and with this number is expected to touch 120 Crores in the coming few years. The Digital Nagriks of the country are using the Internet for business, education, finance and various applications and services including Digital Government services. Internet provides growth and innovation and at the same time it has seen rise in cybercrimes, user harm and other challenges to online safety. The policies of the Government are aimed at ensuring an Open, Safe & Trusted and Accountable Internet for its users. Government is fully cognizant and aware of the growing cyber security threats and attacks.

It is the Government of India’s objective to ensure that Digital Nagriks experience a Safe & Trusted Internet. Along with ubiquitous applications of Information & Communication Technologies (ICT) in almost all facets of service delivery and operations, continuously evolving cyber threats have become a concern for the Government. Cyber-attacks can come in the form of malware, ransomware, phishing, data breach etc., that adversely affect an organisation’s information and systems. Cyber threats leading to cyber-attacks or incidents can compromise the confidentiality, integrity, and availability of an organisation’s information and systems and can have far reaching impact on essential services and national interests. To protect against cyber threats, it is important for government entities to implement strong  cybersecurity measures and follow best practices. As ICT infrastructure of the Government entities is one of the preferred targets of the malicious actors, responsibility of implementing good cyber security practices for protecting computers, servers, applications, electronic systems, networks, and data from digital attacks, also remain with the ICT assets’ owner i.e. Government entity.

What are the new Guidelines about?

The Government of India (distribution of business) Rules, 1961’s First Schedule lists a number of Ministries, Departments, Secretariats, and Offices, along with their affiliated and subordinate offices, which are all subject to the rules. They also comprise all governmental organisations, businesses operating in the public sector, and other governmental entities under their administrative control.

“The government has launched a number of steps to guarantee an accessible, trustworthy, and accountable digital environment. With a focus on capabilities, systems, human resources, and awareness, we are extending and speeding our work in the area of cyber security, according to Rajeev Chandrasekhar, Minister of State for Electronics, Information Technology, Skill Development, and Entrepreneurship.

The Recommendations

• Various security domains are covered in the standards, including network security, identity and access management, application security, data security, third-party outsourcing, hardening procedures, security monitoring, incident management, and security audits.
• For instance, the rules advise using only a Standard User (non-administrator) account to use computers and laptops for regular work regarding desktop, laptop, and printer security in the workplace. Users may only be granted administrative access with the CISO’s consent.
• The usage of lengthy passwords containing at least eight characters that combine capital letters, tiny letters, numerals, and special characters; Never save any usernames or passwords in your web browser. Likewise, never save any payment-related data there.
• They include guidelines created by the National Informatics Centre for Chief Information Security Officers (CISOs) and staff members of Central government Ministries/Departments to improve cyber security and cyber hygiene in addition to adhering to industry best practises.

Conclusion

The government has been proactive in the contemporary times to eradicate the menace of cybercrimes and therreats from the Indian cyberspace and hence now we have seen a series of new bills and polices introduced by the Ministry of Electronics and Information Technology, and various other government organisations like Cert-In and TRAI. These policies have been aimed towards being relevant to time and current technologies. The threats from emerging technologies like web 3.0 cannot be ignored and hence with active netizen participation and synergy between government and corporates will lead to a better and improved cyber ecosystem in India.

Social media has become far more than a tool of communication, engagement and entertainment. It shapes politics, community identity, and even shapes agendas. When misused, the consequences can be grave: communal disharmony, riots, false rumours, harassment or worse. Emphasising the need for digital Atmanirbhar, Prime Minister Narendra Modi recently urged India’s youth to develop the country’s own social media platforms, like Facebook, Instagram and X, to ensure that the nation’s technological ecosystems remain secure and independent, reinforcing digital autonomy. This growing influence of platforms has sharpened the tussle between government regulation, the independence of social media companies, and the protection of freedom of expression in most countries. 

