Tech Ticker Issue 41: November 2022

“I just feel like the whole session was rushed…. there was no back lighting, or emotional direction”

That’s television’s David Rose (from Schitt’s Creek), on not being able to choose the picture on his driver’s license. Rushed and inadequate is also what some people have called the new digital personal data protection bill. But is it all that bad?

In this edition, we explore what India’s proposed new data protection law is all about, the central government’s attempt to regulate TV channels, and some quick bites on satcom, fake reviews, artificial intelligence and online gaming.

Let’s begin!

#IkigaiDataBytes

Quick recap- the journey from 99 to 30 clauses: On a seemingly uneventful Friday in November, the IT ministry released the draft Digital Personal Data Protection Bill, 2022. Comments can be sent by 17 December.

The bill applies only to ‘digitized’ personal data and omits non-personal data. It introduces new concepts like voluntary undertaking, and a data protection board. It drops contentious issues that had found a place in earlier iterations, including algorithmic transparency, social media regulation, hardware certification and others. The bill is as simple as it is ambiguous. Read our analysis– here.

Breaking the bad and the good:  The bill doesn’t explicitly mention local data storage or mirroring requirements. But the transfer of data outside India is only allowed to countries that the central government notifies. Unlike the earlier version, this restriction extends to all personal data – and not just sensitive or critical data.  The central government’s powers include being able to prescribe who a significant data fiduciary is (must comply with heightened obligations), how the data protection board will function, who will be exempted from the bill, and other things. Like the recently released cybersecurity directions, the bill mandates entities to report all data breaches to the board and customers – with no risk threshold in place. The bill no longer calls for criminal sanctions. However, the board can levy penalties as high as INR 500 crore in cases of ‘significant non-compliance’. The bill does introduce business-friendly provisions such as deemed consent and voluntary undertakings. Deemed consent applies to situations where businesses can presume that individuals have given consent. Interestingly, the bill also introduces duties for end users!

Expert view: Our in-house Ikigai- data experts have been breaking-down the bill (think data! think Ikigai!). Nehaa shared with the Indian Express that the government exemptions under the bill are vague, and the regulator could use more independence. Speaking with Entrackr, Sreenidhi said that compliance costs for startups are likely to be lower. Vijayant spoke with Money Control and said that the bill may ease compliance burden, but ambiguity in the draft gives government more powers. To Inc42, Vijayant highlighted the dilution of role of the data authority contemplated in previous versions. And to Medianama, he expressed concerns around the wide exemptions in the bill – which leave it unclear if any enforcement action—especially one seeking high penalties—would be taken against government bodies. And here’s a cheat-sheet on the impact of the bill our team put together – Nehaa and Sreenidhi for the Times of India and Vijayant and Rutuja for the Mint.

Will it reach the Parliament soon? The bill is expected to reach the Parliament in the 2023 budget session (Feb-April) – in line with the IT minister’s statements. More likely in the second half of the session, as that is when most legislative matters are picked up. However, it may eventually be referred to the standing committee on IT.

Are you happy with what you see on your TV?

PSA: Recently, the information and broadcasting ministry directed TV channels to air at least 30 minutes of ‘national importance or socially relevant’ content. This includes content on agriculture, rural development, health and family welfare, among others.  The guidelines are a part of broader guidelines for uplinking and downlinking of satellite TV channels. They apply to only Indian channels (except sports channels).

But, why? The government says that airwaves and frequencies are public property and must be used in the best interest of the public. While a public service broadcast may serve as a tool to educate the public. The larger question is -what does national interest and public importance really mean? While the government has its view on that, citizens may have a different one. The next government may have an even different one. The guidelines leave out questions around consequences of non-compliance. But the government is meeting with industry players like NDTV and Zee to figure out how best to execute this. Public service broadcasting has worked out for countries like the UK. But it will be interesting to see how this pans out for India, given the diversity and quantum of viewers.

In case you missed it!

1. Fake reviews, no more? Recently, the consumer affairs ministry launched a framework to regulate fake and deceptive reviews online. The standards will apply to any entity that publishes consumer reviews online. This includes e-commerce platforms, or platforms offering tour and travel services, restaurants, eateries and consumer durables, among others. The intent of the standards is to ensure that online reviews are legitimate, accurate and not misleading. These standards will be voluntary to begin with – and will be made mandatory if the growth of fake reviews continues.
2. Is it almost time to auction? Reports suggest that the telecom department is planning to decide in favour of auctioning satcom spectrum, instead of an administrative process.  The Telecom Regulatory Authority of India will soon release its recommendations on the mode of auction of satcom spectrum. However, reports also suggest that TRAI is likely to take at least 2 months to come up with an auction mechanism -given the absence of international precedents. Separately, TRAI published its recommendations on licensing framework for establishing and operating satellite earth station gateways. And recommends the creation of a separate license for such entities (outside the existing Unified Licensing framework).
3. More tax on the cards for online gaming?  A panel of state finance ministers, is expected to recommend a uniform GST tax rate of 28% on online gaming. This will be levied on all online games – regardless of whether it is a game of skill or chance. Currently, online gaming is taxed at 18% GST on gross gaming revenue. The panel is also expected to recommend a new formula for GST calculation.
4. #AIforAll. The NITI Aayog has released the ‘Responsible AI for All: Adopting the Framework – A use case approach on Facial Recognition Technology’. The paper uses the civil aviation ministry’s ‘Digi Yatra Programme’ as a case study to identify risks and mitigation strategies of using facial recognition technology.  The recommendations are based on the responsible AI principles from the NITI Aayog’s earlier #AIforAll papers, the Supreme Court’s test- to determine legality; justifiability; and accountability, and the evolving data protection regulatory landscape in India. It also captures international approaches to FRT regulation.

🎯On our radar – interesting reads from around the world
Short form video content has conquered the internet. Here’s what that means for censorship and moderation.
You must be lost. These famous places don’t actually exist.
WeApologize. WeChat users are handwriting apologies to get themselves unbanned.