InDEA 2.0 tries to lay out a framework that enables Governments and private sector enterprises to design IT architectures to deliver holistic and integrated services to customers. But in our response, we flagged some of the privacy, surveillance, discrimination, exclusion, regulatory, competition and data protection concerns with the proposed framework. The InDEA 2.0 proposes interlinking the registries, but in the absence of a data protection regime and surveillance regulation, this can exacerbate privacy, surveillance, and cyber security concerns. In addition to that though one of the key principles of the framework is privacy and data security, there is less clarity on its applicability to the federated digital ID – a key to the repositories. Besides, the commitment to openness as a principle through suggesting an “open protocol” instead of a platform model brings out the competition and market concerns. Moreover, on a general level, the principle of openness is more symbolic than substantive, as it is not mandatory in some aspects. From a demand-side perspective, the principle of a single source of truth would cause the exclusion of individuals at various levels of the identification and data-seeding process. Therefore, as India is moving towards an integrated service delivery system, we hope the concerns with the framework are addressed by adopting some of the recommendations we suggested in our response.
Response was prepared by Eshani Vaidya, Kamesh Shekar, Saksham Malik
Editors: Sreyan Chatterjee, Karthik Venkatesh
Research Support: Srija Gadamsetti
