iSPIRT works to transform India into a hub for new generation software products, by addressing crucial government policy, creating market catalysts and grow the maturity of product entrepreneurs. Welcome to the Official Insights!
Author: ProductNation Network
ProductNation has been set up by a team of enthusiasts who have created a platform for entrepreneurs, employees and indeed, onlookers to share ideas, ask questions and gain knowledge about various dimensions of the software product business.
We’re thrilled to unveil OCEN 4.0, the latest advancement in our Open Credit Enablement Network protocol, revolutionizing cash flow-based MSME lending. 🌟
OCEN 4.0 represents a significant leap forward from our ongoing GeM SAHAY and GST SAHAY pilots. In this iteration, along with updated API specifications, we have also added the OCEN Registry, Product Network and rules, specialized participant roles and much more. All these features help us unlock cash-flow-based lending to match the scale, complexity and needs of Bharat. 🔑📈
Check out our introductory open house session on OCEN 4.0
🔍 More details? The API and documentation of OCEN 4.0 are publicly available at http://ocen.dev and will be updated with FAQs from the open house sessions.
🔮 What’s next? Yes, a lot is happening. We have more open house sessions coming out in the following weeks. We are also actively onboarding Wave 1 partners for OCEN 4.0.
❓Questions? Submit your questions here. 📩Contact? Reach the OCEN 4.0 team at [email protected]
Please note: The blog post is authored by our volunteers, Aravind R andSagar Parikh.
The passage of the Digital Personal Data Protection Bill 2023 (DPDP) by the Lok Sabha is significant in more ways than one. The Bill aims to enforce and promote lawful usage of digital personal data and stipulates how organisations and individuals should navigate privacy rights and handle personal data.
Creating effective mechanisms to enable data governance has become one of the top priorities for countries around the world. The challenge for policymakers is designing legal and regulatory frameworks that clearly lay down the rights of data principals and obligations for data fiduciaries.
The Digital Data Protection Bill is a much-needed step in this direction, taken after months of deliberations and discussions. Such normative frameworks are critical to secure regulatory certainty for enterprises. However, innovative technical measures are required to support their operationalisation.
In the past couple of years, India has made significant strides in adopting a techno-legal approach to data governance. Through this approach, India is building technical infrastructure for authorising access to datasets that embed privacy and security principles in its design.
Data also lies at the heart of AI innovations that can address significant global challenges. India’s unique techno-legal approach to data governance is applicable across the life cycle of machine learning systems. It complements the country’s ambition of supporting its growing AI start-up ecosystem while providing privacy guarantees.
As part of India Stack, the Data Empowerment and Protection Architecture (DEPA) launch in 2017 was India’s paradigm-defining moment for the inference cycle of the machine learning life cycle. It proposed the setting up of Consent Managers (CMs), also known as Account Aggregators in the financial sector.
This approach, also mentioned in the current iteration of the DPDP (Chapter 2, [Sections 7-9]), ensures individuals can exercise control over their data and can provide revocable, granular, auditable, and secure consent for every piece of data using standard Application Programming Interface (APIs). The secured consent artefact records an individual’s consent for the stated purpose. It allows users to transfer their data from those data businesses that hold it to those that have to use it to provide individuals certain services while ensuring purpose limitation. For instance, individuals can share their financial data residing within their banks with potential loan service providers to get the best loan package.
DEPA is India’s attempt at securing a consent-based data-sharing framework. It has facilitated the financial inclusion of millions of its citizens. Eight of India’s largest banks were early adopters of the framework starting in 2021. Currently, 415 entities, including CMs, Financial Information Providers, and Users, participate across various DEPA implementation stages.
However, the training cycle of an AI model demands substantially more data to make accurate predictions in the inference cycle. As such, there is a need for more of such robust technical solutions that disrupt data silos and connect data providers with model developers while providing privacy and security guarantees to individuals who are the real owners of their own data.
With DEPA 2.0, India is already experimenting with a solution inspired by confidential computing called the Confidential Computing Rooms, or CCRs. CCRs are hardware-protected secure computing environments where sensitive data can be accessed in an algorithmically controlled manner for model training.
These algorithms create an environment for data to be used while ensuring compliance with privacy and security guarantees for citizens are upheld and data does not exchange hands. Techniques like differential privacy introduce controlled noise or randomness into the training process to protect individuals’ privacy by making it harder to identify them or extract sensitive information.
