Sienna’s Charter – Who’s Data Sovereign? It can only be me!

The Sienna Framework > Framework Applications

Medical | Professional | Education | Location | Financial

Surveillance | Online Browsing Behavior | Online Content

Disclaimer: 
I’m writing this from a data owner's point of view - Me and as far as I can see, from my very limited but human centered understanding and perspective. I'm a dreamer & designer, not a government policy writer. I am not an economics expert, but I understand the impact of system policy design on outcomes and I can recognize patterns that lead to revenue creation and value maximization.   
In the creation of this, I have imagined the outcome or the 'to be' state and worked backwards to policy. Something that I do everyday as a part of system design. This is my construct of the 'data perfect' world.  Where the worth of data is measured in its unique ability to provide the right insight to the right stakeholder who needs it, seamlessly. Where services deemed essential by human rights like electricity, water, education, critical care etc are not refused to marginal groups. The monetization of the data an individual creates can be an alternate means to pay for basics also in this new data driven economy. 
The Design Principles for these policies are the 10 principles of Fair Trade by the WFTO.  Please read on if you are interested in a data owner's perspective. If not, fair warming, its long and winding, as is our data trail. May take time to get through or digest. If you get through to the end, please feel free to come back or suggest updates that you feel would make it better. In order to be designed right, this has to remain a collaborative work rather than one person's ideas and perspective. 

“An Individual owns the right to his data. Therefore, if at all the data of an individual is used, it must be with his/ her express consent.”

Draft National e-Commerce Policy
India’s Data for India’s Development

This is a quote from India’s new draft e-commerce policy. To me this is the foundation of all data privacy rights, policies and debate. If any data about me is being used, accessed or traded, I should be the sole rights giver on that.

Although government policy recognizes my sovereignty over my own data, but today hundreds of eCommerce providers, facebook, google etc etc are using my data to personalize my marketing messages, offers, products and what have you, without offering me any chance of control. On the flip side, it is absolutely necessary to do that, without that data I will be inundated with generalized messaging. My echo chamber will be amplified so much that 2 years from now I may even lose mental stability because of the ocean of irrelevant spam. In fact, we will soon reach a point where ‘Information Inundation’ may become an accepted disease like ‘Internet Bullying’ or ‘Social Media Addiction’.

What can we do to stop ‘Information Inundation’ as well as ensure that the data I produce is being used ethically and to my advantage? I believe that a detailed comprehensive policy be one that breaks down my data into optimized parts like Medical, Professional, Financial, Buying behavior, Consumption behavior, Location tracking, Social graph & relationships etc and comes up with grouped rules and access rights should be able to handle this. I’m calling this ‘The Sienna Framework’ because its the basis on which a brand new future is to be visualized. The overarching principles to this policy should be. :

By slicing the data, we can build enough context around it to identify stakeholders, usage, access, monetization etc. We can build a digital utopia of sorts. One that would help us become a more peaceful, organized and profit making nation.

monetization privileges:

The right stakeholders should be able to monetize this data on fair trade principles. The monetization should be done in a way that translates some of the value directly to the user who is creating this data. The natural stakeholders for each kind of data should be able to monetize all, and use the data as an alternate means of minimum payment. Their access to the data will not be revoked till the actual payment to the stakeholder is done.

Monetization will always be pre-facto. Post-facto monetization should not be allowed. So to a certain extent, it is up to the user to make sure that their data is secure and no one can access it. Just like their gold, or savings.

access rights

During access, there are two policies which govern the interactions, Read Data Type policy and Mandatory Trail policy. 

Read data type: The type of data available to a stakeholder i.e. open data, all aspects of which can be queried including original form, or pull data, which will be delivered as an insight tailored to the query. There will be predetermined queries with an open pipe of answers. There may even need to be a charter to define what kind of queries and insights are various parties allowed to consume.

Mandatory trail: Whosoever accesses the data will have to leave a trail saying what the access was for and what is the insight that was driven from this data. The writing back of this inference will be tested on a public interface through digital means. Automatic reconciliation of the mandatory write process is an all encompassing policy that governs all buckets and stakeholders. Anywhere where the impact of the inferences used is not publicly available, the data writer is mandated to prove that the inference was drawn if asked to do so. The customer, that is me, will always have the right to see this trail and to be able to refuse access to any entity. Again pre-facto and not post-facto.

