Digi Yatra policy must clarify data deletion rules, privacy concerns: study

Digi Yatra policy must clarify data deletion rules, privacy concerns, and security measures for seamless air travel experience.

The policy for Digi Yatra – a digital platform to verify air travellers using biometric data – needs to spell out all the rules related to the deletion of passenger information from the database once the travel is complete, according to a study instituted by NITI Aayog.

There have been privacy concerns in various quarters about Digi Yatra user data.

Based on Facial Recognition Technology (FRT), Digi Yatra provides for contactless and seamless movement of passengers at various checkpoints at airports.

Also Read | Digi Yatra could be expanded to hotels, rail travel and public places: CEO

As per the policy for Digi Yatra, facial biometrics are deleted from the local airport's database 24 hours after the departure of the passenger's flight. “However, the rules related to deletion of other information collected from the passengers, as well as any facial biometrics that are stored in other registries, must be clearly set out in the policy,” the study said.

Digi Yatra envisages an identity management ecosystem for Indian airports, which can enhance the capabilities of Indian civil aviation infrastructure, digitise manual processes at airports, improve security standards and lower the cost of operations of airports.

“While the Digi Yatra Policy states that it is completely voluntary in nature, if the use of Digi Yatra is made mandatory in any way then the same must comply with the principles laid down in K.S. Puttaswamy v. Union of India [case] relating to the legality, necessity, and proportionality of the policy,” the study said.