MeitY issues draft norms to mobilise non-personal citizen data available with govt.
May 29, 2022

In News:

  • The Ministry of Electronics and IT (MeitY) has issued a draft National Data Governance Framework.
  • The framework aims to mobilise non-personal data of citizens for use by both public and private entities to improve services.
    • Non-personal data is any set of data which does not contain personally identifiable information.
    • e., no individual or living person can be identified by looking at such data.

What’s in Today’s Article:

  • Background
  • Draft India Data Accessibility and Use Policy 2022 – About, key provisions, various issues
  • News Summary

Background:

  • In July 2020, the Expert Committee (Chair: Mr. Kris Gopalakrishnan), constituted by the MeitY had published a draft report for public consultation.
    • It was constituted to study various issues relating to non-personal data.
  • The Committee observed that non-personal data should be regulated to:
    • enable a data-sharing framework to tap the economic, social, and public value of such data, and
    • address concerns of harm arising from the use of such data.
  • This report has started a debate on the need to have a proper data policy to harness non-personal data in order to unlock the economic value of such data.
    • In January 2021, Revised Draft Non-Personal Data Governance Framework was released.
    • Govt had released Draft India Data Accessibility and Use Policy 2022 in February 2022 which was subsequently scrapped.
    • In May 2022, govt came out with the current Draft National Data Governance Framework Policy (NDGFP).

Draft India Data Accessibility and Use Policy 2022

About

  • In February 2022, the government had released Draft India Data Accessibility and Use Policy 2022.
    • Due to widespread criticism, govt had scrapped this policy to bring the current Draft National Data Governance Framework Policy.
  • The Policy aimed to enhance access, quality, and use of non-personal data held by the government and enable sharing within the government as well as with the private sector.

Key Provisions

  • It permitted the licensing and sale of public data by the Government to the private sector.
  • Its operationalisation was sought to be achieved through the establishment of a India Data Office (IDO) under MEITY.
    • Each government entity had to designate a Chief Data Officer.
  • The policy strategy was to make Government data open by default and then maintain a negative list of datasets which cannot be shared.
  • As a measure of privacy protection, there is a recommendation for anonymisation and privacy preservation.

Various issues with this policy

  • Right to privacy
    • Inter-departmental data sharing, mentioned in the policy, posed concerns related to privacy.
    • The open government data portal which contains data from all departments may result in the creation of 360-degree profiles.
      • This, in turn, will enable state-sponsored mass surveillance.
  • Selling of Data
    • This draft had proposed that data collected by the Centre that has undergone value addition can be sold in the open market for an appropriate price.
    • This provision faced widespread criticism.
      • Questions were raised about the government collecting data to monetise it in the absence of a data protection law in India.
    • Also, it was silent on the following questions:
      • whether data gathered from States may be sold by the Central government and
      • whether the proceeds from it will be shared with the States.

News Summary

  • In order to mobilise non-personal data of citizens for use by both public and private entities, MeitY has issued a draft National Data Governance Framework.
    • This draft is a replacement of the now scrapped ‘India Data accessibility and Use policy’.

Draft National Data Governance Framework Policy (NDGFP)

Purpose

  • To transform and modernize Governments data collection and management processes and systems through standardised guidelines, rules
  • To enable and catalyze vibrant AI and Data led research and Start-up ecosystem, by creating a large repository of India datasets

Key Provisions

  • Data Privacy & Security
    • The NDGFP standards and rules will ensure Data security and informational privacy.
  • Institutional Framework
    • An India Data Management Office (IDMO) shall be set up under the Digital India Corporation (DIC) under MeitY.
      • It shall be responsible for framing, managing and periodically reviewing and revising the Policy.
      • The IDMO shall also encourage and foster the data and AI-based Research, start-up eco-systems by working with the Digital India Start-up Hub (erstwhile MeitY Startup Hub (MSH)).
      • The composition of the IDMO and the process have not been made clear in the new draft policy
    • Every Ministry/Department shall have Data Management Units (“DMUs”) headed by a designated CDO who shall work closely with the IDMO for ensuring implementation of the Policy.
  • Role of India Data Management Office (IDMO)
    • Data Storage & Retention - A comprehensive and evolving set of standards and rules would be developed and provided by IDMO to help Ministries/Departments define their data storage and retention framework.
    • Government-to-Government Data Access: Standard mechanism for inter-government data access shall be developed by the IDMO.
    • India Datasets programme - IDMO will enable and build the India Datasets program.
      • It will consist of non-personal and anonymized datasets from the Government entities that have collected data from Indian citizens or those in India.
      • Private entities will be encouraged to share such data. Experts believe that private companies may not voluntarily share non-personal data. There may be trade and intellectual property issues.
      • The non-personal data housed within this programme would be accessible to start ups and Indian researchers.
    • Data Anonymisation - IDMO will set and publish Data anonymization standards and rules to ensure informational privacy is maintained.
    • Data Quality & Meta-Data Standards – IDMO shall finalise meta-data and data standards that cut across sectors.
    • Datasets Access and availability - The IDMO shall notify protocols for sharing of non-personal datasets while ensuring privacy, security and trust.
      • The IDMO will notify rules to provide data on priority/ exclusively to Indian/ India based requesting entities.
      • The IDMO will also judge the genuineness and validity of data usage requests, for datasets other than those already made available on Open Data portal.
    • Redressal mechanism - The IDMO shall institute a mechanism for citizens to request datasets register grievances.
      • It will establish responsibility of DMUs under the IDMO to respond in a timely manner, to facilitate transparent and accountable data sharing ecosystem.
    • User Charges: The IDMO may decide to charge User charges/ Fees for its maintenance/ services.

Enquire Now