SlideShare a Scribd company logo

Data Empowerment & Protection Architecture (DEPA)

ProductNation/iSPIRT
ProductNation/iSPIRT

A presentation on a new framework to empower, not just protect user data by iSPIRT. Accompanying talk available at : https://youtu.be/mwC1kjaWV6g?t=1h7m3s

Internet
1 of 38
Data Empowerment & Protection Architecture (DEPA) August, 2017 1
Since we don't trust anyone with it, put the users in control of their own data! Source : Calvin and Hobbes, Bill Watterson, 1995 2
Freedom to share their data EMPOWER USERS THROUGH CONSENT 3
TYPES OF CONSENT CONSENT TO COLLECT CONSENT TO SHARE 4
CONSENT TO COLLECT Example: Personalised Dictionary based on Keyboard Data Consent To Collect Collected Permissions My Personal Dictionary (Based on my Keyboard Data) 5
Non-Shareable Example: Aadhaar Biometrics Personal Data Example: KYC data, Marksheets, Driving License Generated Data Raw Location History, Bank Transaction History Derived (Intelligence) Personalized Keyboard Dictionary, Credit Score Public Dataset data.gov.in Anonymous Dataset Anonymized Loan Book, Anonymized Travel Data DATA CLASSIFICATION 6
User Consent - Required * Required * Required * - - Downstream Sharing - Limited Restricted Barred Barred - Regulatory Drivers Regulated by Law Free sharing or Regulated Pricing Free sharing or Regulated Pricing Market Pricing Market Pricing Regulated by Law Tech Tools & Standards Biometrics Security eKYC, Digital Locker, Electronic Data Consent (EDC) Electronic Data Consent (EDC) Electronic Data Consent (EDC) Anonymization Standards Open Data Standards Non Shareable Personal Data Generated Data Public Dataset Derived (Intelligence) Anonymous Dataset *Complying with ORGANS Principles = Open, Revocable, Granular, Auditable, Notice, Secure 7 DATA CLASSIFICATION
CONSENT TO SHARE Example: Consent based eKYC (by UIDAI) 1234 5678 9012 OTP Biometrics Access ONLY via authentication No more fake identities No more paper No Photocopies KYC Data Shared Electronically WITH CONSENT 8
TECHNOLOGY TOOLS FOR CONSENTED DATA SHARING ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) 9
DATA SHARING via DIGITAL LOCKER SYSTEM The Digital Locker System (DLS) by MeitY is a modern technology for secure, inter-mediated data sharing. “Federated” approach: Not a single provider but a network of providers that interoperate A secure “one-stop shop” for channeling all consented data sharing related to the user Digital Locker SystemData Producer Data Consumer USERS Issues Digitally Signed Documents Accesses Documents Online Consents Access 10
Example: DIGILOCKER (by NeGD) List of DigiLocker Data Producers: ● Central Board of Secondary Education (CBSE) & Council For The Indian School Certificate Examinations (CISCE) Class 10 and Class 12 ○ Statement of Marks ○ Passing Certificate ○ Migration Certificate ● Unique Identification Authority of India (UIDAI) ○ Digital Aadhaar Card ● Ministry of Road Transport and Highways ○ Driving License ○ Vehicle Registration Certificate ● Ministry of Petroleum and Natural Gas (IOCL+BPCL+HPCL) ○ Digital LPG Subscription Voucher 11
TECHNOLOGY TOOLS FOR CONSENTED DATA SHARING ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) 12
Electronic Data Consent (EDC) ● Consistent with current legal frameworks and compliant with IT Act ● User-Centric: User controlled data sharing ● Auditable and Non-Repudiable ● Trust of data established through digitally signed documents Data Consumers (Banks,Credits Providers etc) Consent Collector Data Producers (Banks,Telco, Hospitals,etc) Consent Flow Digitally signed consent artefact 13
TECHNICAL ARCHITECTURE OF DEPA Data Producers are also referred to as Data Producers in the EDC Technical Documentation DP #1 DP #2 DP #3 DP #4 Flow-Based Credit Skilling & Recruitment Content & Media Bots Consent Collector Data Producers Data Consumers Consent Flow Data Flow Data released based on consent Consent Artefact 14 Data Access Notifications
MeitY Consent Artefact v1 Compliant with the ORGANS Principles: Open, Revocable, Granular, Auditable, Notice, Secure <consentcollector> CC </consentcollector> <dataconsumer> DC </dataconsumer> <dataproducer> DP </dataproducer> <user type=”UID”> 123412341ABC </user> <datatype type=”transactional”> <attribute-list> … </attribute-list> <duration> 6 months </duration> <datalife> 10 days </datalife> <frequency> YEARLY </frequency> <revocable> YES </revocable> <access> VIEW| STORE| QUERY </access> </datatype> <datatype type=”profile”> </datatype> <loggingInfo> … </loggingInfo> <purpose code=””> LOAN </purpose> <signature> #@%%#@$$##$@ </signature> Identifier Section Data Section Logging Section Signature Section Purpose of Data Access 15
Data Consumers (Banks, Credits Providers, etc) Consent Collector Data Producers (Banks, Telco, Hospitals, etc) 1. Revocation Request 2. Revoke 3. OK Contains a “revocation URL” owned by Data Producer 4. Artefact Revoked The Consent Artefact specifies how to log both consent flows and data flows. This granular logging helps in auditing and monetisation. An Example Workflow for Revoking Consent 16 REVOCATION, AUDIT, NOTICE
