The Energy Conservation (Amendment) Bill, 2022 – A Retort to Increasing Emissions

On August 9, 2022, the Energy Conservation (Amendment) Bill, 2022 (the “Bill”) passed the muster of the Lok Sabha (lower house of the Indian Parliament). The Government of India had identified new areas to achieve higher levels of penetration of Renewable energy and the bill sought to enhance demand for renewable energy at the end- use sectors such as Industry, buildings, transport etc.

What demanded the introduction of the Bill?

Decarbonization. The Bill, which amends the Energy Conservation Act, 2001 (the “Act”), introduces a series of modifications that opens the door for sustainable development. According to Bill’s statement of objects and reasons, it aims to, among other things, promote the use of green fuels and the growing renewable energy sector, ensure industrial energy efficiency, and establish a domestic “carbon market”, and carbon trading scheme to fulfil the commitments made by India at COP-26 (Conference of Parties -26) in Glasgow in 2021.

 

What are the major changes proposed in the Bill?

 

The Penalty


To enhance the effectiveness of the law and create stronger deterrence, the bill introduced stricter enforcement mechanisms. The changes include new penalties and aggravation of existing penalties for violations of certain provisions relating to the efficient use of energy and its conservation[1], use of deceptive names (introduced in the Bill)[2], and provision of information[3].

A new penalty introduced, for instance, is that if a vehicle manufacturer fails to comply with fuel consumption standards, he will be liable to pay an additional penalty (in addition to the penalties he is liable to under the Act) per unit of vehicles sold in the corresponding year, as follows:

  • twenty-five thousand rupees per vehicle for non-compliance with norms up to 0.2 litres per 100 km.
  • fifty thousand rupees per vehicle for non-compliance with norms above 0.2 litres per 100 km.[4]


Carbon Credit Trading


The Bill seeks to reduce carbon emissions by creating a carbon credit trading scheme. The Central Government is empowered under Section 14AA of the Bill to specify such a scheme.

Interestingly, the Act has enumerated a scheme through which energy savings certificates are issued by the Central Government to those plants or industrial units whose energy consumption is less than the prescribed norms and standards. Units that are unable to comply with the set energy consumption norms are entitled to purchase the energy savings certificate to ensure compliance. The industrial units that fail to meet the energy savings targets even after purchasing the energy saving certificates are liable to be punished with a fine as per the provisions of the Act.

To understand how a carbon credit trading scheme would aid in reducing emissions, we must understand what a carbon credit trading scheme is. A carbon credit is a certificate/permit that gives its holder the right to emit a certain amount (usually a tonne) of carbon dioxide. Based on historical emissions, carbon credits are provided to an organisation in a particular sector. If the organisation goes over its allocated amount of carbon credits, then it would have to purchase more credits from the carbon market, where carbon credits are bought and sold. And the price of the carbon credit is determined by the market forces of supply and demand. Additional factors that influence the pricing of carbon credits include regulations established by the government, international climate change protocols, emission trading schemes, and a carbon tax. This scheme or system of buying and selling carbon credits is, in simplistic terms, a carbon trading scheme. Hence, the carbon trading scheme aims to reduce carbon/greenhouse gas emissions by assigning a financial cost for causing pollution. This implies that for such units, carbon emissions will now be equivalent to any other capital investment like raw materials or labour.


Expanding, Enlarging, and Empowering


  1. Vehicles and Vessels– The Act, under Section 14, empowers the Central Government to set standards to enable efficient use of energy and its conservation for any equipment, appliance that consumes, generates, transmits, or supplies energy. The Bill seeks to include vehicles (as defined under the Motor Vehicles Act) and vessels into the scope of Section 14. Corresponding provisions for penalties have also been included in the Bill for violations of the provisions of the Act.
  1. Buildings- Under the Act, the Central Government and the Bureau of Energy Efficiency have the authority to lay down energy conservation standards for buildings, ascertained in terms of area. The Bill seeks to amend the provision to the effect that, now, the Bureau and the government shall set energy conservation and sustainable building codes, that shall elaborate upon standards for energy efficiency and conservation, use of renewable energy, and other requirements for green buildings.
  1. Residential Buildings– The energy conservation code in the Act has only been made applicable to commercial buildings. The Bill seeks to include residential buildings along with commercial buildings under the scope of the Code. As per the amended provision of the Bill, the State Governments have also been empowered to lower the load threshold. By bringing residential buildings under the scope of the energy conservation code, the responsibility for ensuring mindful energy consumption would effectively fall on citizens as well as industries.
  1. Composition of BEE Governing Council– The governing council of the Bureau of Energy Efficiency (BEE) created under the Act has twenty, not exceeding twenty-six members, which is intended to be expanded to thirty-one, but not exceeding thirty-seven members by the Bill. This expansion is likely intended to improve bureaucratic efficiency in the administration and enforcement of the provisions of the Act.
  2. State Electricity Regulatory Commission– The Act empowers the Bureau of Energy Efficiency to make regulations as necessitated, with the approval of the Central Government[5]. The Bill also envisages empowering the State Commission to make regulations for discharging its functions under this Act[6].


