Data regulation is undergoing a significant revolution

Synopsis: Technology businesses are most effectively regulated through a judicious mix of law and technology. To regulating technology, we cannot have one without the other.


At a high-level ministerial meeting recently, seven countries came together to endorse a techno-legal approach to data regulation.

The participating delegates committed to exploring how technical frameworks such as Data Empowerment and Protection Architecture (DEPA) could be incorporated into the EU’s Data Act and Australia’s Consumer Data Rights policy to enable more effective outcomes.

Must Read: Positives and inadequacies of DEPA
How a revolution is going on in data regulation?

Data sovereignty: A number of countries have been looking to extend their existing data protection frameworks to ensure that users have more effective control over their data.

Free flow of data: In Australia, Consumer Data Right, is shaping up. It will allow consumers in Australia to require any business with which they have a commercial relationship to transfer that data to any other business of their choice.

The European Union (EU) has begun to put in place a series of legislative proposals that allow users more efficiently transfer data from one data business to another.

Data Governance: The EU’s proposed Data Act is intended to implement measures that will create a fairer data economy by ensuring better access to and use of data.

The EU has also drafted a Data Governance Act, which when enacted will govern the data exchanges and platforms that will form the infrastructure through which data holders will be connected to data users.

What do these initiatives imply?

Efficient utilization of data: The range of regulatory initiatives of different countries seems to suggest that it is not enough to protect data if you cannot also ensure that this data is effectively utilized either for the benefit of the person to whom it pertains or society as a whole.

Need of tech-based regulations: laws and regulation simply cannot keep pace with changes in technology. If the only weapon we are using to regulate technology is the law, we will be doomed.

What is India’s approach on data regulation?

DEPA: It is being implemented sector-wise through a set of open, interoperable protocols. This framework, better known as the Data Empowerment and Protection Architecture (DEPA).

Technology-based solution: allowing users to transfer their data from data businesses that currently hold them to those that want to use them. For example, Account Aggregator framework.

However, India still does not have a data protection regulation and implementing a technological solution for data transfers in the absence of a legal framework could bring problems.

Source: This post is based on the article “Data regulation is undergoing a significant revolution” published in Livemint on 7th September 2021.

Print Friendly and PDF