EDC facilitates Virtual Data Room Access: • Read Data Access • Query Data Access SECURE DATA ACCESS EDC facilitates Virtual Data Room Access: • View Data Access • Query Data Access <consentcollector> CC </consentcollector> <dataconsumer> DC </dataconsumer> <dataproducer> DP </dataproducer> <user type=”UID”> 123412341ABC </user> <datatype type=”transactional”> <attribute-list> … </attribute-list> <duration> 6 months </duration> <datalife> 10 days </datalife> <frequency> YEARLY </frequency> <revocable> YES </revocable> <access> VIEW | STORE | QUERY </access> </datatype> <datatype type=”profile”> </datatype> <loggingInfo> … </loggingInfo> <purpose code=””> LOAN </purpose> <signature> #@%%#@$$##$@ </signature> 17
Credential Sharing Example: Users share passwords Physical Sharing Example: Users share Paper KYC data Low Low DEPA MEASURES BETTER ON SECURITY AND CONVENIENCE DEPA 18 Access Delegation Example: OAuth Security Risk User Effort High Medium High Low Medium Vendor Effort HighLowMedium Low Low 18
19 Combiner INCLUDED IN DEPA ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) ● Combiner NOT INCLUDED IN DEPA ● Regulatory Framework
USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 20 AgricultureHealth Lending
Meet, Rohan. He’s the owner of Fab Furniture (a physical shop for furniture rentals with an online presence) and is now looking to take the next step to purchase more stock and inventory. He's been running Fab Furniture for more than two years but given that he doesn't have any significant assets, it's highly unlikely for him to gain access to a collateral-free loan (with decent interest rates) using the prevailing lending and credit rating process. 2121
Introducing, Lendr* Rohan applies for a Loan on Lendr Rohan consents to sharing his data with Lendr via Consent Collector Rohan receives a personalised Loan Offer! 22 *Please Note: Lendr is a fictional application built to showcase consented data sharing using EDC.
Rohan (Owner of Fab Furniture) applies for a loan on the app (Lendr*) Lendr initialises the Consent Collector Consent Collector collects consent for ABC Bank, Digital Locker, FurnitureRentals.com, XYZ Telecom, and Credit Bureau Rohan eSigns the Consent Artefacts Lendr takes the consent artefact to the respective Data Producers Lendr makes a personalised loan offer to Rohan Lendr uses this data to asses the risk of lending to Rohan Data Producers validate the artefact and return the data to Lendr Rohan accepts the loan offer Paperless-Presenceless-Cashless Loans Repayment happens digitally 23 FLOW BASED LENDING *Please Note: Lendr is a fictional application built to showcase consented data sharing using EDC.
CONSENT FLOW & DATA FLOW 24 Consent Collector Data Producers Data Consumers Consent Flow Data Flow Consent Artefact Money Flow Lendr DP #1 DP #2 DP #3 DP #4 Data Access Notifications
USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 25 AgricultureLending Health
Lab Healthcare Providers Patient Lab Lab Reports Diagnostic Reports Lab Reports 26 TYPICAL HEALTH SCENARIO Lab
Place your screenshot here Place your screenshot here Place your screenshot here Patient books an appointment online and simultaneously consents to share medical reports with the doctor Doctor receives medical reports of the patient Using the Combiner, the Doctor views a combined record of all the patient’s medical reports 27 Introducing, Healthy* *Please Note: Healthy is a fictional application built to showcase consented data sharing using EDC.
Lab Hospital Patient Healthcare Providers Health Record Combiner Combined Master Records Electronic Consent Lab Combiner 28 UNLOCKING HEALTH RECORDS DATA
CONSENT FLOW & DATA FLOW Data Producers are also referred to as Data Producers in the EDC Technical Documentation 29 Consent Collector Data Producers Data Consumers Consent Flow Consent Artefact Healthy. Money Flow Data Flow Data Access Notifications
USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 30 Lending Health Agriculture
Meet Devi. She owns a 1.5 acre farm on the outskirts of Itarsi in rural MP. She primarily grows wheat and has never sold to anyone other than the local adatiya For her, manual farm labour is currently in short supply, and getting pricier every season. To counter this, she’s enlisted the services of a FaaS (Farm mechanization as a Service) company. As a result, she’s been told she can get crop insurance to cover her against situations like last year’s drought. 3131
EVERY FARM OPERATION GENERATES DATA Harvesting Land Preparation Sowing / Transplanting Post-harvest farm management Crop Management Farmer 32
• Farmer eKYC • Mobile No. • FPO/SHG affiliations Post-harvest •Yield history •Local prices Land Preparation •Farm Location •Farm Size •Ownership Sowing •Cropping pattern •Seed history Crop Management •Fertilizer/inputs history •Soil moisture •Soil composition •Crop disease data Harvesting •Fertilizer/inputs history •Soil moisture •Soil composition 33 EVERY FARM OPERATION GENERATES DATA
MULTIPLE PLAYERS CAN USE THIS DATA TO PROVIDE BETTER SERVICES TO FARMERS Government Banks / NBFCs Insurance Input manufacturers Downstream markets Other supply chain players 34
Consent Collector Data Producers Data ConsumerConsent Flow Data Flow Data Producers are also referred to as Data Providers in the EDC Technical Documentation Consent Artefact Money Flow CONSENT FLOW & DATA FLOW + + 35 Data Access Notifications
Skills Trust & Formalization Health Cannot work if data is in silos. Data with ML/AI will be used to reduce information asymmetry & provide benefits Lending Education 36 CONSENTED DATA SHARING IS KEY TO DATA DEMOCRACY
CONSENTED DATA SHARING INVERTS DATA Data is used to sell things to the user Data to be used to empower the user 37
38 Thank You!

