Topics In Demand
Notification
New

No notification found.

NASSCOM feedback on the draft India Data Accessibility and Use Policy
NASSCOM feedback on the draft India Data Accessibility and Use Policy

March 24, 2022

375

0

In February 2022, the Ministry of Electronics and Information Technology (MEITY) had published a draft “India Data Accessibility and Use Policy” (IDAUP) for feedback from stakeholder. Earlier this week, NASSCOM submitted its feedback to the MEITY on the IDAUP.  

The IDAUP aims to establish a new governance framework on the sharing of non-personal data in the public sector. We captured the broad contours of the IDAUP in a previous blog that can be found here

We believe that the IDAUP’s success will depend upon how the balance is struck between improving data access, enhancing data quality, facilitating data reuse, and mitigating risks to privacy or security. With the aim of striking this balance better, we offered our feedback, keeping in mind the aim of ensuring that the IDAUP can create significant value for governance, research, transparency, and innovation in India. A summary of our recommendations are as follows: 

  1. Objectives and principles: Though the objectives and data sharing & governance principles in the IDAUP are prima facie valuable, they are broadly worded and are not articulated as quantifiable outcomes against which future performance can be measured. We suggested that the IDAUP would be benefitted by a deeper discussion into why they were selected and how they are reflected in the proposals that follow. We also suggested examining global reference points to determine whether more suitable objectives and principles can be considered.  

  2. Scope: The IDAUP states that it will apply to all “non-personal data and information” that is “created/generated/collected/archived by the Government of India directly or through authorized agencies by various govt bodies. In this context, we suggested that the IDAUP should primarily apply to data that is created, generated, or commissioned by covered public entities using public funds. Further, we suggested that the IDAUP should only apply to anonymised data after due care has been taken to ensure identifying information has been removed and that other safeguards to preserve privacy have been implemented. 

  3. Jurisdictional overlap: It is likely that the IDAUP will impact the operation of existing laws on government records and existing open data policies currently in force mostly notably the NDSAP. In this context, we suggested that the interplay between the IDAUP and the NDSAP should be clarified in terms of scope and implementation. 

  4. Institutional framework: The IDAUP envisages MEITY establishing two new institutions: an India Data Office (IDO) and an India Data Council (IDC) accompanied by a support unit. We suggested that dedicated full-time personnel should be appointed to the roles of the India Data Officer and the Chief Data Officers, and the policyshould clarify the division of responsibilities and functions and the hierarchies across the envisaged institutional framework. 

  5. Identification and classification of data: The IDAUP envisages covered public entities identifying and classifying non-personal datasets available them along three categories - open, restricted, or non-shareable. In this context, we suggested that the IDAUP should include a formal definition of HVDs or at least lay out the principles based on which HVDs may be identified.  

  6. Data sharing, portals, and retention: We suggested that the IDC should be tasked with creating common minimum standards for data and metadata for government data owners to follow. Further, it should define templates, strategies and best practices to ensure data quality, interoperability, accessibility, adequate documentation, and the use of open-source and machine-readable data formats. MEITY should also consider proposals for the release of dynamic data sets. Learnings from the operation of existing open data portals should be considered when setting out such templates, strategies, and best practices.  

  7. Licensing: The IDAUP briefly mentions the development of licensing frameworks to incentivise data sharing with external stakeholders. We suggested that these be limited solely for the purpose of recovery of marginal costs, be aligned with open-source copyright licensing frameworks, and not be used to enter into exclusive arrangements.  

  8. Anonymisation and privacy safeguards: The IDAUP envisages anonymisation as the principal tool to ensure the preservation of privacy. We suggested that an independent working group with multi-stakeholder participation should be established by MEITY to frame reference anonymisation standards, tools, and decision-making frameworks. Further, the IDAUP would be benefitted by a deeper discussion into additional privacy-preserving technologies and measures and to avoid a “release-and-forget” approach to data sharing.  

  9. Need for phased implementation: The IDAUP states that detailed implementation guidelines will be brought out by MEITY in the form of an implementation manual. We suggested that the IDAUP would benefit from a structured implementation plan that scales its proposals in stages – perhaps by first identifying priority HVDs, then identifying the relevant data providers, and then scaling slowly to other datasets. 

For more detail, please refer to our submission which is attached herewith.  

For any queries or concerns, please contact S Jayakumar (jayakumar@nasscom.in); Varun Sen Bahl (varun@nasscom.in); or Apurva Singh (apurva@nasscom.in).  


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


Download Attachment

20220321_NASSCOM_Feedback on draft India Data Accessiblity and Use Policy_final.pdf

© Copyright nasscom. All Rights Reserved.