Posts – Test - The Quantum Hub

Regulatory cobwebs threaten to scupper India’s data economy

Author: Deepro Guha
Published: August 06, 2020 on Firstpost

“Today, data is the real wealth and it is being said that whoever acquires and controls the data will have hegemony in the future. The global flow of data is creating big opportunities as well as challenges.” These words were spoken by the Prime Minister of India during his speech at the World Economic Conference, 2018, perhaps an indication of the regulatory proposals in the offing. 50 crore Indians, over and above the current 45 crore, are expected to come online for the first time by 2022. Internet traffic in India is expected to rise to 78 exabytes (an exabyte equals a million terabytes) by 2021.

This exponential rise in the quantum of data generated in India would potentially create conditions for a thriving data market that can further be leveraged for the creation of new business opportunities, new forms of employment, evidence-based governance solutions, social welfare interventions etc.

In this context, the regulatory control of data is right up the list of policy priorities of the government. Regulation of data can be viewed from various prisms and policy objectives — privacy, national security, competition, ownership and innovation. Some of these objectives run counter to each other and there are several trade-offs that the government needs to make.

Current laws and policies

Currently, the laws in place for regulation of data is bare bones, with Section 43 of the Information Technology Act providing for basic norms of reasonable security practices during handling of data and punishments for contravention of the same. To further the scope of data regulation, the Government of India has been working on the Personal Data Protection Bill (PDP Bill) for regulation of personal data, formed a committee to advise on regulation of non-personal data and also touched upon data regulation in sector specific policies/laws such as the draft E-Commerce Policy, draft Digital Information Security in Healthcare Act (DISHA), RBI regulations for financial data etc.

While data regulation becoming a policy priority in India is very much in line with government action around the world, the Indian government’s approach can be described as haphazard and even overzealous.

Proposed regulators

Of the above-mentioned policy proposals, three proposed regulators are especially headed towards a collision course as they regulate the entire data economy. The first is the proposed Data Protection Authority (DPA) under the PDP Bill, which would be instituted with the objective of protecting personal data. Its jurisdiction would cover regulation of rights of data principals (those people who data pertains to), sharing of data, consent, cross-border transfer of data, roles and responsibilities of data fiduciaries (entity which collects the data) and data processors, mechanisms like data audits, classification of data fiduciaries etc. Thus the DPA is envisaged as a regulator looking at privacy as well as national security concerns.

Second, the report of the Expert Committee on Non-Personal Data (NPD report) has suggested the setting up of a Non-Personal Data Authority (NPDA), with the objective of facilitating sharing of non-personal data between entities who hold a large amount of data and Indian start-ups and other entities to build new products. Its jurisdiction would cover adjudication of data sharing requests, anonymisation of data among other things. Thus, the NPDA is envisaged as a regulator looking at unlocking economic benefits and ensuring smooth functioning of a ‘data market’.

Third, the leaked draft National E-Commerce Policy 2020 mentions setting up an institution of an e-commerce regulator which would ensure “fair competition, consumer protection (to the extent not covered by Consumer Protection Act) and handling of e-commerce related data issues”. However, the way this policy defines ‘e-commerce’ is in a manner that is used interchangeably with ‘digital economy’ which makes its reach as vast as the reach of the above-mentioned regulators covering the entire ambit of data-driven entities.

Regulatory confusion

These three proposed regulators with powers to govern data across industries in addition to sectoral regulators risk forming a regulatory cobweb, stifling innovation in data led businesses and increasing their compliance costs. The significant overlap in their powers and jurisdiction is even more concerning when one delves deeper into each of these proposals and examines some key proposals.

The first major problem is the definition of ‘non-personal data’. Non-personal data according to the NPD report is currently defined as any data which is not personal. Both technical and legal experts are uncomfortable with this definition.

While many technical experts contend that any level of anonymisation isn’t a foolproof guarantee against reverse engineering of data, legal experts contend that as collection and processing of data is a complex process often with no clear dividing lines between types of data, such an expansive definition is bound to create jurisdictional confusion between DPA and NPDA.

Additionally, while anonymised data is considered to be non-personal and thus ideally regulated by the NPDA, the NPD report’s recommendation of adding explicit consent provisions for anonymisation under the PDP Bill as well as Clause 82 of the PDP Bill providing for penalties for re-identification of anonymised data, could bring anonymised data under the jurisdiction of DPA as well.

Another source of confusion may be the definition of ‘data businesses’ (in the NPD report), as this bears a striking resemblance to the definition of ‘significant data fiduciary’ (SDF) in the PDP Bill. Both these terms are based on quantum of data collection thresholds, but these standards may be different in each case as they are decided by different authorities.

Similarly, confusion may occur between the proposed e-commerce regulator and the DPA, both of which are envisaged to have powers to define rules for cross border sharing of data.

