Tele-Talk新鲜的花,深入分析和观点从受人尊敬的行业领导者

当胜利不是第一:非个人数据监管

”,要求数据共享和创造监管超级结构和疏忽,NPD报告设想,我们很可能带来重大的减震效应在任何创新,”Jain说。

瑞卡贾殷
瑞卡贾殷 印度主要顾问、宽带论坛

The proposed Personal Data Protection (PDP) bill, 2019 is an Indian initiative in this regard. The PDP deals with personal data that is not anonymized, as once the data is anonymized, it is believed that it cannot identify a person. (However, developments in algorithms and big data contest this claim, as re-identification is possible). Along with the initiative of regulating personal data to protect privacy of individual citizens, the government set up a Committee of Experts (CoE) for regulating non-personal data (NPD). The CoE came out with its second version of its report in December 2020. It defined NPD as all data that is not covered by the PDP. Thus it includes personal anonymized data.

The focus of the NPD Report is largely on developing a framework for sharing data as a mechanism for spurring innovation from start-ups. The NPD Report identifies several actors along with their roles and responsibilities for this purpose. It identifies \u201cData Businesses\u201d, (organizations that have a certain threshold in terms of size, revenue etc) for mandatory data sharing for the creation of \u2018high value datasets\u2019(\u201cHVD\u201d) for the \u201cpublic good\u201d. The determination of what constitutes a HVD and \u2018public good\u2019 would be done by \u201cData Trustees\u201d and they are expected \u201cto exercise the rights of the community over non- personal data collected in these HVDs\u201d. The Data Trustees are expected to be organized as a non-profit (Section 8\/Trust\/Society). Each HVD would have an associated Data Trustee. The NPD Report proposes creation of an \u201cNPD Authority\u201d who is expected to develop the regulatory framework for data sharing and adjudicate if Data Businesses do not share data with the Data Trustees.

The NPD Report, seems to suggest mandatory data and metadata sharing for \u201cData Businesses\u201d, but requires some clarity on whether that mandate is only for HVDs or in general. The Report does make an exception to data sharing where the company\u2019s trade secrets are involved, but there could be instances where companies could rightfully claim that sharing any metadata, and hence the underlying data, would compromise their trade secrets. Adequate clarity in this regard could help address this matter appropriately. Further, the NPD Report does not address liabilities and harms that may arise because of such mandatory third party sharing.

The NPD Report is premised on the benefits of the data being made available to a \u201ccommunity\u201d from whom the data was collected. The NPD Report defines \u201ccommunity as any group of people that are bound by common interests and purposes, and involved in social and\/or economic interactions\u201d. The NPD Report recommends that such communities organize themselves as a non-profit organization such as a Section 8 company\/Society\/Trust for raising complaints about harms that arise due to sharing their NPD. However, how and what the benefits of data could be leveraged by the community is not clear.

Further, using the \u201ccommunity\u201d as a construct for ownership\/management of data is problematic in a digital context. This is because unlike for ownership of physical resources, where communities are relatively well defined and limited by geography, communities in the digital space are transient, emergent and likely to be transnational. Further, even if not transnational, members are likely to be dispersed and have loose interconnections.

Adopting frameworks developed in the physical world for the digital requires taking into account the underlying inherent aspect of the rapid rate of technological change and designing appropriate relevant instruments. The relevance of governance instruments of the physical resource, which are less influenced by technological change, needs to be established. Thus adopting the \u201ccommunity\u201d as a formal actor in this space, is problematic, not even considering that there is no legal way to define a community.

The success of start-ups depends on their ability to identify a latent product or service need, designing the product\/service and providing a solution that provides a value-addition to the customer. Airbnb and Uber are examples from the USA. In India, Paytm, Delhivery, Flipkart, 1mg, firstcry are examples of start-ups innovating in finding a solution to an existing problem or fulfilling a latent customer need. The did not emerge out of an analysis of huge amounts of existing data.

As an example, Delhivery that focused on the last mile delivery solutions, recognized the challenges in this segment. As an integral component of solutions that it sought to implement, it developed an AI based algorithm to generate the correct geographical location from incomplete or incorrectly and variously spelt addresses. This was a requirement as there is no standard way in which addresses in India are specified. Today, it could sell this as a product or service, if required. Delhivery bootstrapped from the existing data.

