Harsh Vardhan Pachisia and Sharmadha Srinivasan
The Ministry of Electronics and Information Technology (MeitY) recently opened the draft National Data Governance Framework Policy, 2022 (NDGFP) for public consultation, a revised version of the India Data Accessibility and Use Policy (IDAUP) that was put out earlier this year and received criticism.
The ministry pulled the plug on the IDAUP over privacy concerns, and specific clauses on monetisation of data. Civil society and industry experts raised issues of government bodies sharing personal data with each other via a searchable database in the absence of a law governing such information.
While the updated policy is an improvement, certain concerns from the older draft versions still exist, especially in terms of effective implementation.
First, given past experience, the institutional design framework still needs to address issues of capacity and incentives that have been a major bottleneck in earlier efforts to open government data. Second, greater regulatory clarity is needed on how the current policy would work in tandem with past and existing policies.
While India has adopted many policies in the past to make government data more accessible (from the RTI Act to the National Data Sharing and Accessibility Policy (NDSAP)), implementation capacity remains the key shortcoming. The primary institution tasked with implementing the current mandate is the proposed India Data Management Office (IDMO).
The IDMO, set up under MeitY, will have a multitude of responsibilities ranging from data management, building out data platforms, and setting data standards to building data abilities across national and state departments. That is a huge mandate for a single body, and clarity is needed on how the IDMO will be budgeted and staffed to achieve these ambitious goals.
The current policy may run into similar implementation problems as faced by the NDSAP, since its requirements are quite similar. Under the new policy, each ministry will have a Chief Data Officer who will co-ordinate implementation alongside the IDMO. It is still not clear whether the Chief Data Officer will be an added hire or the departmental bureaucrat. Given the extensive responsibilities and tasks of the everyday bureaucrat, adding another layer of responsibility without building the requisite abilities could lead to poor implementation. The NDSAP had overlooked the same issue, leading to only 50 percent of the Chief Data Officer positions being filled, eight years after its enactment.
There are many spillovers to the capacity constraints issue — a 2021 paper by the IDFC Institute evaluated the NDSAP and found notable gaps in enforcement. One, the open government data platform itself could have been substantially improved by sharing data in machine-readable formats, and supplying information on how these datasets were collected. Second, MietY's engagement with citizen queries and feedback on the data was deemed to be low. Finally, there was a dearth of information on whether earlier policies were enforced, inferring that these may not have been implemented in time. Unless capacity is strengthened and incentives offered, we risk running into the same challenges as last time.
It is equally critical to clarify how the NDGFP 2022 would interact and work in conjunction with existing regulations and other ongoing initiatives. For instance, the NDGFP’s plan of creating an India Datasets programme (and accompanying platform) comes on the heels of the recently launched National Data Analytics Platform (NDAP) under the stewardship of NITI Aayog. It should be clarified how these two programmes (in addition to the existing National Open Government Data platform), will co-exist and serve different purposes without increased costs for each ministry in following separate programmes.
Regulatory clarity is essential — both for clearly demarcating the jurisdictions of different regulatory authorities, and for synchronising the data accessibility guidelines with other relevant regulations. Contradictory policies and regulations will increase market uncertainty, make effective implementation impossible, and lead to turf battles between different authorities. A possible reference could be the recently released EU Data Act for non-human NPDs which dedicates a section (Chapter IX) on the implementation and enforcement of the act in interaction with existing regulations.
While it is good to see such open data efforts by the government, ensuring that they are set up for success is key. Finally, privacy and data protection need to be prioritised — any effort to put out public data should not be decoupled from a strong data protection law. This would be akin to placing the cart before the horse.
India already finds itself behind the curve, with 137 countries already setting up a form of data protection. If efforts on putting out government data must constructively move forward, the data protection law too should not be further delayed.
Harsh Vardhan Pachisia is former Senior Associate and Sharmadha Srinivasan is Senior Associate at Artha Global. Views are personal, and do not represent the stand of this publication.