GS Paper 3: Cyber security

Context: The Gopalakrishnan Committee report does not adequately address governance frameworks around government data sets.

About:

• The Committee of Experts on the Non-Personal Data Governance Framework has recommended in its report, among other things, making privately held non-personal data “open”.
• The objective is to make such data available for general use, though the committee does lay down conditions for such data transfers. This has raised concerns about state interference in the private data ecosystem.
• The report is a missed opportunity to address the governance frameworks around what are some of the most important non-personal data sets in a country — those created by government agencies, or those resulting from taxpayer money.
• Non-personal data are data that do not identify an individual. Nonetheless, such data can be useful in either framing public policy or creating and providing new services. For example, aggregate data from land registries can tell us a lot about land use patterns.
• Data related to traffic flows can be used to guide traffic management. Non-personal data are also viewed as critical for development of the AI ecosystem.

Why data should be open to citizens

• Some of the most important non-personal data sets are held by the government, or result from taxpayer funding.
• There are five reasons why these should be open to the citizens of the country.
• First, the state should be transparent about information that it has. This will improve accountability. This is one of the reasons why the Right to Information (RTI) Act, 2005, mandates the disclosure of government data on a suo moto basis.
• Second, if taxpayer money has funded any of the data sets, then it is an obligation of the state to return the fruits of that funding to the taxpayer.
• Third, by permitting the reuse of government data sets, we avoid the need for duplication.
• Fourth, government data sets, curated according to publicly verified standards, can lead to increased confidence in data quality and increased usage.
• Finally, free flow of information can have beneficial effects on society in general.
• In theory, we know that the government agrees with this proposition. Besides the RTI Act, we have in place many policies that promote and provide for openness of such data. For instance, one of the nine pillars of the Digital India Policy is “information for all”.
• The National Data Sharing and Accessibility Policy (NDSAP), 2012 requires all non-sensitive information held by public authorities to be made publicly accessible in machine readable formats (subject to conditions).
• The government has also set up an Open Government Data Platform to provide open access to data sets held by ministries and other agencies of the government. Various States have also either created their own data portals or have provided data sets to the Open Government Data Platform.

Failure to create an open data society

• In practice, the quality and quantity of data sets published by the government are still well short of ideal. In addition, the government’s general reticence to make valuable information sets available to the public is well known.
• There are two reasons for our failure to create an open databased society.
• The first is lack of clarity in some of the provisions of the NDSAP or the relevant implementation guidelines.
• The second is the inability to enforce guidelines appropriately, which has meant that data sets released by governments are often inconsistent, incomplete, outdated, published in nonmachine readable or inconsistent formats, include duplicates, and lack quality (or any) metadata, thereby reducing reusability.
• The Gopalakrishnan Committee could have evaluated what is going wrong with existing policies and practice pertaining to government data, and deliberated on how these can be addressed. Instead, the report largely focuses on the dangers posed by data collection by private sector entities.
• Without going into the merits or demerits of taking an interventionist approach to the data ecosystem, many of the concerns that should be addressed in the report that are central to the governance of the data ecosystem have sadly remained in the background.
• For instance, India’s cyber security framework continues to be woefully inadequate, while even the Justice B.N. Srikrishna Committee report of 2018 highlighted the need to restrict the growing power of the state to carry out surveillance.
• Since data governance is a relatively new concept in India, the government would be better served in taking an incremental approach to any perceived problems. This should begin with reforming how the government itself deals with citizens’ data.
• This would engender greater trust in data governance practices and, importantly, allow the development of state capacity to govern the data ecosystem.

Reference: https://www.thehindu.com/opinion/op-ed/a-missed-opportunity/article32507522.ece

Download PDF