Therefore, merely supporting data sharing (in the first place, is data availability even always a bottleneck?) without support for and acknowledging the importance the underlying data infrastructure and algorithmic skills, the effectiveness of NPD management, whatever shape it takes in the future will be undermined. It is clear that start-ups need a lot more \u2013 algorithmic skills, incentives, finances, stable regulatory regime, legal support and a host of other factors to flourish.

The NPD Report in its present form could lead to considerable regulatory uncertainty due to the ambiguous and unclear role of various actors. In trying to be the first country to legislate a NPD Law and create the NPD Authority, in a national milieu characterized by institutional voids, the government could create even greater legal regulatory uncertainty than exists today. We need to examine whether mandatory data sharing is the only way to spur innovation and will it actually spur innovation.

By mandating data sharing and creating the regulatory super structures and oversights, as envisaged in the NPD Report, we are likely to create significant dampening effect on any innovation in the country. This would be really sad, given that we are seeing exploding use of Internet and IoT in the country, that could result in Indian businesses being world leaders in innovative products\/services.

","blog_img":"","posted_date":"2021-11-23 08:58:26","modified_date":"2021-11-23 08:58:26","featured":"0","status":"Y","seo_title":"When winning is not about being the first: The Non-Personal Data regulation","seo_url":"when-winning-is-not-about-being-the-first-the-non-personal-data-regulation","url":"\/\/www.iser-br.com\/tele-talk\/when-winning-is-not-about-being-the-first-the-non-personal-data-regulation\/5157","url_seo":"when-winning-is-not-about-being-the-first-the-non-personal-data-regulation"}">
域的数据治理管理世界各地的通量,可以看到大量的反垄断案例在全球范围内尤其是对大型科技股。治理框架来管理物理资源在几个世纪以来一直在发展,但远非完美。数据和知识是抽象资源和治理框架,这些都是最近的。正如印刷机的发明导致了知识产权保护的概念,海量的数据通过传感器、物联网和移动电话,大型科技股占主导地位,一方面在经济活动创造一个环境,政府和公民都关心数据的监管。监管对于隐私保护是一个结果的出现这样的问题。

拟议中的个人数据保护(PDP)法案,2019年是一个印度计划在这方面。PDP处理个人数据不匿名,一旦数据是匿名的,相信它不能识别一个人。(然而,算法的发展和大数据竞赛这一说法,尽可能地展示)。的主动调节个人数据保护公民个人隐私,政府成立了一个委员会的专家(CoE)调节非个人数据(NPD)。CoE推出第二版的报告在2020年12月。NPD定义为所有的数据不是由PDP。因此,包括个人匿名数据。

的焦点NPD报告主要是在开发一个框架为共享数据的机制刺激创新创业。NPD报告确定了几个演员连同他们的角色和职责。它识别“数据业务”,(组织某一阈值的大小、收入等)为强制性的数据共享的高价值的数据集的创建(HVD)“公共利益”。的确定什么构成了HVD和“公共利益”是由“数据受托人”,他们预计“行使权利的社会非个人在这些HVDs”收集的数据。受托人的数据预计将作为一个非盈利组织(部分8 /信托/社会)。受托人每个HVD都有一个关联的数据。NPD报告提出建立一个“NPD权威”预计将制定数据共享和监管框架裁决如果企业数据不共享数据与受托人的数据。

NPD报告似乎表明,强制性的数据和元数据共享为“数据业务”,但需要明确是否授权只有HVDs或一般。报告确实使一个异常数据共享涉及到公司的商业机密,但可能有情况公司可以理所当然地宣称任何元数据共享,因此底层数据,会妥协他们的商业机密。足够清晰适当地在这方面可以帮助解决这个问题。此外,NPD的报告并没有解决债务和可能出现的伤害,因为这样的强制第三方共享。

NPD报告是基于数据的好处,“社区”从他收集的数据。NPD报告定义“社区因为任何一群人受共同利益和目的,以及参与社会和/或经济互动”。NPD报告建议这样的社区组织本身作为一个非营利组织如8节公司/社会/信任提高抱怨由于分享他们的NPD所产生的危害。然而,如何和什么数据可以利用社区的好处还不清楚。

