New Delhi: The much-awaited report on Non-Personal Data (NPD) Governance Framework by the Committee of Experts headed by Kris Gopalakrishnan was released recently. To deliberate on the finer points of the Report, CUTS International, an international public policy group, organised an online panel discussion on Tuesday titled “Optimal governance of non-personal data”.
Amar Patnaik, Member of Parliament (Rajya Sabha) highlighted the need to let the data market develop itself, and cautioned against premature and over-regulation. He mentioned that the conditions for a vibrant data market need to be created and it is important to ascribe a value to data, to enable the stakeholders to realise its potential. A principles-based ecosystem for data sharing needs to be created.
Geeta Gouri, former Member, Competition Commission of India (CCI), pointed out that the Report confuses between data markets and platform markets. There is a need to differentiate between data aggregators and platforms. The CCI needs to build capacity and expertise to review entry barriers in data markets. However, the timing of CCI’s intervention would be the key, and it should not rush to review perceived barriers.
When the market is sufficiently developed, the regulation should aim to achieve equity, stressed Ritesh Pandey, Member of Parliament (Lok Sabha). He noted that the accountability of different entities in the NPD market needs to be sufficiently clarified to empower data principals.
Former Supreme Court Justice B.N. Srikrishna and Chair, Committee of Experts on Data Protection, noted that the present focus should be on strengthening and enacting the Personal Data Protection Bill.
He noted that all laws need to be citizen-centric, and non-personal data is no exception. Regulation should make a journey from civil rights to other objectives and not the other way round. This was also emphasized upon by Gowree Gokhale, Partner at Nishith Desai and Associates.
She suggested that the Report should only focus on the aspect of public interest rather than economic interest and evolve mechanisms to curb harms associated with NPD.
The regulation of NPD should have clear goals and vision, strive to avoid ambiguities, and achieve a level playing field. It must aim to correct power imbalance, and focus on the prevention of harm to citizens by misuse of data.
The roles and responsibilities of different stakeholders, including data fiduciaries, data trustees, data custodians, need clarity, particularly, taken into account intersectional identities of data principals.
Moderating the discussion CUTS International Executive Director Bipul Chatterjee said to achieve convergence, a National Data Policy could be developed, from which the regulation could flow.
The importance of the whole of government approach and evidence-based policymaking was also stressed upon. The NPD Authority should be mandated to undertake a cost-benefit analysis of its proposed regulations, to ensure optimal regulation.
The speakers also highlighted implementation challenges in NPD regulation. It was suggested that the 3-principle test laid down by the Supreme Court in Puttaswamy judgment: legitimacy, necessity, and proportionality should be complied with while mandating data sharing by the state.
Around 100 participants from around the world attended the discussion.