‘Time of association‘ will determine access and write period.

Storage, management and mining 

Since the common man can hardly be expected to understand or have the resources to be able to store, manage and mine their own data, authorized intermediary platforms are a viable business model to help users take care of their data. Each intermediary should come up with their own charter for data sharing. It is up to them to take the ROI call to the extent of monetization and value sharing to the user, the actual owner of the data. A viable business model as proven today for aggregators and platforms doing most of the data generation, utilization and management.

Aside on platforms: Platforms should not lose their business model as it is running currently but make it more transparent. Visibly share value with the customer. It makes sense to publish the total storage and bandwidth being utilized by the customer, to bill them and negate the bill to visualize the value that they are getting. Perhaps a visualization of how their sphere of influence has grown through the usage of the platform is also a good idea. There is indeed value being shared today and users are unaware of it. This contributes towards the feeling of being invaded.

note on taxes

It is elementary that when the flow of data is seamless and value creating, the government should ideally get a piece of the pie. Taxes are both an accelerator and a barrier to early stage entrepreneurship in a country. While taxation of data monetization will benefit the country’s economy no end, intelligent and scale related taxes will form a framework of encouragement for those who are innovating in the entrepreneurship of data. And real, varied, geographically spread, scaled playing with business models will be needed to make sure we gain from the data we create as a nation.

The Consent framework

The consent provided by the user or any other entity for this data exchange has to be in the form of a charter, authentication and the vehicle(s) on which the charter has to be given. This contract charter has to be overseen by the court.

• The Data Charter, a detailed overview of the conditions of data exchange, including what the recipient is allowed to use, in what form. What he has access to, and access has to be necessarily seamless, and what he cannot access, which should necessarily be hidden. The charter should be mandatory legally to deliver and acknowledge by both parties. The delivery can also be a succinct version of it, not a summary, but a brief on what it entails as outcomes.
• It also contains a seamless way of identifying me, a data security framework. This has to be put together differently for different industries, maintained and controlled by authority, perhaps the government, because it involves the security of the nation.
• The delivery mechanism of the charter has to be through a securely maintained ledger that can be audited at any time. A ‘Smart-er Contract’ that incorporates multi-level biometric authentication to determine who I am.

authentication

Single or even 3-factor biometric authentication has become necessarily flawed because of the advent of 3D printing and the commoditization of augmented reality. As computing gets faster and more ubiquitous with quantum, we may have to go with multi (100s)-factor biometric authentication which incorporates ubiquitous biomarkers emanated by an individual, some of which we are still discovering. Individuals can be recognized and organizations will be recognized as molecules made up of multiple individuals. Once authenticated, the tokens owned by the entity will give it access to data that it has the right to see, own, analyze and manage.

I agree with the Sienna Framework

Tweet

Framework Applications

In a perfect world, only certain parties should have access to my data to read, write, monetize etc according to their classification and the classification of data type. I’ll go through each type one by one and apply the policy structure outlined above:

Medical Data:

