India Insights with Suparna Goswami

Digital Identity , Governance & Risk Management , Privacy

New Privacy Issue: The Sale of 'Community Data'

Committee to Study Issues Related to Smart Cities Generating More Data
New Privacy Issue: The Sale of 'Community Data'

The government of India has formed a committee of experts that will recommend policies on who can use the large amount of data generated from "smart city" projects and for what purposes.

See Also: Forrester Report |The Total Economic Impact™ Of Palo Alto Networks Prisma Cloud

The committee, headed by Kris Gopalakrishnan, co-founder Infosys, is expected to draft regulations governing the release and sale of so-called "community data." That's data generated by smart devices, sensors, vehicles and myriad other IoT devices (see: Managing IoT Device Risks).

This is a very timely move by the government, considering that India has just begun its smart city journey, which will generate huge amounts of data. But given the repeated delays in enacting a broad data protection bill, let's hope efforts to address the issue of community data aren't delayed as well.

And keep in mind: Several committees have come up with various recommendations that have never actually been implemented.

But the new committee comprises experienced leaders from various industries, so they're likely to take the important first step of devising meaningful proposals for the handling of community data.

Critical Issue

We all know a huge amount of data gets generated by smart cities, which leverage IoT. The government has clearly stated it's intention of putting this data to use for research purposes or selling it for others to use, such as in support of advertising campaigns.

For example, the Union Ministry of Housing and Urban Affairs recently announced its plans for monetizing a wide range of smart city data from the health, education and financial sectors. The ministry said that the data can be used by advertisers to target customers.

"We will start to do pilots on the data marketplace," says Kunal Kumar, director, Smart Cities Mission, and joint secretary at MoHUA. "For instance, I can see anonymized data on mobility being used by advertisers to put up billboards in areas where people congregate at a particular time of the day. ...These are opportunities in the future. Right now, we are making sure that cities are mature in dealing with data."

Privacy advocates are pushing to make sure a critical issue is addressed: obtaining individuals' consent to use any data that identifies them.

"The question is not about using data - it is about consumer consent," says Sriram Natarajan, president and chief operating officer at Quatrro Processing Services. "There's nothing wrong about the intention to monetize nonpersonal data, but the government has to lay down the operating principles of such monetization and take responsibility for data privacy. Citizen consent is paramount."

Back in July, the Ministry of Transport had informed the Parliament that it has earned around INR 65 crore, or about $9.5 million, by providing restricted access to a database of registered vehicles and drivers to private-sector companies (see: Vehicle Information Is for Sale; Is Privacy at Stake?)

Task for the New Committee

In some cases, personally identifiable information can be included within "community data." So an important initial task for the new committee is to clearly define "community data," also referred to as non-personal data.

Plus the committee needs to determine who owns this data, who has the right to use it and how it can be used. It also needs to clearly define the kind of consent that needs to be taken before using this data.

The committee also should devise a model to ensure that the financial proceeds from monetization of data go directly to the locality where the data was generated.

Ideally, the new committee's work will lead to quick action by the government to enact necessary laws or regulations to ensure citizens' privacy rights are protected. But then such laws or regulations will need to be vigorously enforced. And India's track record on enforcement has been poor.



About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.