The electronics and IT ministry has proposed to set up a committee headed by Infosys cofounder S (Kris) Gopalakrishnan to look into non-personal data and suggest specific regulations for such data, officials said.
This comes after the ministry (MeitY) in its latest stakeholder consultation had sought suggestions on what should be the contours of a policy to govern non-personal data such as community data, anonymised data, and ecommerce data held by companies such as Uber, Google and Amazon.
Non-personal data is unlikely to be part of the Personal Data Protection Bill which is at an advanced stage of being finalised, a senior official told ET. “The government could possibly look at drafting a separate policy for non-personal data,” said the official who did not wish to be identified.
The proposal for the panel has been sent to the finance ministry for approval and will be finalised after getting it, the official said.
The committee would have seven members: additional secretary or joint secretary of the department for promotion of industry and internal trade, Nasscom president Debjani Ghosh, National Informatics Centre director general Neeta Verma, Avanti Finance chief technology officer Lalitesh Katragadda, Ponnurangam Kumaraguru of IIIT Hyderabad, non-profit organisation IT for Change’s executive director Parminder Jeet Singh, and MeitY joint secretary Gopalakrishnan S.
The committee’s terms of reference will be “to study various issues relating to non-personal data and to make specific suggestions for consideration of the central government on regulation of non-personal data”, according to MeitY’s memorandum on the issue.
It said the government had set up a committee under Justice BN Srikrishna to deliberate upon the data protection framework, and the committee had strongly recommended that the government should consider a suitable law for community data.
“…there is also a need to recognise the economic dimension of data and suitable taxonomy of data. This could include aggregated data, derived data, anonymous data, ecommerce data, AI training data, etc. Access to and control over various kinds of data is critical for economic advantage,” it said.
Privately collected digital data could be a necessary requirement for policy making, governance and public service delivery in many areas, the memorandum said.
The committee may co-opt other members for their specific inputs and shall try to submit its report as expeditiously as possible, it said.
In its feedback letters sent last month, MeitY had asked whether there was “a case to mandate free access to community data, anonymised data, ecommerce data, etc.” It also asked whether the data protection authority (DPA) be the regulator in respect of all non-personal data.