• Access: There are levels of authorization needed for each kind of medical data. For example: Full access will be granted to certain entities on a permission basis at a personal level like HIPAA certified guardians, currently treating doctors or hospitals. Pharmaceuticals (or any other entity like a government certified body holding a clinical trial) will have access to identity sanitized, aggregate data like treatments and all outcomes, events, diagnostics, progress, regress, lifestyle data from medical devices etc.
• Usage: Hospitals, paramedics, registered health workers will be able to access critical medical data like allergies, medication, existing diseases, risk factors etc free. Without full access, they have the right to refuse services.
• Mandatory write policy: If data is read, services have to be rendered with a trail to prove them, even if it is emergency triage or an emergency consultation. All services rendered, outcomes etc have to be mandatorily recorded with measured periodicity while access lies with them. In fact, all medical data relevant to a certain disease being treated by a hospital, gathered from medical devices also has to be mandatorily routed through the hospital.
• Monetization: The access to pharmaceuticals has to be granted by hospitals and clinics where the patient is being treated on and can be monetized by the hospital. In essence data becomes a kind of currency and minimum service assurance, and can be monetized if the user is unable to pay for a service. When payment is made, the data will be erased from the system. Any insights taken from it meanwhile are recorded on the user’s trail. The pharmaceutical will have access to the same data (i.e. only that set, blood pressure recordings lets say) recorded by any medical entity throughout treatment duration even if it is lifelong, even if the patient is no longer treated by that hospital. Data itself cannot be stored at a hospital after payment has been made to the service provider. All access rights withdrawn. Pharmaceuticals can store insights forever and can trade with other pharmaceuticals if they wish directly or through a government regulated agency. Pharmaceuticals or agencies holding clinical trials may also get permission directly from the customer, but offering something in return is mandatory, like a subsidized medical device e.g. This policy will also enable free digital clinics from pharmaceuticals in the future.
  • Medicine needs a flexible policy that allows data mining and extraction for various clinical research purposes. Permissions will need to be built into hospital admission forms and clinic prescriptions for this. Below is just a sample of what can be achieved if medical data and artifacts can be recycled in a sustainable way. https://youtu.be/jt63mnDKMR4

Professional Data:

• Usage: Only employers, financial institutions and government law enforcing bodies should have access.
• Access: Access will be granted on a permission basis from me or with a court order. Without access, they have the right to refuse employment, consultation opportunity or benefits. In order to get access to data about any competency, the reader has to prove that they are an employer working in that industry. Evaluation has to be done for certain skill sets and competencies by a company who employs people of that competency.
• Mandatory write policy: If data is read, writing the result of this engagement has to be mandatory. Which means if a company has evaluated you, even through automatic or third party means, they have to write what they found. Skill sets and competencies from other industries remain untouched by this evaluation. Employers are also allowed to add conduct, relevant behavioral aspects etc after a certain period of employment. Evaluations have to be mandatorily updated during the period of employment every year automatically through digital means.
• Monetization: Employers are allowed to monetize that information by giving access to financial institutions for the ‘time of association’. Access rights are revoked for the employer when employment ends and data has to be deleted. In keeping the digital offshore work economy in mind, this is to apply internationally to any country or jurisdiction as well. If an international entity wishes to employ Indians, they follow the laws to access the data. Financial institutions can store the sanitized insights forever and can even trade with other financial institutions if they wish directly or through a government regulated agency.

Education Data

The role of learning is growing in our lives, and education is coming from all kinds of ubiquitous places like mobile devices and online tutorials. The person who learn will eventually use those learnings and gain skills which apply to employability. So this data is cross-referenced to the previous data set as well.

• Usage: Employers will have access to this data and can read or write into it with my permission for a ‘period of association’. Also educational entities have the right to access historical data on a structured query basis only and can write new skills, add weightage to old ones etc for the ‘time of association’
• Access: Employers and education institutes are given blanket access by me. They have the right to denial of services without access rights. Beyond this group, to any open entity, I have the right to open data access and monetize it.
• Mandatory write policy: Writing on the trail periodically is necessary for educational institutes, employers will write on the professional skill ratings generated by new education in the professional trail. They have the option to update the education as and when new skills are learnt.
• Monetization: Education institutes have the right to monetize this data. They are also creators of this repository as the foundation of learning. They can register individuals online and start their online repositories or profiles. In fact this is a mandatory process. Employers can buy that data from them to evaluate and sift through. If hired, a small fee has to be paid to the educational institute. This is for first time hires only. This ensures that education is elevated from a service product to a shared partnership in progress and ensures job readiness. With educational institutes having some skin in the game and being remunerated for creating an able workforce, they will be stakeholders in progress of the workforce and not just enablers.
  At all times subsequent success data and profiles will be available to educational organizations to query at any time for internal and external usage in communication.

(We have enough data to begin that process for the people registered online professionally today. LinkedIn, Naukri, National Skills Registry and other such sources collated together is a good place to start. They have enough structured data to enable this at a pretty large scale. The snowball effect will come into play once this is connected to educational institutes including online certification agencies.)

