CoE Revised Report on Non-Personal Data (NPD Version 2)
Privacy Mode

CoE Revised Report on Non-Personal Data (NPD Version 2)

Add your submissions here

Make a submission

Accepting submissions till 27 Jan 2021, 11:12 AM

The Committee of Experts (CoE), led by Kris Gopalakrishnan, has released a revised report on the Non-Personal Data (NPD) Framework (NPD Version 2) report on 16 December 2020. The revised NPD report is available at https://static.mygov.in/rest/s3fs-public/mygov_160922880751553221.pdf

The CoE is inviting comments and responses to the revised report, the deadline for which is 27 January 2021.

Add your submissions - responses, comments, questions - to Version 2 here. The Privacy Mode team will consolidate the responses and share with the CoE in January 2021, when launching responses to Version 1 of the report.

Add submissions on https://hasgeek.com/PrivacyMode/non-personal-data-version-2/sub

Hosted by

Privacy Mode
Privacy Mode
Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more
All submissions
Venkata Pingali

Venkata Pingali

@pingali

Thoughts on Report by the Committee of Experts on Non-Personal Data Governance Framework (Dec 24, 2020)

Submitted Jan 2, 2021

Overall

  1. Overall proposal is looking reasonable and feasible, even though a
    lot of details have to be worked out.

  2. Proposal is demonstrating the commitment to the larger direction of
    data sovereignity and data markets. Economic value is major goal.

  3. It eliminates major concerns from the previous versions:
    (a) missing institutional guarantor of the system
    (b) guarantor of the quality of data
    (c) anybody and everybody having access to any/every data
    (d) flow of information not being tracked
    (e) lack of metadata standards

  4. The proposed approach is a combination of Aadhaar-like “switch” and
    Account-Aggregator-like standards and coordination mechanisms.

  5. Metadata management and discovery will become a first class
    activity. Every organization has to now submit metadata.

Legal and Economic Framework

  1. Unclear if it will withstand scruitiny but there is a fairly
    detailed argument around the legal underpinnings of the NPD
    proposal. It helps that Rahul Matthan, Ex-Trilegal is associated
    with the committee.

High-Value Datasets

  1. Proposal puts a price (a non-profit to be created etc.) on data by
    allowing only data trustees to define and access data.
    Organizations cant demand/access any and all data.

  2. Any access to data is only through organizations - which gives
    government/law ability impose costs for misbehavior.

  3. It moved the hard part of identifying HVD to thirdparty - which
    is the right approach.

Data Processor

  1. Moved the responsibility of data access to controller - simplifying
    the legal/compliance aspects of the processor.

Questions

  1. Data processor may not share data but it still has to submit
    metadata. If clients are abroad, the clients may object to sharing
    the metadata. Declaration to this effect is a requirement under
    GDPR DPA (Data Processor Agreement).
All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Follow
Make a submission

Accepting submissions till 27 Jan 2021, 11:12 AM

Hosted by

Privacy Mode
Privacy Mode
Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more