Recommended

PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...
PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...
PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...ProductNation/iSPIRT
 
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...ProductNation/iSPIRT
 
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...ProductNation/iSPIRT
 
A Concept of Operations for UAS in India
A Concept of Operations for UAS in IndiaA Concept of Operations for UAS in India
A Concept of Operations for UAS in IndiaProductNation/iSPIRT
 
iSPIRT’s Official Response to the Draft Drone Rules 2021
iSPIRT’s Official Response to the Draft Drone Rules 2021iSPIRT’s Official Response to the Draft Drone Rules 2021
iSPIRT’s Official Response to the Draft Drone Rules 2021ProductNation/iSPIRT
 
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...ProductNation/iSPIRT
 
Full Spectrum Thinking by Bob Johansen
Full Spectrum Thinking by Bob JohansenFull Spectrum Thinking by Bob Johansen
Full Spectrum Thinking by Bob JohansenProductNation/iSPIRT
 
Open House on iSPIRT Balloon Volunteering
Open House on iSPIRT Balloon VolunteeringOpen House on iSPIRT Balloon Volunteering
Open House on iSPIRT Balloon VolunteeringProductNation/iSPIRT
 

Recommended

PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...
PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...
PM WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth ...ProductNation/iSPIRT
 
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...ProductNation/iSPIRT
 
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...
WANI 3.0: Unleashing Business Innovation and Open Wireless Network Growth for...ProductNation/iSPIRT
 
A Concept of Operations for UAS in India
A Concept of Operations for UAS in IndiaA Concept of Operations for UAS in India
A Concept of Operations for UAS in IndiaProductNation/iSPIRT
 
iSPIRT’s Official Response to the Draft Drone Rules 2021
iSPIRT’s Official Response to the Draft Drone Rules 2021iSPIRT’s Official Response to the Draft Drone Rules 2021
iSPIRT’s Official Response to the Draft Drone Rules 2021ProductNation/iSPIRT
 
