August 11, 2020
The much-awaited report on Non-Personal Data (NPD) Governance Framework by the Committee of Experts headed by Kris Gopalakrishnan (Report) was released recently. To deliberate on the finer points of the Report, CUTS International, an international public policy group, organised an online panel discussion.
Amar Patnaik, Member of Parliament (Rajya Sabha) highlighted the need to let the data market develop itself, and cautioned against premature and over regulation. He mentioned that the conditions for a vibrant data market need to be created and it is important to ascribe a value to data, to enable the stakeholders to realise its potential. A principles-based ecosystem for data sharing needs to be created.
Geeta Gouri, former Member, Competition Commission of India (CCI), pointed out that the Report confuses between data markets and platform markets. There is a need to differentiate between data aggregators and platforms. The CCI needs to build capacity and expertise to review entry barriers in data markets. However, the timing of CCI’s intervention would be the key, and it should not rush to review perceived barriers.
When the market is sufficiently developed, the regulation should aim to achieve equity, stressed Ritesh Pandey, Member of Parliament (Lok Sabha). He noted that the accountability of different entities in the NPD market needs to be sufficiently clarified to empower data principals.
Former Supreme Court Justice B.N. Srikrishna and Chair, Committee of Experts on Data Protection, noted that the present focus should be on strengthening and enacting the Personal Data Protection Bill. He noted that all laws need to be citizen centric, and non-personal data is no exception. Regulation should make a journey from citizen rights to other objectives and not the other way round. This was also emphasised upon by Gowree Gokhale, Partner at Nishith Desai and Associates. She suggested that the Report should only focus on the aspect of public interest rather than economic interest and evolve mechanisms to curb harms associated with NPD.
The regulation of NPD should have clear goals and vision, strive to avoid ambiguities, and achieve level playing field. It must aim to correct power imbalance, and focus on prevention of harm to citizens by misuse of data.
Roles and responsibilities of different stakeholders, including data fiduciaries, data trustees, data custodians, need clarity, particularly, taken into account intersectional identities of data principals.
To achieve convergence, a National Data Policy could be developed, from which the regulation could flow, noted Bipul Chatterjee, Executive Director, CUTS International, who also moderated the discussion.
The importance of the whole of government approach and evidence-based policymaking was also stressed upon. The NPD Authority should be mandated to undertake cost-benefit analysis of its proposed regulations, to ensure optimal regulation.
The speakers also highlighted implementation challenges in NPD regulation. It was suggested that the 3-principle test laid down by the Supreme Court in Puttaswamy judgement: legitimacy, necessity, and proportionality, should be complied with while mandating data sharing by the state.
Around 100 participants from around the world attended the discussion.
For further details, please feel free to contact:
Vijay Singh: vs@cuts.org
Shubhangi Heda: sbg@cuts.org