Draft On Architecture For Third-Party Access To Data Released

/ Current Affairs
  • Government think-tank Niti Aayog has released the draft of an architecture that could allow third parties access to information across sectors ranging from finance to healthcare, after seeking consent of the user.
  • In the draft of Data Empowerment and Protection Architecture (DEPA), the Aayog has sought feedback from stakeholders by October 1.
  • At the core of the proposed architecture is the institution of a consent management system — which will allow the sharing of the information — with a view to provide better financial, health and telecom-related products and services to individuals and firms.
  • “In a nutshell, DEPA empowers people to seamlessly and securely access their data and share it with third party institutions,” stated the draft report.
  • The framework is expected to become functional for the financial sector “starting fall 2020”, even though it had already been run in July 2019 through a closed user group-launch by major banks.
  • In this sector, the consent managers will be known as Account Aggregators (AA).
  • While it comes in the absence of overarching data protection regulations — the Personal Data Protection Bill is yet to receive final approval — the report claims that
    • There are “domain specific laws” that enable the DEPA framework.
    • For instance, DEPA in the financial sector is built on the foundation of RBI’s Banking Regulation Act and an RBI Master Directive.
  • The first major government department to become a Government Information Provider (GIP) will be Goods and Services Tax (GST);
    • Future departments with data on individuals and MSMEs could adopt the specifications to improve the ease of doing business or create greater data portability of individual education, jobs, or transaction data.
  • DEPA also aimed at enabling better personal financial management services, wealth management, robo advisory, or different types of lending, insurance, and investment use cases and products that we may not be able to foresee today.

       Building blocks of DEPA

       The report argues that three key building blocks are required to “empower individuals with their data”:

  • Enabling regulations
  • Cutting edge technology standards
  • “New types of public and private organisations with incentives closely aligned to those of individuals”.