Author: Krithika Muthuraman
Government of India’s Policy Think Tank, Niti Aayog released the Draft Data Empowerment and Protection Architecture (DEPA) in August 2020. The framework looks at empowering financial inclusion through individual agency over data. Towards this, the framework visualizes three building blocks: enabling regulations; cutting edge technology standards; and new types of public and private organisations with incentives closely aligned to those of individuals. The DEPA has been viewed to be an evolving policy, to constantly match the pace of change and growth in the area.
The key problem area identified as background to the framework is the exponential increase in data footprints created by Indians, while still lacking financial stability or resources, or in the words of the framework, Indians “becoming ‘data-rich’ at historic rates, even before becoming economically rich or even financially stable”. The increase in data footprint is because of better mobile and internet connectivity across the country and the resultant access to online payment systems, enabling more individuals, as well as MSMEs and local businesses, in to create credible transaction histories. Another concern identified with the existing scenario is that the provider of the data is not benefitting from the sharing of the data. In comparison with data governance frameworks in other countries/regions of the world, the DEPA views the Indian scenario to be unique. Unlike the European GDPR (General Data Protection Regulation) which is based on the largely financial demographic, the Indian scenario is currently moving towards financial inclusion, economic growth and data democracy.
The framework by proposing an individual-consent based data sharing model, views the digital financial footprint and existing data as potentially instrumental in building trust and furthering inclusion through seamless sharing with key institutions such as – hospitals, banks, or future employers. It proposes to do so through the introduction of private organizations known as ‘Consent Managers’ whose role will be to mediate between ‘Information Users’ and ‘Information Providers’, while ensuring informed consent from the individual in the process.
Among the DEPA’s stated guiding principles are “restoring individual agency, promoting informed consent for every data transaction (rather than blanket consent for data use), building in accountability for institutional data controllers…”.The DEPA has been introduced, keeping in mind, the specific challenges including those to credit-access faced by various MSMEs, local businesses and individuals in need.
The framework is open to public comments till November 30, 2020, and can be accessed here: https://niti.gov.in/sites/default/files/2020-09/DEPA-Book.pdf
Disclaimer: Views, opinions, interpretations are solely those of the author, not of the firm (ALG India Law Offices LLP) nor reflective thereof. Author submissions are not checked for plagiarism or any other aspect before being posted.
Copyright: ALG India Law Offices LLP.