Reconciling the Non-Personal Data Framework with Database Protection in India - Part I

About the author: Muskan Tibrewala is a 5th year law student at Jindal Global Law School. Their research interests are technology law, digital constitutionalism and queer theory. Pavan Kalyan is a 4th year law student at Jindal Global Law School. His research interests are technology law, international trade law and dispute resolution.

The Ministry of Electronics and Information Technology on July 12, 2020 released recommendations on regulation of non-personal data (“NPD Framework” or “Recommendations”). The draft report released by the Committee Experts on Non-Personal Data Governance Framework, (“Committee”) suggests a separate legislation for the management of non-personal data. Non-personal data, as distinguished from personal data is data that is not related to an identified or identifiable natural person or is personal data that has been anonymized. The draft report creates three classes of data upon which different rights and obligations will subsist. These include:

  1. Public Non-Personal Data- data collected or generated by the governments

  2. Private Non-Personal Data – collected or produced by private persons and entities

  3. Community Non-Personal Data – data about any group of people that have common interests or identities (Chapter 4)