Independent authority should verify requests for de-anonymisation of data: BK Syngal

De-anonymisation of data should only be permitted in the circumstance where national security or sovereignty is at risk but the validating of such requests must be done by an independent authority, according to BK Syngal, former Chairman, VSNL

“Provision for de-anonymisation of data should only be permitted in the circumstance where the national security or sovereignty is at any risk. This examination must be done by an independent and empowered authority who would verify the data, when to be shared, with whom to be shared and why to be shared under the aegis of national security and sovereignty,” Syngal said in his submission to Kris Gopalakrishnan, Chairman of the Committee of Experts looking into non-personal data regulations.

‘Government working on strong legal frameworks for data handling’

‘Inherent contradiction’

Commenting about the Committee’s framework for sharing of non-personal data, Syngal said, “While the principle of mandatory data sharing may be workable for some businesses in India, however, for a number of business entities such a mandatory obligation may be difficult to comply with since, as a part of their business processes, they would have the right to handle data only on behalf of their customers, and may also be prohibited from accessing data unless expressly agreed to do so. Thus, legally, such entities may not have the right to share data, since sharing of data would be subject to security and privacy risks.”

“The purpose stated in the Report for mandatory sharing of data at the outset appears to be very wide and may essentially lead to the inference that all data held by a company falls within the scope of mandatory sharing obligations. Further, there appears to be an inherent contradiction between the Report and the basic premise of competition law that data should not be shared with competitors and in turn protecting consumers and not competitors. Sharing of resources (Non-Personal Data) between companies could restrict incentives to invest, innovate and compete thereby reducing the quality of products and services available to consumers,” Syngal added.

In the present version of the draft report submitted by the Expert Committee, the role of the Non-Personal Data Authority (NPDA) is subject to regulatory confusion as at least four regulators are set to be incubated for the digital ecosystem — including the proposed NPDA, Data Protection Authority, an ECommerce Regulator and the Central Consumer Protection Authority, he said.

COMMENT NOW

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.

Independent authority should verify requests for de-anonymisation of data: BK Syngal

Data must be shared only when national security or sovereignty is at risk

‘Inherent contradiction’

Latest from Info-tech

Tata in talks to buy Pegatron’s iPhone operations as soon as May

TikTok divest-or-ban bill expected to become US Law within days

Elon Musk’s India trip may see breakthroughs for Starlink, Tesla

For the first time in a decade, top 3 IT services firm see dip in headcount

Wipro records 8% YoY profit decline at ₹2,835 crore in Q4 on weak demand

You might also like

You might also like

Comments