Recently, Ministry of Electronics and Information Technology released the recommendations of Kris Gopalkrishnan Committee (‘Committee’) constituted for the regulation and framework of Non-Personal Data (NPD) in July 2020. NPD can be distinguished from the personal data as a data which do not lead to the identification or identifiable traits of the person. The report submitted by the Committee expressed concerns over the existence of vast amount of data with the enterprises and business and the possible exploitation of such data in the digital market. The report noted that large business platforms possess large amount of data which may often act as an entry barrier for the competitors in the market. Therefore, the Committee in its report recommended creation of High Value Datasets (HVDs) through mandatory sharing of data to all the interested parties for the various purposes such as public services, innovation or economic benefits.

The Committee’s recommendation of creating mandatory data sharing framework and establishing community based rights over NPD came under severe criticisms due to the possible violation of IPR laws and intellectual property rights of business over such data. Therefore, the Committee submitted the revised report in December 2020 to discuss and address possible IPR issues and offering justifications for overlooking IPR issues in the proposed NPD framework. . The aim of this article is to discuss and analyze the possible issues of copyright and trade secret protection and providing critical insights into the Committee’s justification for overriding possible IPR rights and protection consequently flowing from the shortcomings in the Committee’s approach towards the NPD framework.

Proposed NPD Framework and the Copyright Protection

Under the Committee’s recommendation, non-personal data (raw/factual data) pertaining to community as well as raw private non-personal data has to be mandatorily shared. Only the very high value-added NPD of business is exempted from sharing and don’t have to be mandatorily sold. An interesting point to be noted here is that there is a hazy carveout for private NPD which provides that ‘algorithms/proprietary knowledge may not be considered for sharing. This means that only those private NPD involving narrower subset of algorithm/proprietary knowledge can be exempted from data sharing while the products or insights derived or obtained through the application of algorithm or proprietary knowledge are not necessarily exempted from sharing. Such an artificial distinctions and classifications have ignored the fundamentals of the nature of data and the IP laws that provides protection to it.

In its revised report, the Committee offers a two-fold justification for the possible dilution of intellectual property rights vested with such data. Firstly, the Committee states that the sharing of raw data or factual information cannot come under the ambit of copyright law. The Committee noted that Section 2(o) of Copyright Act 1957, provides copyright protection to original compilation of data/information which involves minimum level of creativity. Therefore, as per the revised report, the underlying raw data/information which involve mere investment of labor in aggregating and storing such data cannot afford the protection of copyright law. In essence, the Committee in its revised report provides that complete raw datasets may not be collected and the sharing of data is mandatory where data to be shared are relatively straightforward. In other words, the report appears to be using the above mentioned legal principle of Copyright law in order to justify the mandatory sharing of specifying subsets of raw data and is treating a subset within a dataset as raw data.

However. it is wrong to arrive at such conclusion. It is not necessarily true that a subset within the dataset is a raw data as a subset can also be the product of the original compilation of data but the revised report fails to acknowledge such a possibility. Many business platforms engage in collecting wide range of data and make decision regarding the use of data collected as well as form the subsets within subsets in which data is to be sorted. Thus, through such compilation and organization of data within subsets, business organizations try to gain competitive advantages over other competitors. The Committee’s approach towards the non-copyrightabality of subsets of raw data is also problematic as it overlooks the article 10(2) of the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) to which India is also signatory member. Article 10(2) of the TRIPS states that “copyright in the compilation of data shall be without prejudice to any copyright subsists in the data or material itself.” Therefore, Article 10(2) of TRIPS hints towards the separate proprietary rights over such underlying data.

In this regard, the Supreme Court’s judgment in EBC v D.B. Modak becomes significant as here the Supreme Court applied the ‘minimum level of creativity test’. Subsequently the Court held that copyright subsisted in works like dividing the case into paragraphs or indicating the concurrent and dissenting position of judges as all of such tasks involve some minimum level of creativity, knowledge and skill. By an application of this logic, copyright may subsist in creation and segregating the data into subsets that may simultaneously involve some minimum level of creativity. Hence, under the newly suggested NPD framework, the mandatory sharing of raw or aggregate data may infringe the provisions of Copyright Act as well as overlook the provisions of TRIPS.

Proposed NPD Framework vs. Trade Secrets &Eminent Domain

The revised report of the Committee clarified its position to state that businesses are not required to share the proprietary information or their trade secrets. However, the revised version appears to have misunderstood the nature of data and protection of IP that it may be subject to. For example, any information or data collected by business manufacturers of a specific IoT device other than unanonymized personally identifiable data, aggregated and compiled in automated logs can be treated as trade secret. Such data aggregated and compiled with the help of private goods, assets and process may often be considered as confidential if it is not subjected to independent discovery by others. However, the revised report submitted by the Committee failed to recognize this scenario and mandates the businesses to share such aggregated data with the data trustees who will create High Value Data Sets (HVD) for public access.

Further the Committee’s position that there is no underlying precedent that recognizes property rights over trade secret protection over data enforceable against third parties is fallacious. The Bombay High Court in Zee Telefilms Ltd v Sundial Communications Pvt Ltd recognized that duty of confidentiality extends to third parties even in the absence of privity of contract. Although there is no codified law recognizing trade secret as property however Supreme Court in M/s Entertainment Network v M/s Super Cassettee Industries has recognized right to IP like copyright to be covered under Article 19(1)(g) and Article 300A of the Constitution under the principles of property ownership.

The Committee in the revised version also argued for the State’s ability to exercise the eminent domain power over data.(Appendix 7, Revised Report) Eminent domain refers to the State’s sovereign power to appropriate private property for the purpose of public use. In order to constitutionally justify the data sharing, the Committee referred to directive principle mentioned under Article 39(b) of the Constitution which states that obligation of the State is to distribute material resource of the community in furtherance of the common good. The Committee further relied on State of Karnataka v Ranganth Reddy where the Apex Court interpreted ‘material resource of the community’ as everything of value or use in the material world. The Committee used this judgment to suggest that private data may also be included under private data. However, such an interpretation of Article 39(b) is currently pending in Supreme Court before a nine-judge bench in the case of Property Owner’s Association & Others v State of Maharahstra & Others. Therefore, it can be said that constitutionality of data sharing is not settled.

Way Ahead & Conclusion

Although the Committee’s efforts to deter monopolization of power in the digital market and promoting healthy competition in the digital market are commendable, but the benign intention to open NPD framework for public access suffers from several legal inconsistencies. In this regard, one may look at the Data Governance Act of European Union (EU), where the framework is based on the voluntary basis and it is not mandatory to share data even though data sharing is recommended for the public good. As per EU’s European Strategy for Data, data sharing can be mandatory only on account of market failure but the same shall be effected in way which does not infringe the interest of data holders. The proposed NPD framework may also include equity, contractual protections, prohibition of unfair contractual terms as well as revising the Indian Competition law to facilitate fair data access in the digital marketplace.

This article has been written by Ayush Negi. Ayush is a third year law student at National Law University, Delhi.