To make CCR work, model certifications and e-contracts are essential elements. The model sent to CCR for training has to be certified to ensure it upholds privacy and security guidelines, and the e-contracts are required to facilitate authorized and auditable access to datasets. For example, loan providers can authorise access to a representative sample of the datasets residing with them to model developers via CCR for model training. This arrangement will be facilitated via e-contracts once the CCR verifies the validity of the model certification provided by the modeller.
India’s significant progress with technical measures that are aligned with domestic legal frameworks provides it with a head start in the AI innovation landscape. Countries all across the globe are struggling to find solutions to facilitate personal data sharing for model development that prioritises security and privacy. Multiple lawsuits have recently been filed against OpenAI across numerous jurisdictions for unlawfully using personal data to train their models.
India’s unique approach to data governance, where both technical and legal frameworks fit like a puzzle and balance the thin line of promoting AI innovation while providing privacy guarantees, is well-positioned to guide global approaches to data governance.
In a quiet and disciplined fashion, over the last six years, India has put the critical techno-legal pieces in place for becoming a significant AI player in the world alongside US and China. Like them, we have continental-scale data and the talent to shape our future. With the passage of the DPDP Bill, we are now one step closer to having modern regulatory tools for effective regulation of AI and regulation for AI.
iSPIRT turned 10 in February this year. We are about rewriting the script of the nation. The past year indicates that some of this has happened with India Stack. The idea of Digital Public Infrastructure, aka DPI, is now part of the national lexicon. It has also become India’s calling card for the world.
Back in 2015, India Stack was a response to possible digital colonization. This risk has been contained.
We have made progress. It is something to be proud of.
But this doesn’t make us a Product Nation.
India has potential. We can be a France instead of Spain, a Korea instead of Thailand. France and Korea have products that the world needs. Spain and Thailand are countries where people work for foreigners.
So, iSPIRT is only halfway there in its mission. We need to remain focused on this unfinished mission. Our next ten years will make India’s true potential come to life.
Can we make it happen? Yes!
We are doubling down. This year will see more public technology from iSPIRT than ever before.
We seek volunteers who can think outside the box and contribute their unique perspectives for this unprecedented journey. Volunteering is very different from a job. Hence, having the right mindset and approach is essential.
To volunteer for iSPIRT, kindly fill the form located at the bottom of the volunteer page available at this link. Join us as we build on our decade-long journey and welcome the next chapter of iSPIRT’s story.
We are thrilled to announce that Open Credit Enablement Network (OCEN) has been conferred with the prestigious Digidhan 2021-22 award for their Special contribution to the promotion of Digital Payments. The award ceremony was held recently in New Delhi, organized by the Ministry of IT and Electronics, and was handed over to Sagar Parikh, the OCEN lead at iSPIRT, by the Honourable Union Minister, Mr Ashwini Vaishnav.
The Digidhan Awards recognize and celebrate the outstanding contributions made by individuals and organizations towards promoting and adopting digital payments in India. This year, the award was presented to OCEN for their revolutionary work in creating a standardized digital credit infrastructure that enables lending institutions to access and disburse loans digitally.
OCEN‘s platform acts as a bridge between lenders, borrowers, and other credit infrastructure providers, enabling them to interact with each other in a secure, reliable, and efficient manner. With OCEN, borrowers can easily access credit from multiple lenders, while lenders can easily verify the borrower’s identity, creditworthiness, and other relevant details before disbursing the loan.
The platform’s open architecture and standard APIs make integrating with OCEN easy for other credit infrastructure providers, creating a robust credit ecosystem that benefits all stakeholders. Moreover, OCEN’s platform ensures that all transactions are secure, compliant with regulatory requirements, and protect user privacy.
Speaking at the event, Sagar Parikh said, “We are honoured to receive the Digidhan award for our contribution to the promotion of digital payments. At OCEN, we believe that access to credit is a fundamental right, and our platform is designed to ensure that every Indian can access credit securely and efficiently. We are grateful for this recognition and will continue to work towards our mission of financial inclusion for all.”
The Digidhan award is a testament to OCEN’s commitment to promoting financial inclusion and enabling digital transformation in India’s credit ecosystem. The platform’s standardized infrastructure and open architecture have the potential to revolutionize the lending landscape in India, making it easier for borrowers to access credit and for lenders to disburse loans.