Location Data

This data is fairly unique considering many many services would need to access this for multifarious reasons and in its potential for mis-use by various entities including anti-nationals or terrorist organizations. It has to be used the right way. The audience for this data should be determined on a facet and query basis.

• Usage: It needs to be used by law agencies for alibi creation & location triangulation, mapping and traffic monitoring, population management, also to financial organizations, insurance companies at specific times etc. Each would have their own set of authorized query interfaces that they can plug into. For example financial organizations should be able to triangulate the truth like residence & job stability, spending habits like mall visits etc. They would not be able to query the data on an ‘open’ basis in terms of numbers or facts. Only use it for authorized validation. Mapping and traffic monitoring agencies would be able to get aggregate anonymized insights like coordinates, speed, direction etc.
• Access: This data should be accessed on an implicit permission, explicit permission and automatic court ordered access for law agencies like police etc.
• Monetization: Permissions can be monetized by the user from authorized parties but they can be connected with services like insurance etc. as well like the NASCH Mandate today. The services that get it deemed ‘Necessary to function’ like Insurance, Credit etc can deny service on the basis of access permissions. But all others will have to ask explicit permission to get access which can be monetized through an automatic gateway. All transaction taxes apply.
• Mandatory write policy: When location data is accessed, the inference drawn from it has to be written back into the log. The writing back of this inference will be tested on a public interface through digital means. Automatic reconciliation of the mandatory write policy is an all encompassing policy that governs all facets.

Surveillance Data

This is again a unique kind of data that will be crowdsourced to a large extent. The government cannot install cameras at every 5 feet across the country. But individuals, businesses, organizations like banks, supermarkets etc install security cameras. The information in these cameras should ideally in collated in one single repository or data lake. This has to be corroborated with biometric & sensor recognition data, again this needs to be done by different parties and collated in one place. Automatic security insights like suspicious or dangerous behavior continued across locations etc will be running on it constantly in real time. This is a resource hungry service and will have to be monetized separately by the investor in the data servers even if it is the government.

• Usage: Security companies, law enforcement agencies, and business will require this data constantly. Each face and activity recorded on this data will be written into the trail of individual users. The actual video, audio, image and authentication data is collated in one place with a data owner.
• Access: Access to this data will be given by the owner of the data lake. The monetization can be done by this party specifically because the onus of collating this data and paying for expensive infrastructure to read & store this multimedia data is borne by this party. The repository owner can decide to remunerate people on this data on an insight basis if he needs to. So a store owner, who owns a good source of video data that contains behavioral insights can sell his data stream to this data lake. Data which reveals many insights can become more monetizable. All insights, monetization and actions taken from the data have to be written back into its trail. The charter for these insights will be a living document. Authorization for insights will be given on the basis of that charter. Tight guidelines will govern the addition of new insights to this charter. Pricing will be demand led. New insights will be expensive and common existing data streams will be cheap.
• Mandatory write policy: For this data, there is none. It is mandatory to write any insights including criminal and anti-national behavior on the data trail of individual users. But the accessor can also leave it alone if no insights are found. Every access is notified to the users in the form of an instance written on their trail with any insights that are formed.

Online browsing behavior:

This is unique in the sense that has the potential to be mis-used at a personal level by companies as well as cyber criminals. In this I include governments using it to change public opinion and conduct separatist operations. It is also my biggest filter in the echo chamber of the internet. It has to be exposed at a granular level but the form of access may change from push to pull. Let me explain.

