Karol Bagh | IAS GS Foundation Course | 17 October | 8 AM. Call Us
This just in:

State PCS


  • 30 Mar 2022
  • 9 min read
Governance

A Social Contract for Data

This editorial is based on “Forging a Social Contract for Data” which was published in The Hindu on 26/03/2022. It talks about the need for a new social contract for data to bring to fruition the visions of the draft India Data Accessibility and Use Policy.

For Prelims: Draft India Data Accessibility and Use Policy 2022, Non-Personal Data (NPD), GovTech 3.0, NDSAP 2012, Right to Information (RTI) Act, Personal Data Protection Law, MeitY’s Report on Non-Personal Data Governance (2020)

For Mains: Analysis of Draft India Data Accessibility and Use Policy 2022, Need for Data Protection Law, Data Accessibility Policy and the Right to Privacy, Social Contract for Data, Trusteeship Approach for Access to Data.

The Ministry of Electronics and Information Technology (MeitY)’s draft India Data Accessibility and Use Policy 2022 is a continuation of earlier efforts to encourage better utilisation of large-scale data collected by the government machinery.

However, in the absence of adequate public safeguards provided through a comprehensive data protection framework, the policy suffers from several setbacks.

A new social contract for data is the need of the hour whereby - the social commons of data are inappropriable commons that belong to all citizens, the government must ensure that data use is promoted for public good only, and democratisation of data value is ensured through accountable institutional mechanisms for data governance.

What is the Draft Data Accessibility and Use Policy?

  • Aim: The Draft Policy aims at providing a robust scaffolding for harnessing public sector data for informed decision-making, citizen-centric delivery of public services, and economy-wide digital innovation.
    • It seeks to harness data-based intelligence for governance and economic development.
  • Overcoming the Bottlenecks: It seeks to maximise access to and use of quality non-personal data (NPD) available with the public sector, overcoming a number of historical bottlenecks:
    • Slow progress on the OGD (Open Government Data) platform
    • Fragmentation of data sets into departmental silos
    • Absence of data anonymization tools
    • Insufficient attention to the development of data stewardship models
    • Lack of data quality standards, licensing, and valuation frameworks to support data-sharing
  • Need: Such policies exist in many countries and an efficient use of such data will go a long way in improving services.
    • Despite the demands of academia and other stakeholders, large volumes of such data have remained unutilized.

What are the Setbacks?

  • Unclear Mechanisms: This GovTech 3.0 approach (of unlocking the valuable resource of public sector - data) does upgrade the OGD vision of the National Data Sharing and Accessibility Policy (NDSAP), 2012.
    • However, it does not say much on the norms, rules, and mechanisms to bring to fruition its vision of data-supported social transformation.
  • Data Misuse/Privacy Concerns: The core objective of the policy is ensuring greater citizen awareness, participation, and engagement with open data.
    • This poses ethical and procedural dilemmas to balance privacy/risk of data misuse with transparency-accountability considerations.
    • The unfinished task of the NDSAP in bringing coherence between restrictions on the availability of sensitive personal information in the public domain and India’s Right to Information (RTI) Act, therefore, has been lost sight of.
  • Adherence to Anonymization - Insufficient: The Draft Policy highlights that approved data inventories will be federated into a government-wide, searchable database.
    • Now, even though the draft policy envisages adherence to anonymization standards, it is not a sufficient safeguard against privacy risks.
      • Even in the case of anonymised citizen data sets (that is no longer personal data), downstream processing can pose serious risks to group privacy.
    • Considering that India has no personal data protection law, the convergent data processing proposed through the Draft Policy becomes especially problematic.
  • Negligence of Trusteeship Paradigm: Notwithstanding the recommendations of the 2020 Report of the MeitY Committee of Experts (CoE) on Non-Personal Data Governance which advised shifting to the trusteeship paradigm, the draft policy adheres to the NDSAP paradigm of treating government agencies as ‘owners’ of the data sets they have collected and compiled.
    • The lack of a data trusteeship framework gives government agencies unilateral privileges to determine the terms of data licensing.
    • They are also empowered to classify their data holdings into “open, restricted or non-shareable” without any mechanisms for public consultation and citizen accountability.

What Can be the Way Forward?

  • Trusteeship Approach: Taking on board a trusteeship-based approach, the proposed Draft Policy must pay attention to data quality, and ensure that licensing frameworks and any associated costs do not pose an impediment to data accessibility for non-commercial purposes.
    • The policy must also focus on protecting public sector data from being captured by large firms, especially transnational Big Tech, for economic innovation.
  • Common Data Spaces and Voluntary Data Sharing: In the current context, where the most valuable data resources are held by the private sector, it is increasingly evident to policymakers that socioeconomic innovation depends on the state’s ability to catalyse wide-ranging data-sharing from both public and private sector actors across various sectors.
    • The European Union, for instance, has focused on the creation of common, interoperable data spaces to encourage voluntary data-sharing in specific domains such as health, energy and agriculture.
    • These common data spaces provide the governance framework for secure and trust-based access and use, in full compliance with personal data protection, and updated consumer protection and competition laws.
  • Recommendation of MeitY’s CoE Report: The Report on Non-Personal Data Governance (2020) proposed the data stewardship model for high-value data sets in cases of mandatory public access in exceptions such as public emergencies.
    • The model proposes the creation of a Non-Personal Data Authority or NPDA to which a government/not-for-profit organisation may request for creating a sector-specific high-value data set, demonstrating the specific public interest purpose.
    • The radical idea of high-value datasets as a social knowledge commons over which private data collectors have no de facto claim is vital to balance public use and private innovation.

Drishti Mains Question

“The government must ensure that data use is promoted for public good only”. Analyse the statements in the context of Draft India Data Accessibility and Use Policy 2022.

UPSC Civil Services Examination, Previous Year Questions (PYQs)

Q. Which of the following adopted a law on data protection and privacy for its citizens known as ‘General Data Protection Regulation’ in April, 2016 and started implementation of it from 25th May, 2018? (2019)

(a) Australia
(b) Canada
(c) The European Union
(d) The United States of America

Ans: (c)


close
SMS Alerts
Share Page
images-2
images-2