To iSPIRT volunteers, those four words are a rallying cry. Words that make us intrepid souls smile with a quiet confidence and inspire an iron will to get the job done. The best among us turn those words into their life’s work by building systems that serve millions of Indians.
iSPIRT’s best work has been in building digital public goods for India. This work is inevitably anchored by a volunteer who selflessly serves the mission; with a relentlessness and belief that could wring water from stone. Today, we celebrate one such volunteer hero: Amit Ranjan.
He had just sold his startup SlideShare to LinkedIn and had set a high watermark for products built in India for the world. After a successful exit, unlike what many others in his position might have done, Amit took the less travelled path of working within the government. Contrary to what one might imagine, even in his new role, Amit crackled with an energy that promised to single-handedly drag government departments into the future; and his eyes would sparkle as he showed you a demo of what would eventually become one of the pillars of India Stack: DigiLocker.
India Stack was built to enable a presenceless, paperless, and cashless society. Aadhaar and UPI were instrumental in enabling presenceless and cashless transactions. DigiLocker is another piece of the puzzle. Amit rolled up his sleeves, joined MeitY, and architected a national federated data and document network for India’s ~1.5 billion citizens.
Today, DigiLocker functions as an interoperable public-private ecosystem for paperless service delivery by digitizing citizen records and enabling their digital usage. Documents and certificates issued by different government agencies such as Aadhaar, PAN Card, Driving License, and even school and college certificates are available today on DigiLocker. The system Amit helped build has led to increased transparency, reduced bureaucracy, and significant cost savings for both private and public sector organizations.
Nearly 15 crore Indians are already DigiLocker users today, using 5.6 billion documents issued by almost 2,500 issuing entities. The impact is felt even in the mundane daily activities like checking into an airport or showing your driver’s license using DigiLocker during a routine traffic stop. And the system is just getting started.
Those who have worked with Amit in the government (like Abhishek Singh IAS, President & CEO NeGD; MD & CEO Digital India Corporation (DIC); CEO Karmayogi Bharat; at Govt of India) sing his praises the same as us. To quote Mr Singh, “Amit Ranjan is a Hero. I believe that we need to celebrate the Heroes and the teams that go into building these Digital Public Goods”.
Creating impact like this on a national scale through sheer grit and commitment inspires every single iSPIRT volunteer. And that’s why we choose to recognize and celebrate Amit with iSPIRT’s highest commendation; To us, he truly is a “Volunteer Hero”!
By Sharad Sharma, Dr Renuka Garg, Shoaib Ahmed and Pankaj Jaju for Volunteer Fellow Council
iSPIRT is pursuing the Stay-in-India Checklist 2.0 with Department for Promotion of Industry and Internal Trade (DPIIT), Government of India, targeted to bring Ease of Doing Business for start-ups.
Our efforts gained momentum with DPIIT’s Regulatory Roundtables since August 2022. Reserve Bank of India has further eased the reporting of FDI on the FIRMS portal. The item was on the list of issues that were taken up with RBI through DPIIT.
The new announcement called “Foreign Investment in India – Rationalisation of Reporting” has been announced vide circular no. RBI/2022-23/160 A.P. (DIR Series) Circular No. 22 Dated January 04, 2023. Please visit the RBI site on linked here.
The announcement is expected to further ease the reporting of the foreign direct investment received.
Details of the Reform Measure
In its effort to tout India as an attractive investment destination, the Reserve Bank of India (RBI) has released the RBI/2022-23/160 A.P. (DIR Series) Circular No. 22 on 4 January 2023, which brings about certain reforms in the reporting process in the Single Master Form (SMF) on the FIRMS portal. The SMF is a form which integrates the reporting structure of various types of foreign investment in India. It has implemented the following changes with respect to reporting in the SMF on the FIRMS portal:
The forms submitted on the portal will now be auto-acknowledged with a time stamp and an auto-generated email will be sent to the applicant. The AD banks will have to verify the same within 5 (five) working days based on the documents uploaded.
The system would automatically identify a delay in reporting if any.
For forms filed with a delay of less than or equal to 3 (three) years, the AD bank will approve the same, subject to the payment of LSF.
The LSF will be computed by the system, and an e-mail will be sent to the applicant and the concerned Regional Office (RO) of the RBI, specifying the amount and the timeline within which the LSF is to be paid to the concerned RO.
