India’s latest report on Non Personal Data, published by the Union Ministry of Electronics and Information Technology’s (MEITY) Committee of Experts has defined parameters regarding who can seek Non Personal Data, High Value Datasets, what a community is and who can represent it as a trustee, rights over non personal data, sovereign access to data, meta-data directories, and addressed intellectual property concerns. They’ve exempt entire raw databases from data requests, taken private data access out of the ambit of this framework, and defined purposes for which data can be accessed. Above all, it recommends a separate Non Personal Data legislation for governing NPD.
Key Reading on MEITY’s Revised Non Personal Data Report
- Revised report on Non-Personal Data Framework released by MEITY’s Committee of Experts [Read] [MediaNama’s summary]
- Ikigai Law’s summary of the Committee of Experts’ revised report [Read]
- OECD’s Enhancing Access to and Sharing of Data (cited in revised report) [Read]
- UK Data Services’ explanation on anonymisation of data (cited in revised report) [Read]
- On privacy risks after anonymisation of data (cited in revised report) (ScienceDaily) [Read]
- European Data Strategy (cited in revised report) [Read] [Our story]
Key reading on MEITY’s original report
- Report on Non-Personal Data Framework released by MEITY’s Committee of Experts [Read] [MediaNama’s summary]
- Five key concerns with India’s Non-Personal Data Report [read]
- Indian govt forms committee to recommend governance norms for non-personal data, Infosys’ Gopalakrishnan to head it [read]
Notes from MediaNama’s discussions on Non Personal Data
#NAMA Discussion in January 2021:
- What Does The Non-Personal Data Framework Mean For Businesses? Will It ‘Unlock’ Economic Potential Of Data? [read]
- Issues With Definition Of Communities, Public Good, And Unabated Sovereign Access To Non-Personal Data [read]
#NAMA Discussion on August 2020:
- What are data trusts? How do they work? [read]
- Anja Kovacs on the problems with India’s report on non-personal data governance framework
- Sameer Nigam on the perils of requiring companies to sell Non-Personal Data
- Issues with the non personal data authority, and treating non personal data as a ‘common resource’
- Non-personal data for sovereign and public interest purposes
- Assessing the concepts introduced in the non-personal data report
- Evaluating intellectual property rights over non-personal data
#NAMA Discussion in November 2019:
- Why does the Indian government want to regulate non-personal data?
- Recommendations for governing non-personal data; what data trusts are
- Considering intellectual property rights over non-personal data
- Is defining non-personal data possible? Is anonymising it a good idea?
Statements on Non Personal Data
- Economic Survey 2018-19 suggests breaking silos between databases and selling citizens’ data to analytics agencies [read]
- No plans to sell govt-owned non-personal data, RS Prasad informs Lok Sabha [Read]
- Data protection and security, IPR have strategic connotations: External Affairs minister S. Jaishankar [read]
- Facebook begins sharing ‘aggregated’, ‘anonymised’ mobility data for COVID-19 response [read]
- Aruna Sundarajan and Jay Panda on non-personal data [read]
- SEBI sets up panel to recommend policy on non-personal data related to securities market [read]
- Non-personal Data: The Risks of Ambiguity by Shubhashish Bhadra [read]
- Mandatory Sharing of Non-Personal Data May Encourage Regulatory Arbitrage by Siddharth Sonkar and Jyotsna Jayaram [read]
On Community Data and Group Privacy
- A Free and Fair Digital Economy: Protecting Privacy, Empowering Indians, by Justice B.N. Srikrishna Committee, pp. 45-46 [read]
- Community data in the draft e-commerce policy, by Parminder Jeet Singh [read]
- Treating data as commons is more beneficial, says UN report [read]
- Non-Personal Data Regulation: Interrogating ‘Group Privacy’, by Divij Joshi [read]
- When One Affects Many: The Case For Collective Consent, by Anouk Ruhaak [read]
On Personal Data Protection Bill, 2019, and Non Personal Data
- DSCI’s Rama Vedashree on how the Personal Data Protection Bill affects cloud service providers [read]
- Issues with inferred data and non-personal data in the PDP Bill 2019 [read]
- Personal Data Protection Bill strikes a discordant note on ‘non-personal data’, by Divij Joshi [read]
- Data Stewardship in the Context of PDP Bill, by Aapti Institute [read]
- IT for Change on community data, in their submission to the draft Personal Data Protection Bill, 2018 [read]
