wordpress blog stats
Connect with us

Hi, what are you looking for?

‘Break data silos and monopolies, enable consent managers,’ NITI Aayog proposes in new draft data policy

non-personal data, internet of things, cloud

Update (September 11, 2020 12:30 pm): The deadline to submit comments has been extended to November 30.

NITI Aayog’s newly released draft Data Empowerment and Protection Architecture (DEPA) seeks to break data silos and monopolies so that fintech and healthtech companies can compete on basis of design, analytics and value creation rather than data access. Its secondary aim is to help individuals and small businesses access their data and to securely share it with third party institutions. The latter will be implemented through consent managers — private entities that piggyback on public digital infrastructure and eventually derive profit from it in the form of service charges.

Subtitled “consent-based data sharing framework to accelerate financial inclusion”, the DEPA framework aims to help people get “practical means to access, control, and selectively share personal data” which is stored across multiple databases. The framework essentially proposes the implementation of an RBI Account Aggregator system in all sectors as a way to manage users’ consent. Comments to the draft can be submitted via email until October 1, 2020 at annaroy@nic.in.

To make the consent manager model financially viable, DEPA has proposed that consent managers could charge a nominal fee to facilitate a data exchange. Instead of charging individuals/data principals, DEPA proposes charging the data users in a subscription model. Information Providers could charge a service fee in future, but as of now, in the financial sector, they have agreed to provide data without charges

As per the report, this framework is “set to launch in 2020”. The scale of the project is evidenced by the spectrum of government ministries and regulators involved in the project: RBI, SEBI, PFRDA (Pension Fund Regulatory and Development Authority), IRDAI, Finance Ministry (Department of Revenue, Department of Economic Affairs, Financial Sector Development Committee), Ministry of health and Family Welfare, the National Health Authority, the Ministry of Information and Technology, and TRAI.

Advertisement. Scroll to continue reading.

This framework will act as the regulatory foundation for sector-specific data regulation that will evolve with the implementation of the Personal Data Protection Bill and the Data Protection Authority proposed therein. Read the summary of the policy here.

Aims to ‘improve private service delivery’

The aim of DEPA is to build digital infrastructure to “improve private service delivery” and must be seen in the continuum of developments that gave rise to Aadhaar and related services, UPI, DigiLocker, OCEN, regulation of non-personal data — as attempts by a lobby of powerful private individuals and companies that have sought to control the telos of digital infrastructure in India as well as dictate the debate around digital rights. The report calls it the “final layer of India Stack” which is described as “a series of digital public goods designed to enable private market innovators to improve digital services for India across a range of sectors”.

The report envisions DEPA, together with India Stack, as a paradigm shift for the Indian ecosystem as the TCP/IP internet protocol or GPS were for internet at large.

At the heart of the framework lies the belief that consent, while not the only backstop, is a “powerful first step” towards “empowering individuals with data”.

Who is behind the DEPA?

According to the acknowledgements page which has been signed by Anna Roy, senior adviser at NITI Aayog, iSPIRT team, specifically Siddharth Shetty and Kamya Chandra, prepared this paper. Shetty is a Fellow at iSPIRT and leads their work on DEPA while Chandra is a Fellow at iSPIRT who has worked on the National Health Stack in the past. iSPIRT has been working on DEPA since at least May 2019.

What is iSPIRT? iSPIRT is a Bangalore-based, private technology think tank that “convert[s] ideas into policy proposals to take to government stakeholders”. It was established in 2013 and its donors include Ajay Data (Infosys), Sameer Nigam (PhonePe), Vijay Shekhar Sharma (Paytm). Its volunteers include Lalitesh Katragadda (ex-Google), B.G. Mahesh (co-founder of Sahamati), Kunal Shah (CRED), amongst many others. It is the think tank behind India Stack, National Health Stack, OCEN and other public tech stacks in India. UIDAI and NPCI are part of the roadmap of India Stack.

Other “non profit organisations” involved in the preparation of the draft: DICE India, Sahamati and CredAll.

Advertisement. Scroll to continue reading.
  • Sahamati is a non-profit collective of account aggregators that has been set up as a not-for-profit company under Section 8 of the Companies Act. Siddharth Shetty, a Fellow at iSPIRT who co-wrote this framework, is a co-founder of the collective.
  • Credall is a collective of lenders (HDFC, ICICI Bank, Axis Bank, SBI, IDFC First Bank), loan service providers (OkCredit, Open, Cleartax, PaisaBazaar.com, etc.), technology service providers (SignDesk, Decentro, JusPay, etc.), account aggregators and underwriting modellers.
  • DICE India, or the Digital India Collective for Empowerment, is an industry lobby for digital payments providers that “collaborates” with the regulators to make policies.

Infosys co-founder and the man behind Aadhaar, Nandan Nilekani, was also an “individual thought leader” in this project along with Justice B.N. Srikrishna, who headed the committee that formulated the first draft of the Personal Data Protection Bill in 2018, Arundhati Bhatacharya, the CEO of Salesforce India and former chairperson of the State Bank of India, and Rahul Matthan, the founder of Trilegal who also wrote the privacy policy and terms and conditions of Aarogya Setu.

Others include: Arnab Kumar (former Program Director of Frontier Technologies at NITI Aayog who spearheaded the Aarogya Setu project), Pritish Mishra (ex-NITI Aayog who now works as legal counsel for Tala, a California-based fintech company), Ankan De (innovation lead at NITI Aayog), Aaryaman Vir (an iSPIRT volunteer), Gayatri VS, Ayna Agarwal (former policy designer for iSPIRT).

Banks involved in this project include SBI, IDFC First, HDFC, ICICI, IndusInd, Axis, Kotak and other unnamed banks.

Read: Summary: Data Empowerment and Protection Architecture (DEPA)

Written By

Send me tips at aditi@medianama.com. Email for Signal/WhatsApp.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