Concluding Thoughts


The amendments that are envisioned under the Bill are strides in the right direction for enabling better regulation of carbon emissions and promoting the objective of sustainable development by encouraging a switch from fossil fuels to renewable energy sources. While the carbon trading scheme under the Bill has the right intentions, it is still lacking in clarifications pertaining to the market structure and incentive scheme for facilitating carbon trading in the country.

As with any other law, strict enforcement and alignment of all the relevant stakeholders contingent on the success of proposed policies under the Bill would be key in ensuring that India achieves its goals towards facilitating a steady shift from fossil fuels to promotion of new and renewable energy (wind, solar, etc.), accomplishes milestones contemplated in the National Green Hydrogen Mission, and actualizes its vision to meet 50 per cent of its energy requirements from renewable sources by 2030, as envisaged under the ‘Panchamrit’ strategy announced at the COP 26 conference in Glasgow.  

References:

[1] Section 14 clause (c) or clause (d) or clause (h) or clause (i) or clause (k) or clause (l) or clauses (n) and (x); and Section 15 clause (b) or clause (c) or clause (h) of the Act.

[2] Sub-section (1) of Section 13A of the Bill.

[3] Section 52 of the Act.

[4] Second proviso to Section 26 (2) of the Bill.

[5] Section 58 of the Act.

[6] Section 13 of the Bill.

Image Credits: Photo by catazul from Pixabay 

The amendments that are envisioned under the Bill are strides in the right direction for enabling better regulation of carbon emissions and promoting the objective of sustainable development by encouraging a switch from fossil fuels to renewable energy sources. While the carbon trading scheme under the Bill has the right intentions, it is still lacking in clarifications pertaining to the market structure and incentive scheme for facilitating carbon trading in the country.

POST A COMMENT

The Indian Telecommunication Bill, 2022: An Au Courant Approach

Telegraph was first introduced in India in the year 1851 and telephone exchanges were set up in the early 1880s. The Indian Telegraph Act, 1885; the Indian Wireless Telegraphy Act, 1933; the Telegraph Wires (Unlawful Possession) Act, 1950, were enacted to suit the needs of the day. The usage of the telegraph as a telecommunication mode became obsolete in 2013, and today technologies such as 4G and 5G, the Internet of Things, Industry 4.0, M2M communications, Mobile Edge Computing, etc. are revolutionising the sector.

While these technologies create new opportunities for social and economic growth, issues relating to dispute resolution and penalties, data privacy, the infrastructural needs of the industry, etc. become more complex.

With the objective of reforming the telecommunication law and making it more sensitive towards the concerns of this ever-evolving sector, a consultation paper on the “Need for a new legal framework governing Telecommunication in India[1] was issued by the Department of Telecommunication on July 23, 2022, inviting comments.

The Consultation Paper proposed a new legal framework to address the following:

  1. Simplification of the regulatory framework while ensuring regulatory certainty, minimising policy disruption, promoting investment, and preventing retrospective application.
  2. Spectrum assignment should be to best serve the common good and widespread access, with utilisation of spectrum liberally and neutrally allowed, as should the deployment of new technologies, the repurposing and rearrangement of frequency range, and the authorisation of the central government to share, trade, lease, and surrender spectrum.
  3. Provide a robust regulatory framework to obtain Right of Way and resolve disputes thereby ensuring the deployment of new technologies and ensuring continuous connectivity.
  4. Simplify the framework for mergers, acquisitions, or other restructuring.
  5. Ensure the license is not suspended or terminated during Insolvency while services are being provided, and ensure there is no default on license or spectrum dues.
  6. Expanding the scope of the Universal Service Obligation Fund to address delivery of telecommunications service to underserved rural and urban areas.
  7. Proportionate penalty for offences.
  8. Address situations of public emergency, public safety, or national security.

The draft Telecommunication Bill 2022 was created in response to public feedback on the consultation paper [2].  Further comments on the draft have been invited till 20th October 2022. It intends to replace the Indian Telegraph Act, 1885; the Indian Wireless Telegraphy Act, 1933; and the Telegraph Wires (Unlawful Possession) Act, 1950.

