Open data and closed minds
Technology, like art, is a soaring exercise of human imagination. Artificial intelligence (AI), once a figment of imagination of sci-fi writers, is today the mainstay in real-world economies. So much so that the world is betting on AI to make financial inclusion a reality. But this transition from imagination to reality is not without fear. Misplaced metaphors — “AI is turning us into guinea pigs”, or that “Big Brother AI is watching you” — have painted a distorted picture of big data and its uses.
Frenzy tempered by data privacy concerns and such hyperbolic references have led to tunnel vision and blind spots when it comes to data governance. I say this in light of the criticism that the latest draft of India’s data protection bill has received.
Open data and individual privacy can co-exist
No data is too sensitive to be open for analysis — I say this not to sensationalise, but to sensitise. Access to proprietary data is a critical need; government agencies need it for policy formulation and law enforcement, businesses need it to be able to improve products and services, and the public needs it to hold agencies accountable. All these needs can be met while preserving individual privacy. And you don’t need to turn to world powers to see how it’s done.
Estonia, a small country on the brink of Europe, with just 1.3 million people, has built a truly digital society. Taxes are completed online in under five minutes, 99% of Estonia's public services are available on the web 24 hours a day, and nearly one-third of citizens vote via the internet. Entrepreneurs can register businesses in as little as 18 minutes, and check vital company, property and legal records online. Skype was born here and its effect started a generation of entrepreneurs whose aspirations soared since.
What was once a relatively poor country is now home to numerous tech unicorns — so much so that its startups are worth twice its national budget. And the beauty is it ranked third on the Global CyberSecurity Index 2022 despite deeply entrenched digitalisation.
Building data highways
India must pave a similar road for itself too. The best way to reach every corner of India with high quality services is to do it digitally straight away — it’s simpler, cheaper, and easier. The Indian ground is fertile for growing a digital economy. For instance, the IT sector that constituted a measly 0.01% of GDP in the 1980s now makes up 13% of the GDP. But for this momentum to sustain, India needs an enabling data governance framework. More importantly, India must dispel its misplaced fears.
Let me take you back in time to 2018. The Supreme court’s landmark judgement on the constitutionality of Aadhar recorded a dissenting opinion that read something like this — “the unique identity scheme reduces a person to a 12-digit number”.
Today the same 12-digit number has re-written India’s financial inclusion story; one number to include them all, one number to reach and verify them all, one number that changed identities with access to credit. Conjuring up fears and giving it the colour of rationality with philosophical abstractions helps nobody. Overthinking may be our national hobby, but it would cost us heavily if we are not measured in our criticism.
India has a laudable Data Empowerment and Protection Architecture (DEPA) which champions privacy by design while enabling data portability and data interoperability. Consent layer is baked into the DEPA framework allowing seamless data flow. And the latest bill comes with official recognition for consent managers that would empower people to give, manage, review and withdraw consent.
Source: NITI Aayog
The bill also contains novel concepts such as ‘voluntary undertaking’, a reasonable approach to get data-driven businesses to comply. Basically, the slightest transgression would not immediately qualify for disqualification, instead would give businesses room to make amends. More importantly, it’s a pithy document, without the ritualistic verbosity of policy talk.
However, there are certain key concepts missing in the draft. The most obvious one that comes to mind is the ‘right to erasure’. But opposing views have mostly overlooked this. Critics’ laser-sharp focus on exceptions enjoyed by state agencies in the bill has silhouetted the larger objective of privacy law. Let this cacophony not drown the voices that remind us of the immense value in data sharing.
At FinBox alone, for instance, we have helped bring more than 16 million people with no credit history into the fold of formal credit by building anonymized and fully secure data-driven intelligence models that take advantage of the DEPA framework along with enabling data pipelines such as Account Aggregator, among others.
Credits: Krishnan Iyer │ Finezza
Data access and sharing can generate social and economic benefits worth between 0.1% and 1.5% of GDP in the case of public-sector data, and between 1% and 2.5% of GDP when including private-sector data, according to OECD estimates. Today, the digital economy represents 15% of the global world GDP. And it will only grow by leaps and bounds.
The way India debates about pertinent regulations such as data protection needs a paradigm shift. In a situation where you need to change your expectations, your beliefs, or the way you are cognitively framing things, imagination can help. I am counting on the same imagination that brought AI into being to help regulate it too.
While we are on the subject of debates, we have one coming up at FinBox — one that we call FinTechVerse. We will be discussing the agri-fin-tech opportunity and how farm and farmer data could potentially change the way India farms. Click here to register!
I'd like to leave you with a few questions rather than my own assertions.
How can India drive new thinking about data?
Is the right to data portability still a distant dream?
How will cross-border data flow policies shape up?
Has the era of data localisation ended?