Around 18 months ago, a few organisations came together to discuss the state of privacy in India. There were heated debates around online privacy, Aadhaar, the growing power of platforms etc in India, but not enough evidence-based research around this topic. There was very little multi-stakeholder dialogue across industry, academia, government and civil society and significant lack of capacity in the ecosystem when it came to protecting privacy.

Approximately at the same time, the Supreme Court declared privacy to be a fundamental right, the Srikrishna Committee drafted a Personal Data Protection Bill that is now with the Indian Parliament, iSPIRT and Nandan Nilekani launched the Data Empowerment and Protection Architecture (DEPA), smartphones and mobile internet usage was booming, and an explosion in data was well under way.

Given these significant movements in India's digital landscape, we felt that it would be valuable to set up a group that will convene on a regular basis and present working papers on complex issues like privacy, the economic value of data, regulating big tech, etc, with the goal of informing public policy. The working title for this group was the India Privacy Network and the initial idea was that this group will be set up as a network of research institutions that meet every three months and present working papers on this quarterly cadence. We also felt that this had to be a multi-disciplinary research network that involves computer scientists, economists, anthropologists, lawyers, ethicists, UI/UX experts and other disciplines.

The Omidyar Network expressed interest in funding this network and the IDFC Institute agreed to participate in the dual capacity of the secretariat as well as a research node. As we discussed operationalising this network, we realised that privacy is a part of a complex set of choices that cannot be investigated in isolation. We felt that framing the network as “India Privacy Network” focuses on the harms and excludes the positive use cases of data.

During this time, the Data Empowerment narrative from Nandan Nilekani and iSPIRT was gathering steam, and someone suggested calling this network the Data Empowerment Network. The idea of putting users in control of their data was a significant contribution to the discourse around data, and one of the few original ideas to emerge out of India in a very long time. However, we felt that framing the network as the “Data Empowerment Network” would swing the focus to the other extreme, around positive uses of data.

While both perspectives are valid, we felt that policy making is the art of balancing the needs of multiple stakeholders, and crafting policies that advance the larger public good. Thus, the ultimate test of good public policy around data would be, “Does it maximise the value of data for individuals and society, while minimising privacy harms?” This requires understanding the data ecosystem at a fundamental level, and crafting balanced public policy suggestions. We therefore decided to position ourselves at the fulcrum of privacy and Data Empowerment, and to name this initiative, the Data Governance Network.

The next step was to figure out what kind of institutions should be a part of the Data Governance Network. Our long-term goal is to build capacity in the area of data governance and public policy. We therefore evaluated several Indian think-tanks to assess their existing work in the area of data governance, the impact they have had on public policy, their existing work in data governance and the unique conceptual insights that they bring to this field. To build capacity, we decided that we should provide enough resources to the selected organizations to fund a couple of researchers over a two year period. Realistically, this meant that we had the budget to fund three organisations across India and we finally selected the National Institute of Public Finance and Policy (NIPFP), IT for Change (ITfC) and the Internet Democracy Project (IDP) with ourselves (IDFC Institute) as the fourth research node.

NIPFP has been set up as an independent think-tank under the Finance Ministry and their team has worked on many regulatory and policy issues. IT for Change looks at technology from a human rights perspective, and has vast experience in Internet Governance and other global policy issues. Recently, the Ministry of Electronics and IT (MeitY) set up a Data Governance Committee with Parminder Jeet Singh, the co-founder of ITfC as one of the members. IDP brings an anthropological and feminist perspective to the world of data. Their work around conceptualising data as an extension of the human body is an interesting alternative to the technocratic view of data as an abstract artefact to be mined and exploited. IDP’s founder, Anja Kovacs recently presented this work to the UN Special Rapporteur’s consultation on Gender and Privacy. IDFC Institute works on enhancing state capacity and brings an economic and legal perspective to data governance. We have presented our views on Public Digital Platforms at Transform Africa, UN Future State, the Nigerian Digital Economy Summit and other global events.

As a collective of think-tanks, we aim to do the kind of long-range thinking that is sorely lacking in this era of digital short-termism. While Silicon Valley firms may proudly say that their motto is to “Move Fast and Break Things,” our motto is the opposite, “Move Thoughtfully and Fix Things.” We also aim to bring balanced, well researched perspectives to a subject that has seen many shrill and polarised debates. In that spirit, we will be presenting to you a series of working papers over the next 16 months, and building a substantial body of knowledge around data governance. We look forward to your comments, criticisms and suggestions as we journey into this new frontier of data governance.

Venkatesh Hariharan is Senior Fellow, IDFC Institute, and a member of the Data Governance Network.