此外,使用“社区”作为构建所有权/管理在数字环境的数据是有问题的。这是因为不同的物理资源的所有权,在社区相对定义良好和地理限制,社区在数字空间瞬态、紧急和可能跨国。进一步,即使不是跨国,成员可能会分散和松散的联系。

采用框架开发的物理世界的数字需要考虑底层的内在方面快速的技术变革和设计适当的相关仪器。治理的相关仪器的物理资源,不受技术变革的影响,需要建立。因此采用“社区”作为一个正式的演员在这个空间,是有问题的,即使考虑到没有合法的方式来定义一个社区。

初创企业的成功取决于他们的能力来识别潜在的产品或服务的需求,设计的产品/服务和提供一个解决方案,向客户提供了附加价值。Airbnb和超级来自美国。在印度,Paytm Delhivery, Flipkart公司1毫克,firstcry创业创新的例子在现有的问题找到一个解决方案或满足潜在的客户需求。的没有出现大量的现有数据的分析。

作为一个例子,Delhivery专注于最后一英里交付解决方案,确认这部分的挑战。作为一个解决方案,它试图实现的不可或缺的组成部分,它开发了一个基于人工智能算法来生成正确的不完整或不正确的地理位置和不同的拼写地址。这是一个要求,因为没有标准的方式在印度指定地址。今天,它可以卖这个产品或服务,如果需要的话。从现有的数据Delhivery引导。

因此,仅仅支持数据共享(首先,数据可用性甚至总是一个瓶颈吗?)不支持和承认的重要性底层数据基础设施和算法技巧,NPD管理的有效性,无论形状需要在未来将会受到破坏。很明显,企业需要更多的算法技巧,激励,财务状况,稳定的监管制度、法律支持和许多其他因素。

NPD报告在其目前的形式可能会导致相当大的监管不确定性由于模糊不清的不同演员的角色。在试图成为第一个国家立法NPD法律和创建NPD的权威,在国家环境机构空洞,政府可以创造更大的法律监管方面的不确定性比今天。我们需要检查是否强制性的数据共享是唯一的办法来刺激创新,它实际上会刺激创新。

通过强制数据共享并创建监管超级结构和疏忽,NPD报告设想,我们可能会带来重大的减震效应在任何创新。这将是很伤心,因为我们看到爆炸使用互联网和物联网,这可能导致印度企业在创新产品/服务世界领导人。

免责声明:作者的观点仅和ETTelecom.com不一定订阅它。乐动体育1002乐动体育乐动娱乐招聘乐动娱乐招聘乐动体育1002乐动体育ETTelecom.com不得负责任何损害任何个人/组织直接或间接造成的。


The proposed Personal Data Protection (PDP) bill, 2019 is an Indian initiative in this regard. The PDP deals with personal data that is not anonymized, as once the data is anonymized, it is believed that it cannot identify a person. (However, developments in algorithms and big data contest this claim, as re-identification is possible). Along with the initiative of regulating personal data to protect privacy of individual citizens, the government set up a Committee of Experts (CoE) for regulating non-personal data (NPD). The CoE came out with its second version of its report in December 2020. It defined NPD as all data that is not covered by the PDP. Thus it includes personal anonymized data.

The focus of the NPD Report is largely on developing a framework for sharing data as a mechanism for spurring innovation from start-ups. The NPD Report identifies several actors along with their roles and responsibilities for this purpose. It identifies \u201cData Businesses\u201d, (organizations that have a certain threshold in terms of size, revenue etc) for mandatory data sharing for the creation of \u2018high value datasets\u2019(\u201cHVD\u201d) for the \u201cpublic good\u201d. The determination of what constitutes a HVD and \u2018public good\u2019 would be done by \u201cData Trustees\u201d and they are expected \u201cto exercise the rights of the community over non- personal data collected in these HVDs\u201d. The Data Trustees are expected to be organized as a non-profit (Section 8\/Trust\/Society). Each HVD would have an associated Data Trustee. The NPD Report proposes creation of an \u201cNPD Authority\u201d who is expected to develop the regulatory framework for data sharing and adjudicate if Data Businesses do not share data with the Data Trustees.

