We have discussed the different data valuation methods which were discussed by the Australian economists Moody and Walsh in our previous post.
The first step in data valuation in an organization starts with creation of the Data Inventory. Then they need to be classified. DGPSI discusses extensively how a centralized personal data inventory can be created and the classifications that are required for DPDPA Compliance.
For the purpose of Data Valuation, we still need the inventory of data but the classification system has to follow a different pattern.
Firstly Data Valuation for an organization needs to cover both the Non personal Data and the Personal Data. Currently Non Personal Data is classified on the basis of Information Security requirements and Personal Data on the basis of the data protection laws.
The “Value perspective” for both Non personal data and personal data is different.
As regards the personal data, DVSI outlines the method of adding depth, age and sensitivity weightages to the intrinsic value of the personal data set.
In the case of Non personal data there are data related to finance, marketing, administration, production and Governance. Some marketing data such as market reports and surveys may be bought or subscribed. There are specific costs associated with them which can be traced.
The weighted value additions are however a matter of expert views based on the knowledge of how data impacts the business.
In the case of public sector organizations, or NGOs, not all data usage can eb traced to profit making. There is a “Social Cost Benefit” associated with the activities of the organization. Capturing the creation of such value to the society as the value of the output data is a challenge.
The cost based method therefore becomes the method which can be used by most organizations since there is no need for social cost benefit. However, “Revaluation” based costing can be done in some cases to correct the cost based estimates.
Once the method for finding out the intrinsic cost is finalized with or without the refinements such as adding weights for different factors, the organization can value the data assets as on the date of the balance sheet and also monitor its movement at periodical intervals.
As a framework however, there would be a need for a Governance structure with a “Data Valuation Committee” supported by a “Data Valuation Officer” taking the responsibility for making appropriate policies and implementing them.
When DGPSI is used as the framework, the Data Valuation and Data Monetization are to be supported by appropriate policies along with the clearance of the consent, legitimate use or exemption.
While taking a consent, for Data Monetization, it is considered necessary for the organization to take a special consent which may be properly authenticated and preferably witnessed by a third party with a declaration such as
“The data principal confirms that he/she understands that this consent covers monetization of the personal data and has provided a free consent for the same. The consent is witnessed by …………………, who confirms that the nature of this consent has been explained to the data principal and he has understood it before agreeing to provide the consent.”
This is the beginning of the data valuation era in India and the suggestions contained here in will be refined as required.
At present, Naavi’s Ujvala Consultants Pvt Ltd is open to accepting Data Valuation projects and interested entities may contact Naavi for details.
Naavi