 

Key Takeaways of the Draft Telecommunication Bill, 2022

 

Over-the-top (OTT)

 

There was an interpretational discord as to whether OTT is regulated under the current legal system. The government is of the opinion that OTT is adequately covered under the definition of “Telegraph” in the Telegraph Act. However, there is no explicit legal backing. The proposed bill explicitly clarifies that OTT communication services are a telecommunication service. The bill’s definition of telecommunication service incorporates current technological trends in the industry and includes voice and video communication services, machine-to-machine services, and broadcasting services. Any transmission and receipt of a message through a wire, radio, optical, or electromagnetic system would be telecommunication. Such telecommunication, when intended to be received by the general public, becomes a broadcasting service. Therefore, an OTT service provider, be it broadcasting/streaming services or data/video call services, falls explicitly within the ambit of the Telecommunications Bill, 2022.

 

User-Beneficial Provisions

The bill requires that the identity of the person sending a message be made available to the user receiving the message at all times. Therefore, any call recipient from a landline, cellular, or through OTT platforms like WhatsApp, Facetime, or Zoom calls will have information about the caller. To achieve this end, the KYC of all the users has to be obtained by all service providers, including OTT platforms.  Users are prohibited from providing false information about their identity when obtaining telecommunications services. Any misrepresentation of identity is punishable with imprisonment for one year or a fine of up to 50,000 rupees. An advertisement or promotional message, whether fictitious or real, shall not be sent unless consent is procured from the recipient. Any unsolicited message shall be an offense, and the sender is liable to be penalized. The Bill formulates a mechanism for the preparation and maintenance of the ‘Do Not Disturb’ register. The user-beneficial provisions and the penalty for violation are not substantial enough. When the losses caused to the public because of cyber frauds are more than 1 lakh crore each year, the penalty for such fraud of INR 50,000 is not a deterrent. It is ideal that such offenders are abstained from providing telecommunication services so that repeated cyber frauds or impersonations can be avoided.

 

Spectrum Allocation

 

The Bill provides that spectrum allocation can be done only through auction, directly under circumstances specified in the schedule, such as national security, or in such a manner as mentioned in the rules. The Hon’ble Supreme Court of India, in “Union of India & Ors v. Centre for Public Interest Litigation and other” decided on February 2, 2012, stated that:

“When it comes to the alienation of scarce natural resources like spectrum, etc., it is the burden of the State to ensure that a non-discriminatory method is adopted for distribution and alienation, which would necessarily result in protection of national/public interest. In our view, a duly publicised auction conducted fairly and impartially is perhaps the best method for discharging this burden and the methods like first-come-first-served when used for alienation of natural resources/public property are likely to be misused by unscrupulous people who are only interested in garnering maximum financial benefit and have no respect for the constitutional ethos and values. In other words, while transferring or alienating the natural resources, the State is duty bound to adopt the method of auction by giving wide publicity so that all eligible persons can participate in the process.”

The Hon’ble Supreme court’s order mandates spectrum allocation only via auction. However, allocation of Spectrum under extraordinary circumstances such as national security and defence by the Central Government is understandable. Nevertheless, the entire list of Schedule I activities wherein the government is authorized to allocate spectrum to BSNL/MTNL or can assign it to “any other function or purpose as determined” is far too wide to defeat the very purpose of the order.  Further, it is ideal that such spectrum allotted under Schedule I, shall not be resaleable but only returnable to the government.

The Bill provides the Central Government rights to repurpose the spectrum frequency for a different use (“re-farm”), rearrange the frequency range (harmonization), or assign part of the assigned spectrum to another entity for efficient spectrum utilization, or if the spectrum remains unutilized.

 

Seamless Transition 

There is a new set of terms and conditions that will be formed after the Act and rules come into force. A telecom service provider and telecom infrastructure provider have a choice on whether to migrate to the new set of terms and conditions under this bill or the existing terms as per their existing license. A wireless equipment provider has to procure new authorisation (instead of a license). The existing spectrum licenses shall continue to remain valid for a period of 5 years or until the date of expiry, whichever is earlier. The existing rules under the old Telegraph enactments shall continue until superseded by the new rules. All Telecommunication Bill provisions are prospective in nature. These mechanisms would allow greater acceptance of the new Act and a seamless transition.

 

Penalties and Offences

In casesof breach of the terms and conditions of a license, registration, authorisation, or assignment, the government can revoke, suspend, or curtail such approvals. Further, the government can impose a penalty based on the severity of the breach after considering whether it is severe, major, moderate, minor, or non-severe. A licensee can provide a voluntary undertaking to the authority with respect to any breach or delay. Acceptance of a voluntary undertaking will put the proceedings on hold. An alternative dispute resolution mechanism for resolving certain disputes or classes of disputes is envisaged. The Bill provides a list of offences covered by it, the imprisonment or fine imposed, and whether such offences are bailable or cognizable.