‍

Why Government Regulation Is Especially Needed

‍

While self-regulation has its advantages, ‘real-world harms’ show why state oversight cannot be optional:

‍

• Incitement to violence and communal unrest: Misinformation and hate speech can inflame tensions. In Manipur (May 2023), false posts,  including unverified sexual-violence claims, spread online, worsening clashes. Authorities shut down mobile internet on 3 May 2023 to curb “disinformation and false rumours,” showing how quickly harmful content can escalate and why enforceable moderation rules matter.
• Fake news and misinformation: False content about health, elections or individuals spreads far faster than corrections. During COVID-19, an “infodemic” of fake cures, conspiracy theories and religious discrimination went viral on WhatsApp and Facebook, starting with false claims that the virus came from eating bats. The WHO warned of serious knock-on effects, and a Reuters Institute study found that although such claims by public figures were fewer, they gained the highest engagement, showing why self-regulation alone often fails to stop it.

‍

Nepal’s Example:

‍
Nepal provides a clear example of the tension between government regulation and the self-regulation tussle of social media. In 2023, the government issued rules requiring all social media platforms, whether local or foreign, to register with the Ministry of Communication and Information Technology, appoint a local contact person, and comply with Nepali law. By 2025, major platforms such as Facebook, Instagram, and YouTube had not met the registration deadline. In response, the Nepal Telecommunications Authority began blocking unregistered platforms until they complied. While journalists, civil-rights groups and Gen Z criticised the move as potentially limiting free speech and exposing corruption against the government. The government argued it was necessary to stop harmful content and misinformation. The case shows that without enforceable obligations, self-regulation can leave platforms unaccountable, but it must also balance with protecting free speech.   

‍

Self-Regulation: Strengths and Challenges

‍

Most social-media companies prefer to self-regulate. They write community rules, trust & safety guidelines, and give users ways to flag harmful posts, and lean on a mix of staff, outside boards and AI filters to handle content that crosses the line. The big advantage here is speed: when something dangerous appears, a platform can react within minutes, far quicker than a court or lawmaker. Because they know their systems inside out, from user habits to algorithmic quirks, they can adapt fast.

But there’s a downside. These platforms thrive on engagement, hence sensational or hateful posts often keep people scrolling longer. That means the very content that makes money can also be the content that most needs moderating , a built-in conflict of interest.

‍

Government Regulation: Strengths and Risks

‍

Public rules make platforms answerable. Laws can require illegal content to be removed, force transparency and protect user rights. They can also stop serious harms such as fake news that might spark violence, and they often feel more legitimate when made through open, democratic processes.

Yet regulation can lag behind technology. Vague or heavy-handed rules may be misused to silence critics or curb free speech. Global enforcement is messy, and compliance can be costly for smaller firms.

‍

Practical Implications & Hybrid Governance

‍

For users, regulation brings clearer rights and safer spaces, but it must be carefully drafted to protect legitimate speech. For platforms, self-regulation gives flexibility but less certainty; government rules provide a level playing field but add compliance costs. For governments, regulation helps protect public safety, reduce communal disharmony, and fight misinformation, but it requires transparency and safeguards to avoid misuse.

Hybrid Approach

‍A combined model of self-regulation plus government regulation is likely to be most effective. Laws should establish baseline obligations: registration, local grievance officers, timely removal of illegal content, and transparency reporting. Platforms should retain flexibility in how they implement these obligations and innovate with tools for user safety. Independent audits, civil society oversight, and simple user appeals can help keep both governments and platforms accountable.

‍

Conclusion

‍

Social media has great power. It can bring people together, but it can also spread false stories, deepen divides and even stir violence. Acting on their own, platforms can move fast and try new ideas, but that alone rarely stops harmful content. Good government rules can fill the gap by holding companies to account and protecting people’s rights.

The best way forward is to mix both approaches, clear laws, outside checks, open reporting, easy complaint systems and support for local platforms, so the digital space stays safer and more trustworthy.

‍

References 

1. https://timesofindia.indiatimes.com/india/need-desi-social-media-platforms-to-secure-digital-sovereignty-pm/articleshow/123327780.cms# 
2. https://www.bbc.com/news/world-asia-india-66255989
3. https://nepallawsunshine.com/social-media-registration-in-nepal/ https://www.newsonair.gov.in/nepal-bans-26-unregistered-social-media-sites-including-facebook-whatsapp-instagram/ 
4. https://hbr.org/2021/01/social-media-companies-should-self-regulate-now 
5. https://www.drishtiias.com/daily-updates/daily-news-analysis/social-media-regulation-in-india 

‍