• Usage & Monetization: Any entity who wants to serve me with advertisements, promotions, cross-selling, recommendations etc including e-commerce entities can have paid access to that data, or they have to go through a gateway installed at a personal level who sends internet interaction data including iOT data from sensors in my house to tailor the information flowing in on a pull basis. The gateway has to tell you what got consumed, watched, actioned on as well. A one stop shop for all online behavioral data exchange.
  So, a simple command to your voice assistant – “Show me a good raincoat..” lets say – contains my needs & preferences when it is communicated to an online raincoat catalogue that I can buy from. It will also have to contain the form in which I require my answer – text, image, video holographic, virtual etc as determined by my interaction portal. Whether I buy the raincoat or not and what I do with it has to be fed back into the system where it was bought from.
• Data Location: This is a special caveat which is especially meant for the data trail laid by internal household activities and consumption, conversation, action, internal positioning etc. As the internet grows more ubiquitous, the number of portals through which we access the online world increases exponentially. And the data that they are recording is what puts us on edge today in terms of comfort. It is highly private data. By this caveat, this data belongs only to the household and the ownership of this data should only lie with a certain household. By this virtue, this data can lie on-premises for households who can afford to install hardware in their location or by private cloud space. They can also afford to charge a premium for this data. Else this data would lie on a public infrastructure secured by permissions from me. No other entity has the right to store this data, neither the insights that they have taken from it.
• Mandatory write policy: The insights gleaned from data exposed in a pull interaction have to be written back into the log. The insights written by an entity during pull also have to be queried in a pull interaction from me the next time. Advertising entities do not have the right to store my data. For more efficient transactions, the dialogue with this gateway needs to be structured and set. This I agree, is a resource hungry activity, and needs to be subsidized, but the long term ROI in terms of action, consumption and conversion will speak for itself economically.
• Access: Like location data, this access can also come bundled with certain services like media & entertainment etc. It works on authenticated explicit permission given for subscription services & implicit permissions that are a part of pull services. Permissions are granular for facets of data as well as read rights. The periodicity, number and types of access will be determined through a charter for usage. Extra permissions have to be authenticated by me. e.g. suppose you want to query if I have diabetes or not, which usually does not fall under your access charter, explicit permission will have to be taken from me to show me relevant information.

Online Content:

This is the richest and most heaviest data set on the planet. It is also the cultural output of our generation. One that should be used for usage in unbiased history writing for generations to come. It is telling of the social interactions, mores and behaviors of the current time. It will also catalogue the progress of the human race over many parameters and is rich with human insight and cultural significance. It includes news shared, discussed and consumed by people which allows to read the ongoing mindset in communities and may be useful for large scale population assessments of many things.

It is the most resource hungry data set that can exist and in resource usage and monetization stands besides enterprise computer vision generated data. Its capacity for capriciousness and therefore the need for moderation, both automatic and augmented is very high. The sheer volume of data in its multimedia avatar, fortified with hundreds of data points, is expensive. So content platforms today have a triad of responsibilities and rights. The responsibility of hosting it in its entirety with the attached data points, and the responsibility of moderation which goes much beyond just moral policing for violence and porn. Concept proliferation itself has the power to topple governments and change regimes. Concept propagation, measurement and policing should also come under that bucket. I think most of the platforms agree with that. With these two great responsibilities also comes the power to monetize user behavior. One that keeps them profitable today.

• Usage: This data can and is used to perpetrate concepts as well as measure population response on them through the use of social means. Whenever an entity is disseminating information, this data is needed to prevent it from being spam. This data also needs to be policed closely by many parties for signs of war, unrest, crime, unlawful concept propagation etc.
• Access: It should be available to the entity which is helping produce and propagate it i.e. Facebook, Google, Instagram and government law enforcement bodies for security purposes. The army should have access to it for monitoring purposes, the police should have access as well as management and moderation responsibility of this data. Moderation has to be enabled by the platforms and carried out by law enforcement. The buck stops with law enforcement for keeping us safe.
• Monetization: The user owns all of this data, it cannot be monetized without him earning a piece of it. The data keeper i.e. the entity that has been the place for its creation, has to be transparent about the monetization it does on the data. Else this data has to be kept only under the user’s gateway if a gateway is indeed available. The ‘Data location’ caveat applies to this data as well. If the user wants, they can keep the data privately and use it as a gateway for pull interactions. This is obviously an expensive procedure and the expense will be borne by the user. Ensuring insulation should not be illegal, and may be needed for copyright and privacy purposes, but it has to be expensive enough to be considered a luxury.