 

Right of Way

The mechanism for Right of way is differentiated on the basis of whether it is public property or private property. In the case of public property, the authority has to provide permission in a time-bound manner.  In the case of private property, parties may mutually negotiate an agreement. To overcome the issues of the sale of property along with the telecom infrastructure, an explicit provision has been enshrined to state telecom infrastructure is different from the property it is installed on. Therefore, the property owner cannot claim ownership of the tower in his/her property, and it remains independent of any sale or lease. It is ideal that the Right of Way arrangements/agreements be standardized. Further, the legal framework should also encompass penalties in case of violation of the Right of Way by either the telecom infrastructure provider or the property owner.

 

Common Ducts & Cable Corridors

An express provision is planned under which the Central Government will require infrastructure projects to have common cable ducts and cable corridors established and such cable made available to facility providers on an open access basis.

 

Restructuring & Insolvency

A licensee entity undergoing restructuring/merger/acquisition has to merely inform the authority and an explicit prior approval is not required. The restructured entity has to thereafter follow the rules therein. In case of insolvency, service continuity is given priority, and the entity retains control over Spectrum. An enabling framework has been made for the Central Government to intervene and revert the control of the Spectrum to the Central Government in case the entity fails to provide telecommunications services, and has promptly paid the spectrum licensing fees/charges.

 

Regulatory Sandbox

A regulatory framework of simplified license terms and conditions to empower the start-up ecosystem is formulated, whereby such entities can live-test their products and services in a controlled environment.

 

The Telecommunication Bill is a framework that intends to create a comprehensive and centralised legal ecosystem for an industry that is rapidly expanding with the addition of new players in the market, investments, and technology. How the Telecommunication Act, Digital Data Protection Act, and Digital India Act finally shape up to create a legal landscape to address the new technological challenges remains to be seen. The proposed Telecommunications Bill has addressed the concerns of the present while keeping an eye on the future in its simple, light-touch approach- a concrete step in the right direction.

The Telecommunication Bill is a framework that intends to create a comprehensive and centralised legal ecosystem for an industry that is rapidly expanding with the addition of new players in the market, investments, and technology. How the Telecommunication Act, Digital Data Protection Act, and Digital India Act finally shape up to create a legal landscape to address the new technological challenges remains to be seen.

POST A COMMENT

Modifying the Personal Data Protection (PDP) Bill to Deal with Rising Privacy Concerns

OVERVIEW OF DATA PROTECTION REGIMES

The recent advent of WhatsApp’s updated privacy policy has brought to light the legal loopholes that the Indian Data Protection Laws are laced with. A revised and updated change in Data Protection Laws in India could have prevented the possible infringements that may take place with WhatsApp’s new privacy policy.

The European Region has been able to circumvent this issue due to its updated Data Privacy Laws that successfully provide users with protection from such policies. These policies legally mandate WhatsApp to prevent the sharing of data with Facebook and a violation of it would infringe the provisions of the General Data Protection Regulation (GDPR).

We have discussed here the modifications that could possibly be added to the Personal Data Protection Bill (PDP Bill) in India in order to ensure an air-tight privacy regulatory authority.

RISING PRIVACY CONCERNS- A STUDY ON WHATSAPP’S PRIVACY POLICY

With an undeniable rise in the relevance and indispensability of the digital platform; comes the numerous concerns regarding its safety in terms of data and privacy protection norms. A case in this instance would be that of WhatsApp releasing its updated terms of Privacy on January 04,2021, under which it would deprive users of their choice to share data or other information with other apps, including those owned by Facebook. Moreover, this policy was accompanied by a condition under which users who did not accept the updated privacy terms, would have to quit using WhatsApp altogether- beginning February 08, 2021- when the updated terms and policies was planned to be enforced.



The updated privacy policies of WhatsApp leave the end-to-end encryption clause intact. This means that WhatsApp has no access to one’s text messages and cannot share the same with any other party. However, this clause does not cover the protection of metadata- which entails everything in a conversation apart from the actual text. This information can be shared with Facebook and other apps.

WHY THIS POSES A PROBLEM

A close perusal and analysis of the entire case reveals the observation that this issue could have been avoided with a concrete Data Protection Law or Regulation in place in India.

The core issue that centres the entire case is that people largely use WhatsApp to communicate with friends and family. The data thus shared on this App by individuals is now proposed to be shared with other companies to run their businesses, for monetary gains. This implies that the purpose for which WhatsApp would be using personal data and information is not even remotely connected to the purpose for which users had share that information on the app.

