Why in News ?
A majority of MSMEs and start-ups are not comfortable with the draft non-personal data policy in the current form, as per a survey by Local Circles.
About the Local Circles Survey
- Response in the suvey :
- 27% said they would never want to share their anonymised data,
- 35% said they would be willing to do so only in a law and order or investigation situation.
- Only 30% could share the data with the government for general purposes.
- 80% MSMEs and start-ups oppose non-personal data policy in its current form.
- Over 31,000 responses about 17,000 from citizens and 15,000 from businesses were received across 280 districts for the survey.
- Start -ups and SMEs believe data sharing should be voluntary to start with and could be made mandatory later for firms with annual revenue of more than Rs. 500 crore.
Non-Personal Data Governance Framework
- Mr. Kris Gopalakrishnan committee to study various issues relating to non-personal data submitted its report in July, 2020.
- Non-personal data should be regulated to
- Enable a data sharing framework to tap the economic, social, and public value of such data
- Address concerns of harm arising from the use of such data.
- What is Non-personal data ?
- Does not contain personally identifiable information.
- For example, while order details collected by a food delivery service will have the name, age, gender, and other contact information of an individual, it will become non-personal data if the identifiers such as name and contact information are taken out.
- Any data which is not personal data like data pertaining to characteristics, traits or attributes of identity, which can be used to identify an individual is categorised as non-personal data.
- Public non-personal data : Data collected or generated by the government in course of publicly funded works. Eg : Data of land records or vehicle registration
- Community non-personal data : Raw or factual data (without any processing) which is sourced from a community of natural persons. Eg : datasets collected by municipal corporations or public electric utilities
- Private non-personal data : Data which is collected or generated by private entities through privately owned processes (derived insights, algorithms or proprietary knowledge).
- Risks associated with non-personal data :
- Non-personal data which is derived from sensitive personal data such as health, caste or tribe.
- Data which bears risk of collective harm to a group.
- Data related to national security or strategic interests.
- Sharing of non-personal data :
- Sovereign Purpose : Such as national security or legal requirements
- Public interest purpose : Policy making or better delivery of services
- Economic Purpose : To provide for a level playing field or for a monetary consideration
Global standards on non-personal data?
- European Union came out with a regulation framework for the free flow of non-personal data in the European Union.
- EU had then ruled would be shared by member states without any hindrances
- Several other countries across the world, there are no nationwide data protection laws, whether for personal or non-personal data.
Way Forward
Regulation must be clear, and concise to provide certainty to its market participants. It also includes must demarcate roles and responsibilities of participants in the regulatory framework.
Source : The Hindu
Topic
GS II : Government policies and interventions for development in various sectors and issues arising out of their design and implementation
Current Affairs Compilation : 24 September 2020