concept caveats for online content

• For pornographic and specialized material like BDSM and other marginal content has to be mandatorily kept with the user and each access authenticated biometrically at a personal level – direct to consumer. This data, if it does not violate any human rights laws, can be kept hidden from anyone including law making agencies. Whether or not it violates any laws has to be determined digitally through computer vision and not visually. If kept with a repository, monetization is mandatorily shared, else the user has all rights to monetize this data as long as any and all signs of individual faces have been altered by computer generated anonymized faces. Pornographic material that is not linked to a source will be illegal & not allowed dissemination. Pornography which contains animals or children will not be allowed upload. Violent pornography will be stored separately and accessed only by those who are certified BDSM practitioners. The rules of BDSM will be taught separately and a certification issued for those who want to access BDSM content or practice it in their lives. The cues and entry points to this can be proliferated carefully to the adult population but not the content itself.
• Religious content similarly can only be accessed by people of a certain religion and access rights. It cannot be used to propagate any concepts across the population. Sub religions can be propagated within certain religious or secular groups, but they will not be allowed to propagate in groups of other religions. New religions, sects and followings, since they are not in the list of ‘Organized religion’ can be propagated to all. Once they achieve a certain critical mass and are recognized as ‘Organized Religion’, they have to be mandatorily hidden.
  Content propagated within religious groups also will be policed for racial and religious slurs. It will be illegal to talk derogatorily about any other religion except your own. It will be illegal to propagate, visualize or talk about violence to other communities. This will be done automatically by computer vision and NLP and any content of this type will not be allowed upload or dissemination. Religious communities can carry on sharing, creating, showing off religious messaging within the privacy their own groups, thereby protecting any marginal religious activity from moral policing or screening by other religions. These groups should be sufficiently large enough for all kinds of social interactions to happen, hence the need for a critical mass to be accepted as a ‘Religion’. Academically, all entities will be able to query the database about anything from traditions, rituals etc, but will be shown anonymized content for those specific queries. This will be a pull function only.

• Branded content also has to be segregated from user generated content, today it is blurring the boundaries and being accepted as ‘native’. Branded content will contain the source and the responsibility of storage and access lies with the brand. They and only they can monetize this data for anything. All branded content is free for the user populace to consume but has to be bought by other entities for propagation. Although this is not user owned or generated content but it still has significance to be stored against the user trail as well. For measuring brand recall, and brand value generated over long periods of time. The production of branded content will become a science and brands need all the data they can get to ensure no spam or wastage of resources is incurred in the process, sadly as with physical advertising today with the piles of plastic single use material that is generated for branding.

Financial Data:

The most sensitive and varied data set we have is financial data. Secure transactions on block chain will enable all financial data to be stored securely for posterity. Due to the sensitivity of this data, it’s ownership cannot reside anywhere but with me. Just like my money. BUT:

• Co-Ownership: The data also belongs to the financial institutions who help make the transactions I make. It also belongs in part to the merchants and manufacturers of the products I buy, rent, loan or otherwise utilize using the money I have.
• Mandatory write policy. If they do business with me, it is mandated by law that they share it with me and write back into my profile the things that I do not have a trail of in transactions like internal credit assessments etc. But because it is co-ownership, if they are to record and store the transactions as another source of truth to my copy, they can provide the service to reconcile and raise an alarm when my copy does not match. It may be offered as a premium service as well through the data exchange. A personal security net, a financial service of the future.
• Access: For the period of my association with them, they will also be mandated to share this data with the government security agencies. Both financial organizations and I will be able to monetize this data by giving the right kind of access to the right stakeholders.
• Monetization: Private, but authorized, security agencies though will have to buy access to this data from financial institutions directly, not from me. Various different financial organizations will be able to trade this data with each other through a ‘data exchange’ that enables the trade, takes a cut and allows exchanges. They can also meaningfully analyze the data and create immediately consumable insight packages which can be monetized seamlessly. Exchanges like CIBIL already exist.
• This data exchange will also be allowed to provide measured faceted access to aggregate data through a pull function to brands & product companies etc. The brands will mandatorily have to use it for messaging on a permission basis from the user. But the rest of the analytics suite including AI can be run on it as a part of the usage charter. The manufacturers of products can access aggregate distribution as well as consumption data on a query basis from this exchange as well if they do not have it already.

