Non Personal Data Regulatory Authority
One of the key recommendations of the Kris Gopalakrishna Committee (KGC) that has been presently highlighted by the media reports is the recommendation to set up a separate regulator namely “Non-Personal Data Regulatory Authority” (NPDRA).
The NPDRA will be different from the DPA under the PDPA and while the DPA is more oriented towards “Securing Personal Data for the protection of Privacy of individuals”, the NPDRA will be focussing on how to harness the Non Personal Data for national benefit.
Hence the kind of persons who manage this authority has to be more “Progress oriented” than “Caution oriented”. They need to be more “Technology Oriented” than “Legal Oriented”.
The regulator should be able to effectively implement the measures to register and regulate Non Personal Data Fiduciaries, Processors, Data Trustees, Data Trusts etc. It will have to work in harmony with other regulators like DPA and CCI as well as the sectoral regulators. It will have both the “Enabling role” and the “Enforcement Role”.
As expected the NPDRA will be a body of persons with members with relevant industry experience.
(To Be Continued)