This issue assumes an even graver character due to the inability of the Indian Data Protection Laws to safeguard their users from a misuse of data. Without a data protection authority or regime in force; users will be exposing their data to the surveillance of the entire Facebook group of companies.

Its lack of effectiveness to provide remedies or relief in such situations stands in stark contrast to the legal frameworks that are in place in other jurisdictions, most particularly the European countries. These countries are equipped with laws that can impose fines on Facebook for unduly sharing and using information through WhatsApp. This clause came into effect when the Competition Commission of certain European countries imposed this condition on Facebook during its purchase and acquisition of WhatsApp.
An important point to take note of, is also the commitment made by WhatsApp during its launch in 2009- “to not sell user data or personal information to any third party”. This stance changed with the acquisition of WhatsApp by Facebook in 2014; and its sharing of data with its parent company in 2017.However, in 2017; users were given a choice to prevent the sharing of such data to other platforms. The updated policies have mandated the exposure of such data as a condition to continued usage of the App.
The users are thus breached of the expectations and commitments with which they had initially installed the App.

IMPLICATIONS ON USERS

Unfortunately, due to the technical and legal intricacies of the issue; a majority of the Indian population will stay unaware of this issue and not do much about it other than accept the terms being forced upon them.

However, there are sections of the population sensitive to data protection and privacy norms. This brings to light the possibility of shifting to alternate and safer platforms such as Signal, Telegram and iMessage. Moreover, petitions have also been filed in several legal courts pursuant to the policies introduced by WhatsApp in January 2021 seeking to stay the implementation of these policies. After all, Right to Privacy is a Fundamental Right granted under Article 21 of the Constitution of India and therefore, must not be compromised upon.

It is thus proposed that till an appropriate legal and concrete regulatory and supervisory authority is not in force vis-à-vis the Data Protection issues in India, the Court must prohibit the execution of this new Privacy Policy set forth by WhatsApp. Pursuant to this, the Supreme Court has directed WhatsApp and its parent company, Facebook, to file their replies to the petitions and growing concerns on privacy violations.

In furtherance of these directions, WhatsApp has most recently implemented its updated Privacy Policy with a new campaign. Through this updated campaign, WhatsApp aims to increase communication about its changes with its users through a small banner at the top of the chat, while also offering more time to let them read, understand and accept its terms. Following the backlash received, now the new Privacy Policy terms is expected to go into effect at a later date i.e. May 15, 2021.

HOW THE PDP BILL CAN BE MODIFIED TO INCREASE DATA PROTECTION

The PDP Bill can and must be modified in certain ways to ensure that arbitrary clauses in such online policies do not deprive the users of the rightful protection they are entitled to under the Right to Privacy. One of the main additions that the PDP Bill must incorporate is a clause or term in the law that prohibits the changing or modification of the terms of a contract after its enforcement. For instance, WhatsApp modified the terms of its contract resulting in a clause that was contrary to its initial commitments and objectives.

Moreover, since the PDP Bill has not been passed yet; it is crucial to look to other alternate legal provisions and statutes that may offer protection in such situations. For instance, the Information Technology Act of 2000, under Section 87 gives the government the authority to come up with regulations that can put a stop to arbitrary policies introduced by online platforms that pose a threat to privacy and data protection rights granted to individuals.

A company must not be able to modify terms according to their whims and mandate users to abide by it simply because they consented to the initial contract. Terms of such contracts must be regulated and privacy laws must ensure that changes in these policies have undergone user consent.

SUMMARY

In order to honour the Fundamental Right to Privacy, it is vital for the concerned platforms to provide clarity regarding its policies to ensure that a well-equipped and protective mechanism is set in force to deal with instances of data protection infringement in India. It is also crucial to formulate a structure on the PDP Bill that is well equipped to handle policy changes while ensuring a constant protection of data privacy rights. Other alternative laws must also be incorporated and interpreted in ways to prevent a breach of privacy.

The European Region was able to circumvent the imposition of data sharing norms by Watsapp due to its updated Data Privacy Laws that successfully provide users with protection from such policies. Our extant laws are glaringly inadequate and the proposed draft, as well as the delay in the passage, of the Personal Data Protection Bill (PDP Bill), is posing a serious threat to our online privacy and security.

REFERENCES

1 WhatsApp’s new privacy policy: Yet another reason why India needs data protection law – The Hindu BusinessLine.
2 Privacy Policy – Feb 2021. (whatsapp.com)

POST A COMMENT

Non-Personal Data Governance Framework, 2020

The realm of the internet has become an information powerhouse and data has become the new endowment of resources that governments and corporate entities are eager to tap into. The transformation in the digital environment and the emergence of information-intensive services has made data a necessary raw material for most undertakings.

