Amidst the hue and cry over a ban on dozens of mobile applications, the Indian government has decided to soon undertake a classification of data gathered by foreign firms which will decide whether they can transfer this information outside the country.
The nine-member committee constituted by India’s Ministry of IT and Electronics recommended mechanisms for defining data sharing for the purposes of sovereignty, core public interest, and the economy. The committee, headed by Indian IT wiz Kris Gopalakrishnan, advocates a separate legal framework for "Non-Personal Data".
Defining the categories of data classification being explored by the panel for a governance framework, the report noted, “in case of Personal Data, data principal is the natural person to whom the personal data relates. However, in case of Non-Personal Data, the definition of a data principal is related to the type of Non-Personal Data - Public, Community or Private data”.
Non-personal data refers to information that cannot identify a person, but has details on weather conditions, and data from sensors installed on industrial machines, as well as public infrastructure, as per the draft report submitted to the government on Monday.
The proposal is open for public feedback until 13 August.
Here is the report by India's committee of experts on#NonPersonalData governance framework https://t.co/WHPNmkkuae
— Radhika Parashar (@_RadhikaReports) July 13, 2020
I report for @SputnikInt . pic.twitter.com/3ATPoyIdsV
Netizens are reacting to the report on social media. While some are breathing a sigh of relief, others are disappointed by the report, which they say looks like it was made in haste.
Sigh... reading the Expert Committee’s Report on Non-Personal Data....🤦🤦🤦🤷♂️🤷♂️🤷♂️
— Ameet Datta (@DattaAmeet) July 13, 2020
Had a quick glance through the report on non-personal data governance framework. The document appears to be prepared in haste and disappoints in many areas with a clear lack of vision on what we want to achieve through the regulation! #India #regulation https://t.co/AQF0nOIOYL
— Arul George Scaria (@arulscaria) July 12, 2020
The Non Personal Data Committee Report outlines three roles, that of a data principal, custodian, and 'data trust'. Great to see the Committee's emphasis on the need for an institutional form of data infrastructure. As per the report, it is defined as—
— Akriti Gaur (@akritigaur) July 12, 2020
The update to India’s stance on its citizens’ non-personal data comes just days after the country’s Commerce Ministry released a 15-page draft of new e-commerce rules that also comes with a proposal to appoint a designated regulator to make sure that the playing field is free of monopolies, and with wider varieties of products.
The rules also note that online marketplaces would be required to make information concerning national security, law, taxation, and seller details available to the government within 72 hours of noticing unusual trends
After India’s ban on 59 Chinese apps over security reasons, it is being speculated that the proposed e-commerce and data rules may cause troubles for major companies like Amazon, Google, and Facebook, among others, who could be required to opt for data localisation for their operations in India.