Once the LSF amount is realised, the concerned RO will update the status in the FIRMS portal, and the updated status will be communicated to the applicant through a system-generated e-mail, which can also be viewed in the FIRMS portal.
The AD bank will approve the forms filed with a delay greater than three years, subject to the compounding of the contravention. The applicant may thereafter approach the RBI with their application for compounding.
The remarks of the AD Bank for rejection of forms, if any, will be communicated to the applicant through a system-generated e-mail and the same can also be viewed in the FIRMS portal.
The resulting effects of the RBI circular
1. Auto acknowledgement of SMF
While the rationalisation of the reporting process is a welcome move, and the auto acknowledgement of forms will bring comfort to the applicants after filing the form, we are receiving mixed reactions from stakeholders with regard to the verification of the forms submitted by the applicants within the 5 (five) working day window. Given that there are no overarching guidelines on the format of documents required for filing Form FC-GPR and Form FC-TRS, and the format differs from bank to bank, it may be helpful if banks were to consider offering pre-vetting services in relation to reporting for cross-border transactions.
The likely result of an AD bank not approving the form within 5 days will be auto-approval of the form.
The circular is silent on what happens in the event an authorised dealer (Bank) isn’t satisfied with the details. It seems, in such an event, what could have been approved with a few follow-up queries will have to be rejected within the 5-day window, if the queries remain unanswered.
Separately, we also believe that a 5-day window is very short given the complexity that can arise with some filings. Banks and their regulatory teams also usually work only till 5:00 PM (and cannot, in any case, be expected to work 24×7), so if a form is submitted close to or after 5:00 PM, an applicant may already have lost close to a day.
2. Online calculation of late submission fee.
Auto-identification of a delay in reporting and calculation of the late submission fee (LSF) by the system will likely be greatly appreciated by stakeholders. Prior to this reform, if an applicant received an email from the RBI regarding the LSF, the applicant would have to draw a demand draft in favour of the RBI, which would have to be acknowledged by the RBI through email. While the process was efficient and hasn’t changed post the amendment, there have been multiple instances of applicants not having a record of the acknowledgement with them after a few years, either due to: (a) IT policies of the organisation which delete older emails; or (b) due to a change in employees. Now that the concerned RO of the RBI will update the status on the FIRM’s portal (along with the standard email process), the amount will be reconciled and the LSF can be viewed on the portal.
Disclaimer: This blog post is co-written by Tanuvi Thakur of iSPIRT and Sanjay Khan of Khaitan & Co and is meant to inform about a new announcement by the regulator. It should not be considered as advice.
PM-WANI has allowed sachetised access to WiFi connectivity. However, the true vision of WANI standard, where small business owners can participate as network service providers resulting in fast network growth, has not been realised. We propose the next version of the WANI standard where a more open ecosystem can be enabled to facilitate business interactions such as delegated payments and roaming, which in turn can catalyse increased user base, rapid network growth, and business innovations.
The PM-WANI framework is revised periodically, taking into account the new developments, security updates, etc. Version 1.0 was released in 2020 and this was used for the pilot deployments. The updated 2.0 specification was released in 2021 and is the current version in use. You could read more about these versions here. This whitepaper defines iSPIRT’s vision for the PM-WANI Version 3.0 specification
The blog post and proposal are authored by Saurabh Chakrabarti, Nilesh Gupta, Vishal Sevani, Sharad Sharma, and Himanshu Tyagi on behalf of iSPIRT Foundation. Nilesh Gupta and Himanshu Tyagi are faculty members at the Indian Institute of Management Nagpur and Indian Institute of Science, respectively, and they also represent their views as researchers on the topic.
The authors would like to thank Centre For Development Of Telematics (CDoT) for their detailed discussions and conversations about the workings of PM-WANI. Would also like to thank Bhuvnesh Sachdeva, Shubhendu Sharma, and Satyam Darmora for their insightful comments about the WANI ecosystem.
“The best way to find yourself is to lose yourself in the service of others” ~ Mahatma Gandhi
This is one of the core values that we cherish at iSPIRT.
We started an open process of bringing in Balloon Volunteers by kicking off our First Volunteer Open House session in September 2020. We did this with slight trepidation, unsure about what to expect. Till then, almost all our Balloon Volunteers had come in through referrals by existing volunteers. However, nearly two years in, we are happy that we opened up the process. Five of the many Balloon Volunteers who came in through this open process have become regular volunteers.