Reports suggest that every minute Instagram is flooded with 277,000 stories, Google has 4.4 million searches and Uber has over 9700 rides in 2019. Today, data is an asset to various businesses and holds importance while making investments, mergers, and acquisitions, and/ or direct monetization.

 

While the discussion on ‘personal data’ has been revolving around privacy and security concerns, non-personal data is being eyed as an economic opportunity to augment public or private interest which must not be squandered. Considering the value proposition attributed to non-personal data, the legal aspect was sought to be dealt separately from ‘personal data’ which would be governed by the Personal Data Protection Bill, 2019 that is in the brink of finalization.

 

Consequently, an Expert Committee (“Committee“) was constituted by the Ministry of Electronics and Information Technology (“MeitY“) to study various issues relating to non-personal data. The Committee submitted its Report on Non-personal Data Governance Framework for comments from stakeholders in July 2020.

 

The report highlighted that data regulation is essential to utilize the maximum potential in data by realizing its economic, social, and public value. The need to regulate data stems from the imbalances in bargaining power between the companies that lead to the creation of data monopolies. Moreover, the privacy concerns revolving around the dilution of shared data must be tackled.

 

Non-Personal Data (“NPD“) is the data that cannot be identified with a particular individual, for example, weather forecast, traffic details, geospatial information, production processes, anonymized personal data, etc.

 

  1. Committee’s Proposal to Non-Personal Data Regulation

 

The NPD Governance Framework outlines norms for collection of data and data sharing by entities. The salient features of the proposed framework are:

 

  • The NPD framework provides key roles for all the participants such as Data Principal, Data Custodian, Data Trustees and Data Trusts.
  • Classification of NPD: Non-personal Data is further classified into Public NPD, Community NPD and Private NPD. Public NPD is NPD that is collected or generated by the government or by the agency of the government and includes data collected or generated in the course of execution of all publicly funded works (e.g. public health information, vehicle registration, etc.) excluding the one that is explicitly declared as confidential under the law. Community NPD is data about inanimate or animate phenomenon about a particular community of natural persons (e.g. data collected by e-commerce platforms or by telecom). Private NPD is NPD collected or produced by non-governmental entities or persons.
    • Ownership of non-personal data: In cases wherein, non-personal data is derived from personal data of an individual, the data principal for personal data will be the data principal for the NPD too. Further, the rights over the community NPD collected in India will vest in the trustee of such a community.
    • Sensitivity of NPD: The Committee has also defined a new concept of ‘sensitivity of NPD’, as NPD can also be sensitive from the perspective of: a) national security or strategic interests; b) sensitive or confidential information relating to businesses; and c) anonymized data, that bears a risk of re-identification.
    • Data Businesses and data disclosures: There is also the creation of a new horizontal classification called ‘Data Business’ which is when any existing business collects data beyond a threshold level. Such Data Businesses have to get themselves registered and furnish information on what they do/ collect, their purpose, and the nature of data stored. However, registration of Data Businesses collecting data below the threshold is not mandatory.
    • Non-Personal Data Regulatory Authority: NPD Regulatory Authority shall ensure that data is shared for sovereign, social and economic welfare, for regulatory and competition purposes, and also that all stakeholders adhere to the rules and data sharing requirements.
  1. Unanswered Questions: Shortcomings of the proposed Framework:

 

Attempting to govern the NPD is a commendable effort, however, it seems that there is a slew of questions that are left unanswered. The following are the issues relating to the proposed framework:

 

