The Indian government is preparing grounds to publish a national data governance policy to streamline data collection and its sharing, especially those related to individuals’ personal data even though a separate legislation is proposed through the Personal Data Protection Bill 2019.
“Based on the consultations and inputs received about the Data Accessibility and Use Policy, MeitY (Ministry of Electronics and IT) is in the process of publishing a National Data Governance Framework and Policy,” Rajeev Chadrasekhar, junior Minister for Electronics and Information Technology, said in Rajya sabha (Upper House of parliament) last week.
He added that the government had notified the National Data Sharing and Accessibility Policy in the year 2012 and also set up the Open Government Data Platform on data.gov.in where the federal and State governments share open data sets relating to various sectors.
“So far more than 529 thousand data sets have been published on this portal and more than 9.21 million downloads have happened. Data from data.gov.in is consumed through APIs and also is available for bulk download,” the Minister said.
He was replying to a query from a parliamentarian in Rajya Sabha on April 1 on the safeguards introduced to check against privacy breaches of citizens’ data and the steps taken to ensure transparency and accountability in data sharing of such data.
According to the Minister, The Information Technology Act 2000 has adequate provisions for dealing with protection of Personal Data of users. Section 43A of the Information Technology Act, 2000 and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 provide safeguards for sensitive personal data or information collected by a body corporate.
“The Rules mandate that body corporate, including social media platforms, must provide policy for privacy and disclosure of such information, so that user is well aware of the type of personal data collected, purpose of collection and usage of such information. The rules also specify mode of collection of information, disclosure of information, transfer of information, etc. Also, section 72A of the IT Act provides for punishment for disclosure of information in breach of the lawful contract,” the government informed.
The government has also introduced the Personal Data Protection Bill, 2019 in Parliament in 2019. The Bill was referred to the Joint Committee of Parliament and the Joint Committee of Parliament has tabled its report on The Personal Data Protection Bill, 2019 in Parliament on 16.12.2021. The report and the Bill are under examination in the Ministry of Electronics and Information Technology, Chandrasekhar said.
Experts have been exhorting the government and policy-makers to put in place a data governance policy framework.
Deepak Maheshwari, Senior Fellow at Centre for The Digital Future, in a guest column in the Mint newspaper last October observed: “Data is the elephant in the digital room. To deal with it, India needs an overarching policy framework for data governance rather than being blindsided by discrete uni-dimensional instrumentalities based on simple binaries that may lead to cracks and overlaps.”