The expertise, dedication, and willingness to share knowledge of these five volunteers have humbled us. Romita has built protocols for dispute resolution. Vineet is building the reference model for OCEN underwriting. Siddarth is applying future-back thinking to Drones. Palak and Harsha are designing an open, modular, and interoperable system for digital consultation for Bharat.
They have become part of this mission to build public goods for Bharat and, in so doing, create a Product Nation. If you want to be part of this movement, check out some of the areas you can contribute to on this page: volunteers.ispirt.in
At iSPIRT, we are about nation-building. So what kind of nation are we talking about here? And does it matter? Well, you do need to watch the video to get those answers.
What sets this Volunteer Open House session apart is that it includes four volunteer stories. Almost every volunteer who comes in leaves a mark. Get a sense of how that happens in this session.
Previous Open House sessions have pointed to specific volunteer challenges. The focus here is to explain playground building in more detail. Often, playground building is an impetus for volunteers to do something they have never done before. This is a different perspective on volunteering.
If you want to be an ISPIRT volunteer, check out the video and fill the form on our volunteer page: volunteers.ispirt.in
Eight of India’s major banks (State Bank of India, ICICI Bank, Axis Bank, IDFC First Bank, Kotak Mahindra Bank, HDFC Bank, IndusInd Bank, and Federal Bank) have joined the Account Aggregator network. Together, these banks cover nearly 40 percent of India’s banking customers. This move ushers in India’s open banking moment and empowers millions of customers with the ability to digitally access and share their financial data across institutions in a secure and efficient manner. AA reduces the need for individuals to wait in long bank branch queues, use complicated internet banking portals, share their passwords, or seek out physical notarisation to access and share their financial documents securely. Just as UPI, NEFT, or IMPS are key financial utilities for secure flow of money, Account Aggregator is an urgent and powerful financial utility for the flow of data controlled by the individual. AA is one of the most sophisticated open banking infrastructures in the world, and has attracted interest from other countries who are interested in implementing similar infrastructures, including the EU, the UK, Japan, and Australia.
AA creates secure, digital access to personal data at a time when COVID 19 has imposed restrictions on physical interactions for services. It also reduces the fraud associated with physical data tampering by introducing secure digital signatures and end to end encryption for data sharing. These capabilities in turn open up many possibilities. For instance, whereas physical collateral is usually required for an MSME loan, with secure data sharing via AA ‘information collateral’ – or data on future MSME income – can be used to access a small formal loan. The industry will see much needed innovation as improved access to data helps meet critical financial needs like small-ticket MSME working capital loans, affordable micro-insurance products, better savings and money management, and others. HDFC Bank and Axis Bank have been using AA for auto loans, LendingKart has been using AA for MSME loans, while IndusInd Bank has been using it for Personal Finance Management. Secure access to financial data via open banking infrastructure was estimated by a McKinsey report to create up to 5% of GDP in value for India by 2030.
Four banks are already live with data accessible for consumers via Account Aggregators, and the rest will shortly go live. Many more banks are expected to join the AA ecosystem in the coming months to allow all customers, regardless of bank, to access their data. Four NBFC-AAs have received operational licenses (Finvu, OneMoney, CAMS Finserv, NESL), three more have received in-principle approval (PhonePe, Perfios, Yodlee), and many more are in different stages of application. Consumers using the AA financial utility will benefit not only from ease of access to data but also from greater choice of products, better pricing, and increased financial inclusion. With the Personal Data Protection Bill likely to become law soon, the AA framework will become essential for regulatory compliance and access to consented data flows.
The AA journey started six years ago in July 2015 when the Financial Sector Development Committee (FSDC) — chaired by the Finance Minister and comprising the key financial sector regulators RBI, SEBI, PFRDA, and IRDAI — came together in a visionary call for a unified, consented, data sharing abilityfor consumers across banking, securities, pensions, and insurance.
The innovative AA network includes Banks, NBFCs, RIAs, and other regulated entities as Financial Information Users and Providers with Account Aggregators as individual-facing consent managers.
