Hi Friends,

Even as I launch this today ( my 80th Birthday ), I realize that there is yet so much to say and do. There is just no time to look back, no time to wonder,"Will anyone read these pages?"

With regards,
Hemen Parekh
27 June 2013

Now as I approach my 90th birthday ( 27 June 2023 ) , I invite you to visit my Digital Avatar ( www.hemenparekh.ai ) – and continue chatting with me , even when I am no more here physically

Monday 9 December 2019

Debate has begun – in right earnest !




Hardly 2 days back , I blogged ( - and sent it as E Mail to Shri RaviShankar Prasadji ) :



where I said :

“ Are we about to enact a law which , on one hand, is not implementable and on the other hand , might lead to unending litigation ? “

No great “ insight / foresight “ here when you read what newspapers reported today !

Eg :

[ A ]



Extracts :


Ø  Bill which has proposed a new provision allowing the government to ask any data fiduciary to part with non-personal information — such as the number of cars on ride-hailing platforms like Uber — for better targeting of services, framing of policies and better governance.


Ø  “When you give discretionary powers and authority to ask for the data whenever the needs arise, who would have the discretionary power is the challenge,” said an industry executive.


Ø  “For cybersecurity-related cases, they come with a court or magistrate’s orders and only then such information is shared. There you have an extra layer of authenticity, apart from the executives who are seeking such data,” the person added


Ø  Now that the provisions have become part of the Bill, which will apply to all companies and any organisation which is processing data of individuals, the issue is expected to gain much more prominence.


Ø  “Globally, no country has regulations around non-personal or community data so far, so there is no precedence for the subject which is also very complex,”


Ø  An industry executive said: “The government first needs to get clarity on who is the owner of data.


According to Justice BN Srikrishna Committee (on data protection), the individual is the owner of his or her personal data so by that basis, the ownership of any derivative of personal data should also lie with the individual.


If the company invests in an IP and the proposition is so interesting to a user that that person agrees to share his/her personal data, then how can the government argue that such data belongs to the community ?


Ø  “Most of leading countries are building their AI strategy on data sharing, we will lose out if we don’t,” this expert added.


=========================================================
[ B ]

Extracts :


Ø  We have started stakeholder consultations on how to treat non-personal data. It is a highly sensitive matter as different stakeholders have different views on it.


Ø  For instance, Nasscom has its set of opinions, while industry body CII has its own views.


Ø  “We will try to see that the e-commerce policy is finalised soon. This (treatment of non-personal data) is the only sensitivity which has to be worked out,” Mohapatra said (Secretary, Department of Policy for Industry and Internal Trade )


Ø  The Ministry of Electronics and Information Technology (MeitY), while working on the Personal Data Bill, had made a separate committee comprising IT experts and officials from key Ministries to look at whether there should be a free flow of non-personal and anonymised data across borders or it should be localised.


=========================================================
[  C  ]





Ø  According to its provisions, personal health data falls under the category of ‘sensitive data’, which can be processed only based onexplicit consent ’ by individuals.


Ø  Pradeep Dadha, CEO of Netmeds.com, an online pharmacy said: “There should be more clarity on what are the activities that require consent – if information is required for transactions then obviously, we should not be required to take specific consent, but if such specific consent is indeed required, then we will have to make changes to the terms and conditions (on our websites) to suit that.”


Ø  The clause on ‘fair and responsible processing’ of data in the Bill also needs to be clarified and cannot be left open to interpretation, he added.


Ø  Since companies in the space also employ Artificial Intelligence based algorithms to process consumer data to better map and offer products and services to consumers, founders said more details would be required on how anonymised personal and non-personal data can be processed for use in such algorithms.


Ø  “In data science and AI, healthcare is one of the largest applications – we need to work with a lot of consumer data that is not personally identifiable. We have to make sure that the policy does not dissuade the processing of data and creation of new AI models of healthcare,” said Prashant Tandon, CEO of 1mg.


Ø  Though the Bill does not define non-personal data explicitly, it can include community data, anonymised data, ecommerce data, among some types of data. “There needs to be enough flexibility to use non-personal data as well,” Tandon added.


Ø  Gopichand Katragadda, former chief technology officer of Tata Sons and founder of deep technology startup Myelin Foundry, said consumer data would be best protected if there are guidelines that require explicit consent of individuals. “If their data is to be used by a business for various purposes, then consent should be clearly taken for each purpose,” he said.


=========================================================



Above mentioned differing “ views “ are just a small beginning



Wait till the full text of the bill is put up in public domain



When that happens , expect following questions :



Ø  As far as user granting  explicit consent “ is concerned, will the Govt ( and the Courts ), get satisfied with web sites / mobile apps, just insisting that users click on :


“ Hereby, I accept all the TERMS & CONDITIONS of this service , including granting my explicit and specific permission to :


#  permanently STORE all of my data ( whether submitted here voluntarily ) or acquired
    by this service from any source “ ONLINE “or “ OFFLINE “



#  PROCESS or get processed by third parties, all such data, with or without use of AI –
    Machine Learning – Blockchain and similar technologies



#  TRANSFER such data to third parties, within India or abroad



#  SELL such data to any person or organization for monetary consideration



#  In case of any one filing a court-case against this site/ app / service, under the DATA
    PROTECTION LAW, I absolve the site / app / service , from my side and undertake
    not to hold them liable for any damages


    

Ø  Since the bill specifically states that the “ data ( whether personal or non-personal / sensitive or otherwise / identifiable or anonymized / direct or derivative ), belongs to the individual ( even if he has never used internet / web ), then under our Constitution, does he not have the FUNDAMENTAL RIGHT to be able to SELL his own data to anyone / anytime / at any price – since he is the sole / exclusive data-owner?

Read :  PRIVACY for SALE   [  26  Aug  2017  ]


Ø  If Govt reserves the right to force/require any “ Data Fiduciary “ to handover my non-personal / anonymized data, why should not the user be compensated by the Government – even if fiduciary is not paid anything – and even if such data is used only for improving e-governance ?


This argument must be viewed in the context of the fact that the Government , itself has started SELLING such anonymized user data ( - not at all difficult to connect up with the data-owner and clearly identify him ! ), and become a DATA MERCHANT  !


          Read :   Bulk Data Sharing / Selling Policy ?            [  12  March  2019  ]




Govt is in the process of setting up the required PLATFORM for this as per following announcement made a few months ago



          Read :   Thanks , Shri Piyush Goyalji ,                      [  28  June  2019  ]


Extract :


The government is planning to set up a national data governance centre to hold all public data, and establish guidelines for the management, sharing and monetisation of information.


State agencies and even startups could access the data through this facility.
 


Public data relates to freely available information that is collated by various agencies or companies in the course of their operations and which can be traded without restrictions or be used for public utility purposes. This includes traffic and illness patterns. 



Data has an economic value, but who, when and where uses that, that would then lie under a national data-sharing policy to be developed under the data governance centre,
 


But recently, commerce minister Piyush Goyal directed his ministry to take out the data elements from the draft ecommerce policy, leaving the PDP Bill to handle those. 



“Shouldn’t all this community or public data be available at one centralised location with the government, so that it can be used by everyone, including government agencies to make relevant laws and even help startups 

========================================================

10  Dec  2019

hcp@RecruitGuru.com


No comments:

Post a Comment