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...
iSPIRT Balloon Volunteering Open House Session #4 - Opportunities in Technolo...ProductNation/iSPIRT
 
Full Spectrum Thinking by Bob Johansen
Full Spectrum Thinking by Bob JohansenFull Spectrum Thinking by Bob Johansen
Full Spectrum Thinking by Bob JohansenProductNation/iSPIRT
 
Open House on iSPIRT Balloon Volunteering
Open House on iSPIRT Balloon VolunteeringOpen House on iSPIRT Balloon Volunteering
Open House on iSPIRT Balloon VolunteeringProductNation/iSPIRT
 
Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5ProductNation/iSPIRT
 
Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019ProductNation/iSPIRT
 
Towards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare EcosystemTowards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare EcosystemProductNation/iSPIRT
 
Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)] Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)] ProductNation/iSPIRT
 
White paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in IndiaWhite paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in IndiaProductNation/iSPIRT
 
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68ProductNation/iSPIRT
 
Building For A Billion
Building For A BillionBuilding For A Billion
Building For A BillionProductNation/iSPIRT
 
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)ProductNation/iSPIRT
 
India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory ProductNation/iSPIRT
 
iSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for IndiaiSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for IndiaProductNation/iSPIRT
 
BBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology OverviewBBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology OverviewProductNation/iSPIRT
 
India's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod VarmaIndia's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod VarmaProductNation/iSPIRT
 
Volunteers Handbook Public-v5.1
Volunteers Handbook Public-v5.1Volunteers Handbook Public-v5.1
Volunteers Handbook Public-v5.1ProductNation/iSPIRT
 
iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017ProductNation/iSPIRT
 
Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT ProductNation/iSPIRT
 
India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017ProductNation/iSPIRT
 
Thinking Product Nation
Thinking Product NationThinking Product Nation
Thinking Product NationProductNation/iSPIRT
 
Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4ProductNation/iSPIRT
 
India SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industryIndia SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industryProductNation/iSPIRT
 
Psp playbook for indian product startups
Psp playbook for indian product startups Psp playbook for indian product startups
Psp playbook for indian product startups ProductNation/iSPIRT
 
ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxNIMMANAGANTI RAMAKRISHNA
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 

More Related Content

More from ProductNation/iSPIRT

Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5ProductNation/iSPIRT
 
Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019ProductNation/iSPIRT
 
Towards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare EcosystemTowards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare EcosystemProductNation/iSPIRT
 
Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)] Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)] ProductNation/iSPIRT
 
White paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in IndiaWhite paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in IndiaProductNation/iSPIRT
 
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68ProductNation/iSPIRT
 
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)ProductNation/iSPIRT
 
India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory ProductNation/iSPIRT
 
iSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for IndiaiSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for IndiaProductNation/iSPIRT
 
BBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology OverviewBBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology OverviewProductNation/iSPIRT
 
India's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod VarmaIndia's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod VarmaProductNation/iSPIRT
 
iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017ProductNation/iSPIRT
 
Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT ProductNation/iSPIRT
 
India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017ProductNation/iSPIRT
 
Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4ProductNation/iSPIRT
 
India SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industryIndia SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industryProductNation/iSPIRT
 
Psp playbook for indian product startups
Psp playbook for indian product startups Psp playbook for indian product startups
Psp playbook for indian product startups ProductNation/iSPIRT
 

More from ProductNation/iSPIRT (20)

Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5Health Information Flows Technical Standards - V 0.5
Health Information Flows Technical Standards - V 0.5
 
Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019Nandan Nilekani: Identity, Payments, Data empowerment 2019
Nandan Nilekani: Identity, Payments, Data empowerment 2019
 
Towards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare EcosystemTowards A Holistic Healthcare Ecosystem
Towards A Holistic Healthcare Ecosystem
 
Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)] Angel Tax Presentation To DIPP [Section 56(2)(viib)]
Angel Tax Presentation To DIPP [Section 56(2)(viib)]
 
White paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in IndiaWhite paper on the analysis of High share premium amongst Startups in India
White paper on the analysis of High share premium amongst Startups in India
 
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
[Angel Tax] White Paper On Section 56 (2)(viib) And Section 68
 
Building For A Billion
Building For A BillionBuilding For A Billion
Building For A Billion
 
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
iSPIRT's Response on Digital Information Security in Healthcare Act (DISHA)
 
