NITI Aayog has released a framework on Data Empowerment and Protection Architecture (DEPA) which it calls a “consent-based data-sharing framework to accelerate financial inclusion”. The apparent aim of this framework is to allow people to access their data and securely share it with third party institutions.
The Aayog has sought feedback from stakeholders by October 1st. At the core of the proposed architecture is the institution of a consent management system which will allow the sharing of the information with a view to providing better financial, health, and telecom-related products and services to individuals and firms. The draft report stated that “In a nutshell, DEPA empowers people to seamlessly and securely access their data and share it with third party institutions.” “The Data Empowerment & Protection Architecture will empower individuals with control over how their personal data is used and shared while ensuring that privacy considerations are addressed. Seeking your comments on the draft document, before October 1,” it posted on Twitter on 3rd September.
The draft for the discussion paper titled 'Data Empowerment and Protection Architecture' further said it is designed as an evolvable and agile framework for good data governance, given the rapid pace of change in this arena. The draft for the discussion paper also pointed out that a well-designed data governance framework for the Indian context would enable, not just secure data protection, but also grant users control over data through a safe and seamless protocol to share data across institutions, leading to individual empowerment and well-being. “The sector already generates a high amount of structured and interoperable data regulated by strict standards making it an ideal place to begin operationalizing consent-based data-sharing framework, and see the impact of consented data sharing on availability and accessibility of financial products to new, more vulnerable markets,” stated the draft. As per the report, this framework is “set to launch in 2020”. The scale of the project is evidenced by the spectrum of government ministries and regulators involved in the project: RBI, SEBI, PFRDA (Pension Fund Regulatory and Development Authority), IRDAI, Finance Ministry (Department of Revenue, Department of Economic Affairs, and Financial Sector Development Committee), Ministry of Health and Family Welfare, the National Health Authority, the Ministry of Information and Technology, and TRAI. Kant wrote, “In India, we not only need stronger data protection but also data empowerment: everyday Indians need control over their own personal data to improve their lives. They should be able to leverage their digital history to access growth opportunities offered by different institutions". It will go live in the finance sector as a network of Account Aggregators in fall 2020 under the joint leadership of the Finance Ministry, RBI, PFRDA, IRDAI, and SEBI.