Bengaluru-based food delivery major Swiggy, software alliance group BSA and US Chamber of Commerce’s US-India Business Council (USIBC) raised their apprehension over the first draft of India’s non-personal data governance framework which is now open for public consultation. The IT Ministry had released the draft earlier in July.
According to an Indian Express report, stakeholders believe that it may be “premature and not entirely necessary” to roll out the framework, especially when the government is yet to release a personal data protection framework.
Swiggy’s legal director, Panduranga Acharya said, “I think it’s a very early stage to discuss non-personal data. This is the primary view that we have. Because we have not settled law for personal data itself. We want this to be settled now. In that context, there should be some more time before we indulge in non-personal data.”
Meanwhile, the software alliance group BSA added that the proposed mandatory data access policies will deter investment and innovation in the Indian market, raising the costs of acquiring such data in the first place. Besides, it will also disincentivise data collection activities, resulting in increased costs for end-users and reduced incentives for developing new technology. BSA counts Amazon Web Services, Cisco and Microsoft as its members.
The non-personal data governance framework was drafted by a committee led by Infosys cofounder Kris Gopalakrishnan. The framework has been drafted after consultation with representatives from several companies and industry bodies serving in different domains. The list also includes Facebook, Microsoft, ASSOCHAM and NASSCOM.
With this framework in place, the government aims to boost startups/businesses through mandatory sharing of meta-data to develop innovative solutions and digital economy growth at an unprecedented scale in the country. It also noted that the companies will get nothing for sharing raw community data but can choose not to share proprietary knowledge data and algorithms at all.
The panel has also suggested that the government should set up a regulator and direct the companies to store data devoid of personal details. The panel has elaborated that such a regulator would be armed with legal powers to request data, supervise sharing requests and settle disputes.
Moreover, the draft highlighted that any company that holds data beyond a certain limit, which is yet to be decided, should be called a “data business”. The committee had sought feedback on the framework till September 13.
After the draft was released, the US Chamber of Commerce’s US-India Business Council (USIBC) raised concerns around the sharing of proprietary data by tech giants like Google, Facebook, Amazon and other US-based tech giants. It called India’s imposed data sharing an “anathema” to promote competition. It further said that this undermines investments made by companies to process and collect such information.
Meanwhile, there is another joint parliamentary committee (JPC) which is managing Draft Personal Data Protection Bill 2019 to ensure that the user data remains secure and protected.