  • The foremost need to govern NPD as highlighted by the Committee is the imbalance in the digital ecosystem. However, neither the sources of these imbalances have been identified or analysed nor has it been clarified how the proposed regulations resolve these inequities.
  • Ambiguous classification of NPD: The various types of NPD have a potential overlap, but then again, clearly demarcating a line between the three types would be a difficult task. Also, one of the three types of NPD is Community NPD, however, there is no clarification as to how the ‘community’ would be determined. The definition of ‘community’ is wide, under the same even religious groups, residents of the same locality or same educational background would be a valid community, which may have conflicting interests over data shared with the government. Further, without any guiding principles, companies will be forced to make legally binding decisions on what they deem to be a valid community, the scope of data to be shared and for the resolution of competing claims, which is problematic at various levels. Moreover, on a particular dataset, there could be various interests, and in such cases, who would be entrusted with the data remains ambiguous.
  • Anonymization of Personal Data to Non-Personal Data: The process of converting personal data into Non-Personal Data by removing certain identifiers or credentials is termed as ‘anonymization’. Anonymization would undoubtedly convert a set of personal data into non-personal data but, such data runs the risks of re-identification. Further, although anonymization is essential, high anonymization could render the data over-generalized and futile.
  • Reactions of Stakeholders to the sharing of data: Mandatory data sharing is highly criticized by stakeholders, as it undermines the investments put in business and the value of intellectual property information the competitors would suffer. This ‘forced data sharing’ is counterproductive and would have a rather negative effect on foreign trade and investments. NPD can constitute trade secrets, that may be protected by IP laws, sharing this data raises concerns around the right to carry business and India’s obligation under international trade law. The purposes for data sharing under the framework are ‘sovereign’, ‘core public interest’, and ‘economic’ purposes which essentially covers all the data held by companies, and must be narrowed down.
  • Lack of Clarity on who really are trustees of Data: There is ambiguity regarding who will be a data trustee. Whether private, for-profit organizations or private entities within the government could be data trustees is not apparent. Also, the position regarding a data trustee’s independence and conflict of interest remains murky. It is essential that the roles and functions of these bodies are comprehensively defined.
  • User-Consent: NPD Framework also proposes that before the anonymization of data the consent of the user must be taken. It remains particularly unclear as to how would the consent be taken from them. Further, a company needs to invest in resources and obtain user consent, and sharing data may provide no incentive to such companies and would drown them into losses.
  • Over-Regulation by Non-Personal Data Authority: Creating altogether a new authority for NPD would lead to potential regulatory overlap given Data Protection Authority addresses and enforces privacy concerns and the Competition Commission of India looks over consumer welfare.
  1. Conclusion

This effort of the Ministry to set up a Committee to study the NPD which may subsequently lead to a legislation governing the NPD in India is praiseworthy, however, a lot of issues need reconsideration. Stakeholders have expressed anguish over the mandatory sharing of data and data disclosures as it conveniently overlooks the humungous investments put in by the companies. Further, the roles and functions of various entities under the framework are not clearly defined. The NPDA established under the framework may have functional overlaps with the CCI and the Data Protection Authority.

 

Moreover, there is ambiguity regarding Community NPD and user consent. There is no doubt that the ever-evolving nature of information technology is demanding as far as regulatory mechanism is concerned therefore the road ahead is arduous. Hopefully, the concerns raised are adequately addressed by the Committee and constructively resolved in favour of all the stakeholders.

Photo by Franki Chamaki on Unsplash

This effort of the Ministry to set up a Committee to study the NPD which may subsequently lead to legislation governing the NPD in India is praiseworthy, however, a lot of issues need reconsideration. Stakeholders have expressed anguish over the mandatory sharing of data and data disclosures as it outrightly overlooks the humungous investments put in by the companies.

POST A COMMENT

Core Legal Issues with Artificial Intelligence in India

The adoption and penetration of Artificial Intelligence in our lives today does not necessitate any more enunciation or illustration. While the technology is still considered to be in its infancy by many, so profound has been its presence that we do not comprehend our reliance on it unless it is specifically pointed out. From Siri, Alexa to Amazon and Netflix, there is hardly any sector that has remained untouched by Artificial Intelligence.

Thus, the adoption of artificial intelligence is not the challenge but its ‘regulation’ is a slippery slope. Which leads us to questions such as whether we need to regulate artificial intelligence at all? If yes, do we need a separate regulatory framework or are the existing laws enough to regulate artificial intelligence technology?

Artificial intelligence goes beyond normal computer programs and technological functions by incorporating the intrinsic human ability to apply knowledge and skills and learning as well as improving with time. This makes them human-like. Since humans have rights and obligations, shouldn’t human-likes have them too?

But at this point in time, there have been no regulations or adjudications by the Courts acknowledging the legal status of artificial intelligence. Defining the legal status of AI machines would be the first cogent step in the framing of laws governing artificial intelligence and might even help with the application of existing laws.

A pertinent step in the direction of having a structured framework was taken by the Ministry of Industry and commerce when they set up an 18 member task force in 2017 to highlight and address the concerns and challenges in the adoption of artificial intelligence and facilitate the growth of such technology in India. The Task Force came up with a report in March 2018[1] in which they provided recommendations for the steps to be taken in the formulation of a policy.

The Report identified ten sectors which have the greatest potential to benefit from the adoption of artificial intelligence and also cater to the development of artificial intelligence-based technologies. The report also highlighted the major challenges which the implementation of artificial intelligence might face when done on large scale, namely (i) Encouraging data collection, archiving and availability with adequate safeguards, possibly via data marketplaces/exchanges; (ii) Ensuring data security, protection, privacy and ethical via regulatory and technological frameworks; (iii) Digitization of systems and processes with IoT systems whilst providing adequate protection from cyber-attacks; and (iv) Deployment of autonomous products and mitigation of impact on employment and safety.[2]

The Task Force also suggested setting up of an “Inter–Ministerial National Artificial Intelligence Mission”, for a period of 5 years, with funding of around INR 1200 Crores, to act as a nodal agency to coordinate all AI-related activities in India.

