Following Apple’s approach: Niti Aayog’s DEPA draft is a step towards user empowerment

By: |
September 8, 2020 6:30 AM

The government also discussed this in its draft policy for health data released last month, where it said the user would have to provide consent each time her data is shared. Also, the user shall have a database to see which companies are accessing her data and can revoke data sharing at any point in time. A dashboard with all sharing requests and access will also be provided to the user.

A replication of this on the national scale is indeed an achievement in itself, but the draft rules released by NITI Aayog over the weekend hold more promise than just consent-sharing.

If Facebook is unhappy with Apple trying to introduce norms that make it difficult to track users, it is certainly not going to be happy with India’s Data Empowerment and Protection Architecture (DEPA). Apple, last month, announced that it would ask for user consent each time a service is trying to track users, making it difficult for companies like Facebook, which process user data to do targetted advertising. Now, India is planning to do something similar.

A replication of this on the national scale is indeed an achievement in itself, but the draft rules released by NITI Aayog over the weekend hold more promise than just consent-sharing. For one, they talk about the creation of consent-managers or account-aggregators, which will facilitate such sharing. So, if a company XYZ is requesting data from ABC, a consent-manager will facilitate this process, while also ensuring user consent. This would eliminate the requirement of long and tedious terms and conditions, which allowed companies to carry out an array of services in the name of user consent.

Last year, RBI allowed this in some form by giving an in-principle nod to seven account aggregators who can facilitate collection of data. In the case of financial services, this is meant to help MSMEs make the process of purchasing loans, insurance and other products more accessible. The government also discussed this in its draft policy for health data released last month, where it said the user would have to provide consent each time her data is shared. Also, the user shall have a database to see which companies are accessing her data and can revoke data sharing at any point in time. A dashboard with all sharing requests and access will also be provided to the user.

NITI Aayog’s draft norms also stipulate something similar, but are not limited to areas of health and finance. Also, the rules go one step ahead of the draft non-personal data Bill and demand reciprocity from companies, i.e., if a company is willing to purchase data, it should also be ready to sell it in the market. While the framework suggested by NITI Aayog utilises existing norms and laws to allow data sharing, unless the government clears the personal and non-personal data Bills, the consumer will be hesitant. Also, if companies are going to pay consumers for their data, it is possible the latter may have to start paying for services like e-mail, maps, etc

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1India’s second wave: Deadly, but not more than transatlantic’s
2Board examination: An elephant that refuses to dance
3Fixing shortage of judges: After deadlines for govt, judiciary must address own role in delays