Towards robust data regulation

The Hindu     22nd July 2020     Save    

Context: The non-personal data(NPD) committee needs to address the issues related to the data governance framework with more clarity and through broader consultations.

Issues related to data governance framework of NPD committee:

  • Lack of clarity: The idea of communities as data principals is introduced ambiguously by the report. There is little clarity on the rights and functions of the community. 
  • Report does not problematize the ways in which communities translate offline inequalities and power structures to data rights. 
  • Inadequate details: It has not specified if the data custodian can be the government or just private companies.  It is also not clear how communities engage with the custodian.
  • Conflict of interest: Suggestion that data custodians can potentially monetise the data they hold presents a conflict of interest with those of the data principal communities. 
  • Unclear relationship: The relationship between the data principal communities and the trustees is not clear. 
  • No explanation on how the trust is extended with the community and how trustees are empowered to act on behalf of the community. 
  • The power, composition and functions of the trust are not established.

Way Forward:

  • Trusteeship for data: Trustees should be bound by a duty of care and loyalty towards the principal and work in their best interests.
  • Simplifying the ecosystem: Consider data trusts as a type of custodian so that fiduciary responsibilities can be extended.
  • Broader consultations: The committee should organize broader consultations to ensure that the objective of unlocking data in the public interest and through collective consent.