This data includes purchase data which is part of the post of consumption data, since it has more value in that data set, I’ll define how we can aggregate it in that post. All guidelines around financial data apply to purchase data as well. Consumption data is also a co-owned data set with merchants and the government.

preface to Consumption Behavior:

This data set will be the measurement stick for everything from advertising effectiveness to distribution efficiency. It will also be the cues to responsible production in the future. It needs its own piece but I will give a glimpse of what this data set has to do.

This data is cross-referenced to the online browsing data set as well. Today when we look at consumption behavior to determine what to serve to whom, we have a very myopic view. Physical retail consumption is being tracked only in the physical world, online for online. i.e. if I have left a shirt in the cart online, I may still see it advertised weeks after I’ve bought it offline. This spam needs a filter. Also this will cause inefficiencies in the supply chain. For a sustainable world, zero wastage should be our motto. Having access to the right kind of data will enable it for us.
Consumption is another post by itself due to the complexity of the detailing required. It will take immense infrastructure and foresight for it to work. It is also ambitious for us to be able to accomplish even laying down the infrastructure for it in the next couple of years. The permeation of the devices needed is still a few years to come. Meanwhile the policies that we start with today should also be flexible enough to enable growth in that area as well as easily handle that data. It should take me some time and a lot of study to work this out.
Consumption is also a trail of carbon footprint which will be taxed in the future to accelerate the change from plastic to sustainable options. Soon, this tax will be used for clean-up of by products and keeping the environment safe from conspicuous consumption as is happening with plastic today. To that point, this tax should be purely consumption driven for anything non-bio degradable including by-product of manufacturing or waste from consumption. Sensors that we have in our homes can also be mandated to measure & observe the life-cycle of a product. So they can in an ideal situation be feeding back the data onto the trail of the product. Even when I discard that raincoat and the landfill in which it is lying will tell me where it is. Landfills will have to be mandatorily automated for trash segregation soon. This tax goes only when the by-product has been utilized and fed back into the chain or has bio-degraded. This has to be known eventually from sensors which recognize each product from the context they are in. This applies to all packaging, and non-biodegradable products. Consumables i.e. bio-degradable products end their journey when they are consumed. The definition of FMCG will change if FMCG product contains packaging that is non-biodegradable.

(Bio-degradable packaging is already being experimented with and it is in our best interest for these experiments to be taken ahead and incorporated into mass packaging practices)

P.S. This is a series of 3 posts on data policy in India from a user’s perspective. ‘Consumption Data‘ which is really a continuation along these lines but more detailed and flexible. And how could we leave behind ‘Enterprise Data‘? iOT sensors and digitization will be generating huge amounts of data in the coming years. My third post will be about the data that businesses and individual value creators generate through automation and enterprise human operations. Just like the personal data trail, products also leave a data trail and which should be used, aggregated, insighted and monetized. Wait for ‘Enterprise data‘ to get the lowdown on that.

“Location of the computing facilities like data centres and server farms within the country will not only give a fillip to computing in India but will also lead to local job creation. …In the future, economic activity is likely to follow data. It is hence vital that we retain control of data to ensure job creation within India. Cloud computing should become an economic activity in India. Data analytics in the era of industry 4.0 should become a major job creator.”

Draft National e-Commerce Policy
India’s Data for India’s Development

This is a myth.

Humungous data centers employ less <5 people and create a huge carbon footprint. Keeping data centers in India is extremely unlikely to compensate for automation in the back-office processing sector. It is highly likely to create a bigger cost in electricity & emissions.

Microsofts Chandrasekhar S at #policynext Medianama’s policy panel on data protection and privacy

The truth is no matter where data lies, if we put in enough gateways that create value, create a trail that ensures security and privacy, we can create jobs & value for Indians regardless. Geographical location is not a deterrent to access control. 

*The ideas expressed above are purely my personal beliefs and represent in no way IBM’s beliefs as a company.

https://aeon-co.cdn.ampproject.org/c/s/aeon.co/amp/essays/privacy-matters-because-it-empowers-us-all

Author: Ekta Rohra Jafri

Ekta is a prolific design thinker, system designer and future explorer. She speculates on future scenarios in episodes of Sienna Tales which she works back into policy with the Sienna Charter, a framework for building Data Privacy, Sharing & Monetisation in the new world. View all posts by Ekta Rohra Jafri