The NPD Report, seems to suggest mandatory data and metadata sharing for \u201cData Businesses\u201d, but requires some clarity on whether that mandate is only for HVDs or in general. The Report does make an exception to data sharing where the company\u2019s trade secrets are involved, but there could be instances where companies could rightfully claim that sharing any metadata, and hence the underlying data, would compromise their trade secrets. Adequate clarity in this regard could help address this matter appropriately. Further, the NPD Report does not address liabilities and harms that may arise because of such mandatory third party sharing.

The NPD Report is premised on the benefits of the data being made available to a \u201ccommunity\u201d from whom the data was collected. The NPD Report defines \u201ccommunity as any group of people that are bound by common interests and purposes, and involved in social and\/or economic interactions\u201d. The NPD Report recommends that such communities organize themselves as a non-profit organization such as a Section 8 company\/Society\/Trust for raising complaints about harms that arise due to sharing their NPD. However, how and what the benefits of data could be leveraged by the community is not clear.

Further, using the \u201ccommunity\u201d as a construct for ownership\/management of data is problematic in a digital context. This is because unlike for ownership of physical resources, where communities are relatively well defined and limited by geography, communities in the digital space are transient, emergent and likely to be transnational. Further, even if not transnational, members are likely to be dispersed and have loose interconnections.

Adopting frameworks developed in the physical world for the digital requires taking into account the underlying inherent aspect of the rapid rate of technological change and designing appropriate relevant instruments. The relevance of governance instruments of the physical resource, which are less influenced by technological change, needs to be established. Thus adopting the \u201ccommunity\u201d as a formal actor in this space, is problematic, not even considering that there is no legal way to define a community.

The success of start-ups depends on their ability to identify a latent product or service need, designing the product\/service and providing a solution that provides a value-addition to the customer. Airbnb and Uber are examples from the USA. In India, Paytm, Delhivery, Flipkart, 1mg, firstcry are examples of start-ups innovating in finding a solution to an existing problem or fulfilling a latent customer need. The did not emerge out of an analysis of huge amounts of existing data.

As an example, Delhivery that focused on the last mile delivery solutions, recognized the challenges in this segment. As an integral component of solutions that it sought to implement, it developed an AI based algorithm to generate the correct geographical location from incomplete or incorrectly and variously spelt addresses. This was a requirement as there is no standard way in which addresses in India are specified. Today, it could sell this as a product or service, if required. Delhivery bootstrapped from the existing data.

Therefore, merely supporting data sharing (in the first place, is data availability even always a bottleneck?) without support for and acknowledging the importance the underlying data infrastructure and algorithmic skills, the effectiveness of NPD management, whatever shape it takes in the future will be undermined. It is clear that start-ups need a lot more \u2013 algorithmic skills, incentives, finances, stable regulatory regime, legal support and a host of other factors to flourish.

The NPD Report in its present form could lead to considerable regulatory uncertainty due to the ambiguous and unclear role of various actors. In trying to be the first country to legislate a NPD Law and create the NPD Authority, in a national milieu characterized by institutional voids, the government could create even greater legal regulatory uncertainty than exists today. We need to examine whether mandatory data sharing is the only way to spur innovation and will it actually spur innovation.

By mandating data sharing and creating the regulatory super structures and oversights, as envisaged in the NPD Report, we are likely to create significant dampening effect on any innovation in the country. This would be really sad, given that we are seeing exploding use of Internet and IoT in the country, that could result in Indian businesses being world leaders in innovative products\/services.

","blog_img":"","posted_date":"2021-11-23 08:58:26","modified_date":"2021-11-23 08:58:26","featured":"0","status":"Y","seo_title":"When winning is not about being the first: The Non-Personal Data regulation","seo_url":"when-winning-is-not-about-being-the-first-the-non-personal-data-regulation","url":"\/\/www.iser-br.com\/tele-talk\/when-winning-is-not-about-being-the-first-the-non-personal-data-regulation\/5157","url_seo":"when-winning-is-not-about-being-the-first-the-non-personal-data-regulation"},img_object:["","retail_files/author_1599561728_27456.jpg"],fromNewsletter:"",newsletterDate:"",ajaxParams:{action:"get_more_blogs"},pageTrackingKey:"Blog",author_list:"Rekha Jain",complete_cat_name:"Blogs"});" data-jsinvoker_init="_override_history_url = "//www.iser-br.com/tele-talk/when-winning-is-not-about-being-the-first-the-non-personal-data-regulation/5157";">