Data Driven Public Private partnerships

Whenever we think of Public Private Partnership (PPP) projects, the immediate recall are the infrastructure projects like the Roads where there is a large investment requirements for public benefit, but the skills and resources are to be contributed by the private sector.

These road projects generate huge amount of data through the tolls. Similarly CCTV projects for traffic management or public health management projects also generate enormous amount of data as part of the project.

Considering that “Data” has a large financial value, it should be one of the key parameters in planning and executing such projects and we are doubtful if it is being given the due attention at present.

In addition to the traditional PPP projects where “Data” of substantial value is generated as a fall out of the project, there are certain projects where “Data” is the “Primary Project Asset”.

One example I can recall is the financial data of Banks and Credit card companies which is a valuable data asset from which huge revenue is generated by private data processing companies including the VISA and Master Cards.

If these Banks are “Public Sector” Banks or Government entities, there is a legitimate concern that the data asset used or generated in the project is a sovereign asset and are being given away to private use.

This kind of data requires to be not only protected and stored locally but we need to ensure that the commercial benefits arising out of the data ownership remains with the Indian Public entity at all times.

In most of the Data Driven PPP projects, the role of the Government could be to invoke the exemptions available under law to collect and process citizen’s data which is not available to the private entity while the skills can be brought in as a contribution of the private sector.

In this context, “Data Governance” becomes an important element of PPP projects that need to be factored in every PPP project. While this is more easily recognized in the citizen centric projects where there is large personal data generation, it is also important to remember that “Non Personal Data” collected during sensitive projects such as Airports or Railways etc are also important from national security point of view.

One example of what happens when “Data Governance” is neglected is the way 500+million data of Indian Banking customers effectively changed hands from Indian Banks to Transunion, a private US based company with the take over of CIBIL by TransUnion.

The unfortunate part of the transfer of nearly 90% shares of CIBIL to TransUnion was that all our Public Sector Banks and the RBI (Then under Mr Raghuram Rajan) did not make it transparent on the value of consideration they obtained for the transfer of shares to TransUnion.

This was a fraud on the shareholders of these Banks. Even SEBI which should have been alert to such share transfer remained silent. The Government of India which should have considered this as a “Data Laundering” incident similar to “Money Laundering” chose to remain silent and continues to do so even to this day. The Supreme Court which pokes its nose in every administrative aspect of the Government did not take any suo moto recognition of the transfer of 50 crore plus data sets containing sensitive financial information each of which could be valued at around rs 1000/- in the dark web without proper transparency.

I am also reminded of another project where Mysore university wanted Google to undertake a digitization project of its library unmindful of the value of information that was being transferred to Google from all the ancient texts which were being scanned. I am not sure if the project went through.

The failure of “Data Governance” in PPP projects therefore will be a factor that all of us should remember could lead to valuable Indian assets being plundered by private sector of foreign origin.

Hopefully the Government of the day incorporates a “Data Governance Audit” as a mandatory aspect of clearance of all Data Driven Governance Projects.


About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

1 Response to Data Driven Public Private partnerships

  1. Ds says:

    Data-driven insights can inform better project selection, risk assessment, resource allocation, and performance monitoring, leading to more efficient and effective public services. DDPPPs can incentivize private sector innovation and unlock new technologies that improve service delivery and reduce costs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.