Whose Data is it Anyway?: Decoding the Draft India Data Accessibility & Use Policy, 2022
If India wants to fulfil its ambition of achieving a $5 trillion economy, it has to hone its ability of harnessing the value of data.
Abhishek Singh, the CEO of MyGov with additional charge of President & CEO NeGD and also MD & CEO, Digital India Corporation, recently tweeted:
Huge volumes of data are shared with the government every day for reasons such as accessing public services, fostering innovation and developing means for better governance. And if India wants to fulfil its ambition of achieving a $5 trillion economy, it has to hone its ability of harnessing the value of data.
On February 21, 2022, the Ministry of Electronic and Information Technology (MeitY) released the Draft India Data Accessibility & Use Policy, 2022, as a policy proposal to “radically transform India’s ability to harness public sector data”. The aim is to enhance use, access and quality of data. Since the proposal was made, it has been scrutinised and criticised for having clauses that permit the government to license and sell public data to the private sector.
Moreover, in the absence of a thorough personal data protection law, interdepartmental data sharing across government departments can easily lead to major violations of citizens’ privacy and allow extensive profiling. The government’s step to invite inputs and feedback may be a genuine attempt to construct a stronger policy, or it may be a move to gauge reactions and backlash.
On, February 24, 2022, The Hindu wrote: “The absence of an anchoring legislation further leads to the policy not being able to fulfil the threshold of legality for state intervention into privacy which was put in place by the Supreme Court of India in its landmark right to privacy decision.”
Why did MeitY propose the Draft Data Accessibility & Use Policy?
There will be an exponential rise in the amount of citizen data that’ll be generated in the next decade. This is a vital factor for India to achieve its dream of a $5 trillion digital economy. The Draft Policy is understood to have a primarily commercial purpose of harnessing the economic value of the data that’s generated.
It was noted by the National Economic Survey, 2019, as it pointed out the commercial benefits of data exploitation for the Government. “The private sector may be granted access to select databases for commercial use. Given that the private sector has the potential to reap massive dividends from this data it is only fair to charge them for its use.”
Vinayak Chatterjee, Business Standard columnist, Chairman CII's National Council on Infrastructure and Chairman of IIT Dharwad, wrote on Twitter, “Great move by the Ministry of IT to enable public access to & sharing of data available with every Govt entity. Draft of "India Data Accessibility & Use Policy 2022" released. A regulatory authority called Indian Data Council will oversee standards and enforcement. Laudable!”
The policy outlines bottlenecks in data sharing such as the absence of a body to monitor the policy and enforce data sharing efforts, missing technical tools and licensing and valuation frameworks, lack of identification of high-value datasets and no set data sharing standards. The policy aims to make government strategies robust and data interoperable by unlocking the high value of data and instilling data skills and culture. But MeitY refuses to present a consultation paper or disclose who has been consulted.
How does the policy aim to achieve its goals?
“MeitY’s recent ‘Draft India Data Accessibility & Use Policy 2022’ plans to ensure quality access, use and consolidation of public data sharing across various govt stakeholders.”, tweeted the official handle of IndiaAI, a joint initiative of MeitY, NeGD & NASSCOM, the National Portal on Artificial Intelligence.
Any information and data generated, collected, created and/or archived by the Centre will be covered by the policy with the scope for state governments to adopt the provisions. The policy proposes setting up an Indian Data Office (IDO) under MeitY to consolidate and streamline data access and sharing across the government and stakeholders. A Chief Data Officer must be appointed by each government entity. The policy proposes forming an Indian Data Council for consultation at the time of setting standards but it does not indicate who can be a part of this council and whether non-governmental participation is allowed or not.
On February 24, 2022 The Hindu wrote: “The policy strategy is to make government data open by default and then maintain a negative list of datasets which cannot be shared. Definition of more sensitive categories which should have restricted access is left to the independent government ministries. In addition to this, existing data sets will be enriched or processed to attain greater value and termed as high-value datasets.”
The Draft Policy recommends privacy preservation and anonymisation as steps for privacy protection.
Issues with the Draft Data Accessibility & Use Policy, 2022
India doesn’t yet have a law for data protection to enforce accountability or provide remedy during privacy violations. Interdepartmental data sharing is a concern since open government data portals will lead to mass surveillance and 360-degree profiling. There is no independent regulatory oversight or legal accountability, even though anonymisation is the desired goal.
Suparno Satpathy tweeted, “As per ‘Draft India Data Accessibility & Use Policy 2022’, put out by our friends @Gol_MeitY, our data could be shared interdepartmentally within governments and it could also be sold by governments to generate revenue.”
Satpathy is the Chairman of Smt. Nandini Satpathy Memorial Trust (SNSMT), a leading non-profit social cause organisation. He is also the ex-Convenor PMSA-Orissa, MoPR, Government of India, a socio-political leader and a columnist.
The policy lets the government adopt a language of open data but offers no transparency to the citizens, something that’s meant to be at the core. It mentions transparency once but missed important points to ensure demands for redress and accountability due to such data sharing. Furthermore, contemplating data sharing on a large scale and enrichment at the expense of public funds can be seen as a move to bypass the parliament. Constituting offices and prescribing standards for Central and state governments and schemes will require discussions and legislation.
The Hindu article adds, “The policy, even though it notes that state governments will be, “free to adopt portions of the policy,” does not specify how such freedom will be achieved. It becomes relevant, if specific standards are prescribed by the Central government for data sharing, or as a precondition to financial assistance. There is also the absence of any comment on whether data gathered from States may be sold by the Central government and whether the proceeds from it will be shared with the states.”.
The Draft India Data Accessibility & Use Policy fails to consider using scientific analysis and automated tools to re-identify anonymous data. This is particularly important due to the financial incentives from licensing to the private sector, especially when the government is the data broker. Now, more personal data means a higher commercial value.