India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory India SaaS Survey Results 2017 in partnership with DCS Advisory
India SaaS Survey Results 2017 in partnership with DCS Advisory
 
iSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for IndiaiSPIRT’s Response- White Paper on Data Protection Framework for India
iSPIRT’s Response- White Paper on Data Protection Framework for India
 
BBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology OverviewBBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
BBPS Workshop in partnership with NPCI | Product, Business & Technology Overview
 
India's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod VarmaIndia's Platforms Leapfrog by Dr Pramod Varma
India's Platforms Leapfrog by Dr Pramod Varma
 
Volunteers Handbook Public-v5.1
Volunteers Handbook Public-v5.1Volunteers Handbook Public-v5.1
Volunteers Handbook Public-v5.1
 
iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017iSPIRT Volunteer Handbook Public-v5 28Dec 2017
iSPIRT Volunteer Handbook Public-v5 28Dec 2017
 
Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT Introduction to Software Products Industry & iSPIRT
Introduction to Software Products Industry & iSPIRT
 
India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017India must embrace Data Democracy - Nandan Nilekani, 2017
India must embrace Data Democracy - Nandan Nilekani, 2017
 
Thinking Product Nation
Thinking Product NationThinking Product Nation
Thinking Product Nation
 
Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4Product Teardown for SaaS companies at #SaaSx4
Product Teardown for SaaS companies at #SaaSx4
 
India SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industryIndia SaaS Survey 2016 - Decoding our SaaS industry
India SaaS Survey 2016 - Decoding our SaaS industry
 
Psp playbook for indian product startups
Psp playbook for indian product startups Psp playbook for indian product startups
Psp playbook for indian product startups
 

Recently uploaded

ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxNIMMANAGANTI RAMAKRISHNA
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesLumiverse Solutions Pvt Ltd
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxAndrieCagasanAkio
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxMario
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxmibuzondetrabajo
 

Recently uploaded (9)

ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptx
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best Practices
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptx
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptx
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptx
 

Data Empowerment & Protection Architecture (DEPA)

