Regulation of Non Personal Data.. Recommendations of the Kris Gopalakrishna Committee-8

(This is a continuation of the previous article)

Technology Architecture

The Kris Gopalakrishna Committee (KGC) has also added key guiding principles on technology that can be used for creating and functioning of shared data directories, data bases and for digital implementation of rules and regulations related to data sharing briefly indicated below.

Mechanisms for Accessing data

All sharable Non-Personal Data and datasets created or maintained should have a REST (Representational State Transfer) API for accessing the data.

Data sandboxes can be created where experiments can be run, algorithms can be deployed and only output being shared, without sharing the data.

Distributed for Data Security

data storage in a distributed format so that there is no single point of leakage; sharing to be undertaken using APIs only, such that all requests can be tracked and logged; all requests for data must be operated after registering with the company for data access etc.

Even when data is stored in a distributed or federated form, as appropriate, there could be coordinated management of them like would be required for data trusts and data infrastructures for important Non-Personal Data in different sectors.

Creating a standardized data exchange approach for data collation and exchange.

Prevent de-anonymization by using the best of the breed differential privacy algorithm.

A system architecture to enable the implementation of the guidelines has also been provided by the Committee.

(To be continued)

Naavi

 

Print Friendly, PDF & Email

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.