Internet Democracy Project

In earlier research, Kovacs and I (2020) identified six feminist principles to strengthen consent in data governance. An examination of the account aggregator (AA) ecosystem against these principles makes clear that the AA framework is a positive step towards addressing some of the key concerns regarding current consent regimes, for example where auditability and granularity are concerned. However, to fully meet the minimum requirements necessary to ensure meaningful consent, further modifications will be needed. In particular, it appears that the focus of the ecosystem currently is on ensuring that AAs are robust, but that it fails to address challenges relating to other stakeholders in the ecosystem.   More

Data protection policy frameworks in India, such as the National Digital Health Mission ecosystem, are incentivising the datafication of health by considering health data to be a commodity. However, in the age of big data, when health data is viewed as a disembodied resource, access to people’s health data becomes a form of power, giving those with such access the unparalleled and unprecedented power to influence the governance of people’s bodies and lives. This policy brief recognises the interconnections between our bodies and data from within a feminist framework, and through this alternative framework, proposes recommendations to safeguard patient rights from threats arising from the datafication of health. This policy brief was first published by the Data Governance Network.   More

Consent continues to be a crucial element of data protection regimes around the world. However, as a tool to promote and protect individuals’ autonomy, it has been diagnosed with numerable weaknesses. While there have been suggestions that it is therefore time to move away from consent altogether, we propose a different approach. Data protection regimes first need to reconceptualise the nature of data, by recognising the need to centre bodies in debates on data governance. Once the entanglement between bodies and data has been acknowledged, data governance regimes can, then, adopt feminist principles of consent that build on insights developed in numerous offline contexts and which allow us to imagine data relations that enable people to actually move closer to the ideal of meaningful consent. This policy brief was first published by the Data Governance Network.   More

Surveillance is increasing control over bodies of individuals, and the framework of data as a resource is facilitating this control, as illustrated here through the case of COVID-19 in India. Data governance frameworks view data as a disembodied resource, erasing its connections with people’s bodies and making surveillance seem innocuous. A feminist bodies-as-data approach enables embodied harms of surveillance to be pinpointed, and recommendations to be made to alleviate them. Drawing upon research of lived experiences of marginalised communities whose voices are often left out in data protection discourse, this policy brief proposes recommendations preserving not just data privacy, but bodily integrity, autonomy, and dignity of individuals. This policy brief was first published by the Data Governance Network.   More

The concept of sovereignty has come to frame a number of data governance proposals by the Indian government. To understand the scope, import and consequences of these reassertions of sovereignty, it is, however, important to unpack the nature of the claims that have been put forward. In particular, to what extent do these promote the exercise of autonomy and choice by the Indian people? In order to benefit the people of India, assertions of sovereignty in the face of data colonialism will need to take into account that data is not merely a resource ​“out there”, but increasingly functions as an extension of our bodies. As this analysis will show, current conceptualisations of data sovereignty fail to do so; for now, they therefore merely entail a transfer of power to domestic elites while doing little to return sovereignty to the people of India. This policy brief was first published by the Data Governance Network.   More

The Ministry of Electronics and Information Technology has invited public comments in its consultation on the Non-Personal Data Governance Framework Report. The report has been drafted by a committee of experts under the chairmanship of K. Gopalakrishnan. The committee prescribes for a framework to govern non personal data. It categorises non personal data into various categories and suggests mechanisms to reap maximum economic value from non personal data. On 13 September, the Internet Democracy Project made a submission to the consultation, highlighting fundamental concerns as well as making additional comments on ​‘non personal data’ and some other concepts discussed in the report.   More

On 2 June 2020, the Ministry of Civil Aviation invited public comments for consultation on the draft Unmanned Aircraft System Rules, 2020, or in short the draft Drone Rules. On 3 July 2020, the Internet Democracy Project made a submission and recommendations to the consultation, to address the privacy, freedom of speech and discrimination concerns arising from the Rules, 2020, so that this technology can be used to benefit the society. You can read our full submission below.    More

The Ministry of Electronics and Information Technology invited public comments for consultation on the National Open Digital Ecosystems (NODE), White Paper. The paper proposes for a paradigm shift from earlier approaches to digital governance. It aims to build a citizen centric, interoperable and open digital ecosystem, in order to do that it presents certain principles and use cases. On 31 May, the Internet Democracy Project made a submission into the consultation, highlighting fundamental concerns as well as making additional comments on the NODE guiding principles against the backdrop of these concerns.    More

In a public consultation, the Joint Parliamentary Committee has sought comments on the Personal Data Protection Bill 2019. The Internet Democracy Project submitted its inputs on 25 February. We highlighted how the Bill has skewed the fiduciary relationship between the data fiduciary and data principal by favouring the data fiduciaries in several ways, thereby leaving data principals vulnerable to a range of privacy harms. You can read the full submission below.    More

The Department for Promotion of Industry and Internal Trade released a draft national e‑commerce policy and invited public comments. The Internet Democracy Project submitted comments highlighting why the policy is dangerous in its framing of data as a resource to extract for national development.    More