  • 1. Data Empowerment & Protection Architecture (DEPA) August, 2017 1
  • 2. Since we don't trust anyone with it, put the users in control of their own data! Source : Calvin and Hobbes, Bill Watterson, 1995 2
  • 3. Freedom to share their data EMPOWER USERS THROUGH CONSENT 3
  • 4. TYPES OF CONSENT CONSENT TO COLLECT CONSENT TO SHARE 4
  • 5. CONSENT TO COLLECT Example: Personalised Dictionary based on Keyboard Data Consent To Collect Collected Permissions My Personal Dictionary (Based on my Keyboard Data) 5
  • 6. Non-Shareable Example: Aadhaar Biometrics Personal Data Example: KYC data, Marksheets, Driving License Generated Data Raw Location History, Bank Transaction History Derived (Intelligence) Personalized Keyboard Dictionary, Credit Score Public Dataset data.gov.in Anonymous Dataset Anonymized Loan Book, Anonymized Travel Data DATA CLASSIFICATION 6
  • 7. User Consent - Required * Required * Required * - - Downstream Sharing - Limited Restricted Barred Barred - Regulatory Drivers Regulated by Law Free sharing or Regulated Pricing Free sharing or Regulated Pricing Market Pricing Market Pricing Regulated by Law Tech Tools & Standards Biometrics Security eKYC, Digital Locker, Electronic Data Consent (EDC) Electronic Data Consent (EDC) Electronic Data Consent (EDC) Anonymization Standards Open Data Standards Non Shareable Personal Data Generated Data Public Dataset Derived (Intelligence) Anonymous Dataset *Complying with ORGANS Principles = Open, Revocable, Granular, Auditable, Notice, Secure 7 DATA CLASSIFICATION
  • 8. CONSENT TO SHARE Example: Consent based eKYC (by UIDAI) 1234 5678 9012 OTP Biometrics Access ONLY via authentication No more fake identities No more paper No Photocopies KYC Data Shared Electronically WITH CONSENT 8
  • 9. TECHNOLOGY TOOLS FOR CONSENTED DATA SHARING ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) 9
  • 10. DATA SHARING via DIGITAL LOCKER SYSTEM The Digital Locker System (DLS) by MeitY is a modern technology for secure, inter-mediated data sharing. “Federated” approach: Not a single provider but a network of providers that interoperate A secure “one-stop shop” for channeling all consented data sharing related to the user Digital Locker SystemData Producer Data Consumer USERS Issues Digitally Signed Documents Accesses Documents Online Consents Access 10
  • 11. Example: DIGILOCKER (by NeGD) List of DigiLocker Data Producers: ● Central Board of Secondary Education (CBSE) & Council For The Indian School Certificate Examinations (CISCE) Class 10 and Class 12 ○ Statement of Marks ○ Passing Certificate ○ Migration Certificate ● Unique Identification Authority of India (UIDAI) ○ Digital Aadhaar Card ● Ministry of Road Transport and Highways ○ Driving License ○ Vehicle Registration Certificate ● Ministry of Petroleum and Natural Gas (IOCL+BPCL+HPCL) ○ Digital LPG Subscription Voucher 11
  • 12. TECHNOLOGY TOOLS FOR CONSENTED DATA SHARING ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) 12
  • 13. Electronic Data Consent (EDC) ● Consistent with current legal frameworks and compliant with IT Act ● User-Centric: User controlled data sharing ● Auditable and Non-Repudiable ● Trust of data established through digitally signed documents Data Consumers (Banks,Credits Providers etc) Consent Collector Data Producers (Banks,Telco, Hospitals,etc) Consent Flow Digitally signed consent artefact 13
  • 14. TECHNICAL ARCHITECTURE OF DEPA Data Producers are also referred to as Data Producers in the EDC Technical Documentation DP #1 DP #2 DP #3 DP #4 Flow-Based Credit Skilling & Recruitment Content & Media Bots Consent Collector Data Producers Data Consumers Consent Flow Data Flow Data released based on consent Consent Artefact 14 Data Access Notifications
  • 15. MeitY Consent Artefact v1 Compliant with the ORGANS Principles: Open, Revocable, Granular, Auditable, Notice, Secure <consentcollector> CC </consentcollector> <dataconsumer> DC </dataconsumer> <dataproducer> DP </dataproducer> <user type=”UID”> 123412341ABC </user> <datatype type=”transactional”> <attribute-list> … </attribute-list> <duration> 6 months </duration> <datalife> 10 days </datalife> <frequency> YEARLY </frequency> <revocable> YES </revocable> <access> VIEW| STORE| QUERY </access> </datatype> <datatype type=”profile”> </datatype> <loggingInfo> … </loggingInfo> <purpose code=””> LOAN </purpose> <signature> #@%%#@$$##$@ </signature> Identifier Section Data Section Logging Section Signature Section Purpose of Data Access 15
  • 16. Data Consumers (Banks, Credits Providers, etc) Consent Collector Data Producers (Banks, Telco, Hospitals, etc) 1. Revocation Request 2. Revoke 3. OK Contains a “revocation URL” owned by Data Producer 4. Artefact Revoked The Consent Artefact specifies how to log both consent flows and data flows. This granular logging helps in auditing and monetisation. An Example Workflow for Revoking Consent 16 REVOCATION, AUDIT, NOTICE