 

Core Legal Issues

When we look at the adoption of artificial intelligence from a legal and regulatory point of view, the main issue we need to consider is, are the existing laws sufficient to address the legal issues which might arise or do we need a new set of laws to regulate the artificial intelligence technologies. Whilst certain aspects like intellectual property rights and use of data to develop artificial intelligence might be covered under the existing laws, there are some legal issues which might need a new set of regulation to overlook the artificial intelligence technology.

 

  • Liability of Artificial Intelligence

 

The current legal regime does not have a framework where a robot or an artificial intelligence program might be held liable or accountable in case a third party suffers any damage due to any act or omission by the program. For instance, let us consider a situation where a self-driven car controlled via an artificial intelligence program gets into an accident. How will the liability be apportioned in such a scenario?

The more complex the artificial intelligence program, the harder it will be to apply simple rules of liability on them. The issue of apportionment of liability will also arise when the cause of harm cannot be traced back to any human element, or where any act or omission by the artificial intelligence technology which has caused damage could have been avoided by human intervention.

One more instance where the current legal regime may not be able to help is where the artificial intelligence enters into a contractual obligation after negotiating the terms and conditions of the contract and subsequently there is a breach of contract.

In the judicial pronouncement of United States v Athlone Indus Inc[3] it was held by the court that since robots and artificial intelligence programs are not natural or legal persons, they cannot be held liable even if any devastating damage may be caused. This traditional rule may need reconsideration with the adoption of highly intelligent technology.

The pertinent legal question here is what kind of rules, regulations and laws will govern these situations and who is to decide it, where the fact is that artificial intelligence entities are not considered to be subject of law.[4]

 

  • Personhood of Artificial Intelligence Entities

 

From a legal point of view, personhood of an entity is an extremely important factor to assign rights and obligations. Personhood can either be natural or legal. Attribution of personhood is important from the point of view that it would help identify as to who would ultimately be bearing the consequences of an act or omission.

Artificial intelligence entities, to have any rights or obligations should be assigned personhood to avoid any legal loopholes. “Electronic personhood”[5] could be attributed to such entities in situations where they interact independently with third parties and take autonomous decisions.

 

  • Protection of Privacy and Data

For the development of better artificial intelligence technologies, the free flow of data is crucial as it is the main fuel on which these technologies run. Thus, artificial intelligence technologies must be developed in such a way that they comply with the existing laws of privacy, confidentiality, anonymity and other data protection framework in place. There must be regulations which ensure that there is no misuse of personal data or security breach. There should be mechanisms that enable users to stop processing their personal data and to invoke the right to be forgotten. It further remains to be seen whether the current data protection/security obligations should be imposed on AI and other similar automated decision-making entities to preserve individual’s right to privacy which was declared as a fundamental right by the Hon’ble Supreme Court in KS Puttaswamy & Anr. v Union of India and Ors[6]. This also calls for an all-inclusive data privacy regime which would apply to both private and public sector and would govern the protection of data, including data used in developing artificial intelligence. Similarly, surveillance laws also would need a revisiting for circumstances which include the use of fingerprints or facial recognition through artificial intelligence and machine learning technologies.

At this point in time there are a lot of loose ends to be tied up like the rights and responsibilities of the person who controls the data for developing artificial intelligence or the rights of the data subjects whose data is being used to develop such technologies. The double-edged sword situation between development of artificial intelligence and the access of data for further additional purposes also needs to be deliberated upon.

Concluding Remarks

In this evolving world of technology with the capabilities of autonomous decision making, it is inevitable that the implementation of such technology will have legal implications. There is a need for a legal definition of artificial intelligence entities in judicial terms to ensure regulatory transparency. While addressing the legal issues, it is important that there is a balance between the protection of rights of individuals and the need to ensure consistent technological growth. Proper regulations would also ensure that broad ethical standards are adhered to. The established legal principles would not only help in the development of the sector but will also ensure that there are proper safeguards in place.

In this evolving world of technology with the capabilities of autonomous decision making, it is inevitable that the implementation of such technology will have legal implications. There is a need for a legal definition of artificial intelligence entities in judicial terms to ensure regulatory transparency. While addressing the legal issues, it is important that there is a balance between the protection of rights of individuals and the need to ensure consistent technological growth.

POST A COMMENT