To add to this puzzle, powers of proposed non-regulatory bodies such as ‘data trustees’, as suggested by the NPD report, also seem to clash with powers of the regulators. A ‘data trustee’ is proposed to be responsible for protection and enforcement of data rights of a community. The NPD report mentions that data trustees may have powers to order mandatory sharing of data, which could encroach on the regulator’s power to adjudicate on such requests.

Thus, with all the above proposals, it is safe to say that we are headed into a regulatory quagmire which can be a huge impediment for data driven businesses. While, prima facie, some of these proposals do mention that the regulatory scope will be well defined to avoid confusion, clarity will continue to elude unless ambiguity over some of the key definitions is resolved.

In its attempt to extract the maximum value from the data economy, the government must resist the temptation to be overzealous in regulation. An overtly complex regulatory structure can impede innovation, eroding the benefits of the data ecosystem that the government sought to reap in the first place.

Menstrual Waste Disposal: Where does India stand and how do we address the challenge?

Published: March 2020

It has been estimated that around 1 billion used sanitary napkins are discarded per month in India. Various studies have suggested that a single disposable sanitary napkin contains plastic which takes up to 500 to 800 years to naturally decompose, making sanitary napkins a serious environmental hazard. In addition, these products contain blood and bodily fluids, which if not sanitized to destroy pathogens, can spread dangerous infections to those coming in contact with such waste. All these aspects make the proper disposal and treatment of menstrual waste an extremely vital aspect of the menstrual health management (MHM) value chain, one that India can no longer ignore. Acknowledging the need to address these issues, various central government bodies, state governments and municipal corporations have issued rules regarding the handling of menstrual waste over the past few years. However, their implementation remains patchy and most menstrual waste still finds itself accumulating in landfills.

More recently, there has been a thrust by governments towards installation of incinerators in places with high footfall such as schools, workplaces, malls etc. However, the emission and safety standards of these incinerators are yet to be issued. Certain municipalities have also experimented with incineration at centralised bio-medical facilities. Although environmentally friendly and cost-efficient in comparison with decentralised incineration, such centralised facilities require menstrual waste to be segregated at source, which remains a challenge.

Given this context, TQH undertook a detailed study for the NFSSM Alliance to understand how this problem might be addressed. We spoke with a wide array of stakeholders in the menstrual hygiene and waste disposal ecosystem, including municipal officials, sanitary workers, civil society organisations, incinerator manufacturers and incinerator users to bring together their experiences and insights. This is one of the first comprehensive studies on the state of menstrual waste disposal in India. The study looks at the menstrual waste value chain in detail and presents possible solutions to this ballooning problem. A crisp brief for policymakers is also available below.

For any queries on the subject, please feel free to write to [email protected]

Access the detailed report here
Read the brief for policymakers

Saving the economy from COVID-19

Will India’s 20 lakh crore relief package deliver?

On May 12, 2020, Prime Minister Narendra Modi addressed the nation through a televised address whereby he outlined the plan for India’s continuing response to the Covid-19 pandemic. He urged self-reliance and promotion of Indian enterprises. He also announced a special economic package, and said that the recent announcements by the government as well as the measures by the RBI, combined with the May 12 financial package amount to Rs. 20 lakh crore — nearly 10% of India’s GDP. The details of this special economic package were announced by the Finance Minister, Nirmala Sitharaman, through daily press briefings. The document attached here analyses the measures announced by the Finance Minister.

A careful perusal of the measures indicates a far lower fiscal outgo than what would have been expected for a stimulus equaling Rs. 20 lakh crore. Many announcements are a reiteration of earlier expenditure measures, and some others focus on monetary policy interventions to increase money supply. Several measures aim at long-term impact, without having any direct implications for the short-term COVID-19 recovery process. Fitch solutions, a macro intelligence firm estimates the fiscal impact of the additional stimulus to be only about 1% of GDP as opposed to the suggested 10%. Many analysts have thus called out the government’s tepid response to the crisis, especially given the economic contraction that India is staring at, with GDP slump projected to be as high as 45% for the quarter and 5% for the entire financial year.

In many ways, India’s response seems to pale in comparison with those of other countries, even against ones that did not impose as widespread a lockdown as India did. Countries like the USA and UK have been focusing on saving jobs and keeping demand from collapsing. The US is giving a one-time $1,200 cheque to every adult earning up to $75,000, plus $500 for every child they have. This is estimated to benefit around 90% of the households in the country. Similarly, the UK Government has committed to paying 80% of salary for staff who are kept on by their employer, covering wages of up to £2,500 a month.

While a like to like comparison is of course not possible, and the lack of formalisation in the Indian economy certainly makes it difficult for the government to implement a stimulus package as effectively as it is done in the developed world, the idea of the above comparison is to highlight the wide difference in the quantum of support. In the note linked here, we enumerate the different measures announced by the Finance Minister and analyse the likely impact of each measure on India’s immediate economic recovery, while highlighting potential challenges in implementation.

Access the detailed analysis here