At Omidyar Network and Monitor Deloitte’s report release ‘Unlocking the potential of India’s Data Economy’, Rahul Matthan, partner at Trilegal said that “we already live in a post-consent world” and pre-collection consent for every potential use is not possible in the age of Big Data. He said that the GDPR, which essentially cuts off Big Data from data collection, is moving Europe in a non-innovation direction.

But there are workarounds. He said anonymisation is very powerful, and a lot can be done with government data that currently exists. “We don’t need Google or Facebook to localise data, we already have so much of it. But the data we use needs to be anonymised.”

He said we have to acknowledge the trade-offs in data governance, and make them explicit. “We don’t realise what we’re forsaking when seeking convenience,” he said. One way to acknowledge the trade-offs is the accountability framework, which means one has to be accountable for the benefits but also for the harms, he said.

Non-personal data: When its comes to monetisation of non-personal data, most people think that privacy isn’t a concern, because there’s no person attached to the data, explained Matthan. But we have to think about non-personal in a way that’s privacy preserving. “As you layer more and more non-personal data, and you’ll built layers of data, and then people will become de-identified,” he said.

  • According to Deepak Maheshwari from Symantec, “non-personal data is not only data which belongs to an individual, but may also belong to a particular business which provides the service, because it wouldn’t have been generated in their absence.”

India as the Global South leader: “We have to chart our own path,” said Arghya Sengupta from Vidhi Centre for Legal Policy. The challenge with the data protection framework lies in making a regulatory framework that’s compatible with India needs and sensibilities, and Indian requirements, he said.

“Even in our committee, the GDPR was a go-to source for when we didn’t have answers,” said Arghya Sengupta from Vidhi Centre for Legal Policy. Most of the 90 countries which have data protection are developed countries, and the developing countries which do have a framework have copied a developed country’s framework

“Given the size of its market and potential, India is primed to play a role in the digital economy of the Global South, whatever framework eventually comes, according Sengupta. “For India to be world leader in the digital economy, to not have a foundational legislation over data protection, is a conspicuous gap,” he said.

We have enough laws in India, but they’re never implemented. The [data] regulator must implement. We need to ensure that the regulator is equipped to handle a 21st century fast-changing digital economy.

Niti Aayog’s National Data Analytics Portal for government data: While stating that the MeitY needs to have a framework on data sharing under the Personal Data Protection Bill, Niti Aayog’s Anna Roy said although privacy is very “relevant”, “if we get too much into privacy and other aspects, we will be throwing the baby out of the bath water”. Roy has headed the team behind Niti Aayog’s paper on National Strategy for Artifical Intelligence, released in June 2018.

She said the Niti Aayog is working on a National Data Analytics Portal, which will collate publicly-available government-sourced data. The data will be machine-readable, downloadable, amenable to analytics. “Right now, we are only testing the waters. We’re making data attractive to people,” she said.

Stating that the quality of data needs to be ensured, she said “We want to leverage data to improve its sanctity, and to make sure we can tap into the sources of data without doubting its quality.” Without this, any data analytics and AI will throw up inaccurate results.