  • 17. EDC facilitates Virtual Data Room Access: • Read Data Access • Query Data Access SECURE DATA ACCESS EDC facilitates Virtual Data Room Access: • View Data Access • Query Data Access <consentcollector> CC </consentcollector> <dataconsumer> DC </dataconsumer> <dataproducer> DP </dataproducer> <user type=”UID”> 123412341ABC </user> <datatype type=”transactional”> <attribute-list> … </attribute-list> <duration> 6 months </duration> <datalife> 10 days </datalife> <frequency> YEARLY </frequency> <revocable> YES </revocable> <access> VIEW | STORE | QUERY </access> </datatype> <datatype type=”profile”> </datatype> <loggingInfo> … </loggingInfo> <purpose code=””> LOAN </purpose> <signature> #@%%#@$$##$@ </signature> 17
  • 18. Credential Sharing Example: Users share passwords Physical Sharing Example: Users share Paper KYC data Low Low DEPA MEASURES BETTER ON SECURITY AND CONVENIENCE DEPA 18 Access Delegation Example: OAuth Security Risk User Effort High Medium High Low Medium Vendor Effort HighLowMedium Low Low 18
  • 19. 19 Combiner INCLUDED IN DEPA ● Digital Locker System (DLS) ● Electronic Data Consent (EDC) ● Combiner NOT INCLUDED IN DEPA ● Regulatory Framework
  • 20. USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 20 AgricultureHealth Lending
  • 21. Meet, Rohan. He’s the owner of Fab Furniture (a physical shop for furniture rentals with an online presence) and is now looking to take the next step to purchase more stock and inventory. He's been running Fab Furniture for more than two years but given that he doesn't have any significant assets, it's highly unlikely for him to gain access to a collateral-free loan (with decent interest rates) using the prevailing lending and credit rating process. 2121
  • 22. Introducing, Lendr* Rohan applies for a Loan on Lendr Rohan consents to sharing his data with Lendr via Consent Collector Rohan receives a personalised Loan Offer! 22 *Please Note: Lendr is a fictional application built to showcase consented data sharing using EDC.
  • 23. Rohan (Owner of Fab Furniture) applies for a loan on the app (Lendr*) Lendr initialises the Consent Collector Consent Collector collects consent for ABC Bank, Digital Locker, FurnitureRentals.com, XYZ Telecom, and Credit Bureau Rohan eSigns the Consent Artefacts Lendr takes the consent artefact to the respective Data Producers Lendr makes a personalised loan offer to Rohan Lendr uses this data to asses the risk of lending to Rohan Data Producers validate the artefact and return the data to Lendr Rohan accepts the loan offer Paperless-Presenceless-Cashless Loans Repayment happens digitally 23 FLOW BASED LENDING *Please Note: Lendr is a fictional application built to showcase consented data sharing using EDC.
  • 24. CONSENT FLOW & DATA FLOW 24 Consent Collector Data Producers Data Consumers Consent Flow Data Flow Consent Artefact Money Flow Lendr DP #1 DP #2 DP #3 DP #4 Data Access Notifications
  • 25. USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 25 AgricultureLending Health
  • 27. Place your screenshot here Place your screenshot here Place your screenshot here Patient books an appointment online and simultaneously consents to share medical reports with the doctor Doctor receives medical reports of the patient Using the Combiner, the Doctor views a combined record of all the patient’s medical reports 27 Introducing, Healthy* *Please Note: Healthy is a fictional application built to showcase consented data sharing using EDC.
  • 29. CONSENT FLOW & DATA FLOW Data Producers are also referred to as Data Producers in the EDC Technical Documentation 29 Consent Collector Data Producers Data Consumers Consent Flow Consent Artefact Healthy. Money Flow Data Flow Data Access Notifications
  • 30. USE-CASES FOR DATA EMPOWERMENT & PROTECTION ARCHITECTURE (DEPA) 30 Lending Health Agriculture
  • 31. Meet Devi. She owns a 1.5 acre farm on the outskirts of Itarsi in rural MP. She primarily grows wheat and has never sold to anyone other than the local adatiya For her, manual farm labour is currently in short supply, and getting pricier every season. To counter this, she’s enlisted the services of a FaaS (Farm mechanization as a Service) company. As a result, she’s been told she can get crop insurance to cover her against situations like last year’s drought. 3131
  • 32. EVERY FARM OPERATION GENERATES DATA Harvesting Land Preparation Sowing / Transplanting Post-harvest farm management Crop Management Farmer 32
  • 33. • Farmer eKYC • Mobile No. • FPO/SHG affiliations Post-harvest •Yield history •Local prices Land Preparation •Farm Location •Farm Size •Ownership Sowing •Cropping pattern •Seed history Crop Management •Fertilizer/inputs history •Soil moisture •Soil composition •Crop disease data Harvesting •Fertilizer/inputs history •Soil moisture •Soil composition 33 EVERY FARM OPERATION GENERATES DATA
  • 34. MULTIPLE PLAYERS CAN USE THIS DATA TO PROVIDE BETTER SERVICES TO FARMERS Government Banks / NBFCs Insurance Input manufacturers Downstream markets Other supply chain players 34
  • 35. Consent Collector Data Producers Data ConsumerConsent Flow Data Flow Data Producers are also referred to as Data Providers in the EDC Technical Documentation Consent Artefact Money Flow CONSENT FLOW & DATA FLOW + + 35 Data Access Notifications
  • 36. Skills Trust & Formalization Health Cannot work if data is in silos. Data with ML/AI will be used to reduce information asymmetry & provide benefits Lending Education 36 CONSENTED DATA SHARING IS KEY TO DATA DEMOCRACY
  • 37. CONSENTED DATA SHARING INVERTS DATA Data is used to sell things to the user Data to be used to empower the user 37