draft-of-data-empowerment-and-protection-architecture-depa-pib

Context: NITI Aayog has released the draft of an architecture that could allow third parties access to information across sectors ranging from finance to healthcare, after seeking consent of the user.

Analysis

  • In a nutshell, DEPA empowers people to seamlessly and securely access their data and share it with third party institutions.
  • For example, if portability and control of data could allow an MSME owner to digitally share proof of the business’ regular historic tax (GST) payments or receivables invoices easily, a bank (third party) could design and offer regular small ticket working capital loans based on demonstrated ability to repay (known as Flow based lending) rather than only offering bank loans backed by assets or collateral.
  • The draft paper further said that opening up an Application Programming Interfaces (APIs) based data sharing framework would bring significant innovation by new fintech entities.
  • APIs enable seamless encrypted data flow between data providers and data users through a consent manager, it added. 
  • It noted that DEPA is predicated on the notion that individuals should have control over how their personal data is used and shared. 
  • Orchestrating a paradigm shift to empower individuals with their data requires three key building blocks: enabling regulations, cutting edge technology standards, and new types of public and private organisations with incentives closely aligned to those of individuals. DEPA seeks to provide a foundation for all three in India. 
  • DEPA is going live in the financial sector in 2020 under the joint leadership of the Ministry of Finance, RBI, PFRDA, IRDAI, and SEBI. 
  • It will be followed by health sector and telecom sector.
  • The first major government department to become a Government Information Provider (GIP) will be GST.