In news– India’s G-20 presidency has provided an opportunity for the country to showcase its advancements in the digital arena, particularly with regards to data infrastructures and data governance.
What is Data Empowerment and Protection Architecture(DEPA)?
- The NITI Aayog, in August 2020, had released a draft framework on DEPA.
- It is aimed at empowering people to have a seamless and secure access to their data and share it with third party institutions.
- It proposes creation of a new form of Consent Manager Institution which would ensure that individuals can provide consent for every piece of data shared and would work for protection of data rights.
- DEPA is aimed at replacing the current mechanism for data access and sharing mechanism which involves bulk printout notarization and physical submission, screen scraping, username/password sharing etc.
- It is a joint public-private effort for an improved data governance approach.
- It creates a digital framework that allows users to share their data on their own terms through a third-party entity, Consent Mangers.
- It went live in the financial sector in 2020 under the joint leadership of the Ministry of Finance, the Reserve Bank of India (RBI), Pension Fund Regulatory and Development Authority (PFRDA), Insurance Regulatory and Development Authority (IRDAI), and Securities and Exchange Board of India (SEBI).
- DEPA is being tested in the health sector, as well as others.
- ‘Aadhar’ and Unified Payments Interface (UPI) services, both part of IndiaStack, are primary examples of Application Programming Interface (API)-based products that in the past few years have revolutionised user authentication and real-time digital payments, respectively, in India.
- In this series, Data Empowerment and Protection Architecture (DEPA) is being seen as the next techno-legal solution that will empower users by giving them control over their data, allowing them seamless sharing and therefore inducing competition and enabling new services.
DEPA and related concerns-
- The launch of India’s DEPA, a consent management tool, has generated both excitement and concern among stakeholders.
- On the one hand, DEPA has the potential to improve data protection and privacy for citizens by giving them greater control over the use and sharing of their personal information.
- By allowing individuals to easily manage and control their data consents, DEPA could help to build trust in digital technologies and data governance.
- However, there are also risks associated with DEPA, particularly in terms of security and privacy.
- If the consent management tool is not properly implemented or managed, there is a risk that personal information could be misused or misappropriated.
Source: The Hindu