=======================================
Quotes from ecosystem members
Shri M Rajeshwar Rao, Deputy Governor, Reserve Bank of India
“India is a world leader in building Public Digital Infrastructure, and the Account Aggregator framework follows that tradition. AAs enable secure, consented data flows while protecting user privacy. In conjunction with other platforms like the Unified Payment Interface, Account Aggregator creates in India the most cutting edge digital financial infrastructure in the world. It is encouraging to observe that more entities are seeing value in this initiative for furthering financial inclusion and cultivating innovation in financial services.”
Shri Anjani Rathor, Chief Digital Officer, HDFC Bank
“As India goes digital, data becomes a significant driver of growth. And, data belongs to the citizens. Enterprises are merely custodians of data. It is only right that we build this digital infrastructure of ‘account aggregators’ through which citizens can safely share data.
With AA, enterprises can both contribute and leverage data to create amazing experiences for their customers. This will lay a strong foundation for a data-driven society in India and HDFC Bank is proud to be a part of this journey.”
Senior policymakers met to discuss data empowerment approaches that ensure privacy and encourage innovation
The digitalization of economies, particularly in critical sectors such as health, mobility, energy, and finance, has seen significant generation of data. The ubiquity of data should lead to greater user-centric innovation, while preserving the trust that users have in an open, secure, and safe internet. This is among the foremost goals of policymakers and regulators today.
Governments have adopted or are in the process of introducing legislation to provide a foundation for robust data governance. Their policy goals can be complemented and advanced with the help of common, open, and interoperable protocols that increase the choice of digital services available to a user and enhance user privacy. By implementing technical protocols that reflect privacy principles, a ‘techno-legal’ approach to data governance brings transparency and accountability to the way in which data is shared, thus empowering the user.
The global and seamless nature of the internet, and growing interdependence among digital economies calls for cooperation among like-minded partners on data empowerment. As part of a consultative process, a collective of senior policymakers met virtually for the first time on August 31, 2021.
Key participants at the meeting included:
Ms. Margrethe Vestager, Executive Vice President for A Europe Fit for the Digital Age and Competition, European Commission
Mr. Nikolai Astrup, Minister for Local Government and Modernisation, Norway
Dr. Agustin Carstens, General Manager, Bank for International Settlements, Switzerland
Dr. Rajiv Kumar, Vice-Chairman, NITI Aayog, India
Senior officials from Rwanda, Japan, France, and Australia also participated and made brief remarks in the meeting.
Participants at the meeting affirmed the importance of reinforcing the twin policy goals of privacy and data-driven innovation through open, interoperable technical protocols. They also underscored the need to reach out to more like-minded countries, and promote an inclusive and sustained dialogue on data empowerment.
iSPIRT Foundation welcomes you to the virtual launch of the industry-wide Account Aggregator (AA) ecosystem on September 2, 2021.
This event announces the major financial institutions that have gone live, and demonstrates the powerful use cases of AA. It will be a major milestone for the AA framework for consented data access and sharing in the financial sector.
Time (IST)
Session
Speaker(s)
4:00-4:10 PM
A Regulatory Framework for Account Aggregators and the Path Ahead
Shri M Rajeshwar Rao, Deputy Governor, Reserve Bank of India
4:10-4:30 PM
The Account Aggregator Leapfrog is Here!
– Presentation by Shri Nandan Nilekani, Chairman, RBI Committee on Deepening Digital Payments (2019) and Volunteer, iSPIRT – Workflow demonstration by Shri Siddharth Shetty
4:30-4:35 PM
The Early Builders on AA
Hear from a cross-section of ‘early mover’ CEOs and leaders of major Banks/NBFCs, Account Aggregators, and Technology Service Providers
4:35-4:45 PM
A Global Perspective on India’s Account Aggregator Model
Shri Siddharth Tiwari, Chief Representative for Asia and the Pacific, Bank for International Settlements
4:50-5:35 PM
Fintech Roundtable: Innovating on AA for Improved Financial Services
Panel discussion moderated by Shri Rajesh Bansal, CEO RBI Innovation Hub.
Fireside Chat on the Future of Cross-Sectoral Data Sharing
Moderator: Shri Amitabh Kant, CEO, NITI Aayog; Panellists: Dr RS Sharma (Chairman, National Health Authority); Shri Ajay Seth, Secretary, Department of Economic Affairs and Member, Financial Stability and Development Council (FSDC)
5:55-6:00 PM
Designing User Control over Data for India
Hear from current and future Account Aggregators on innovating for control over our personal data
This is our response to the Draft Drone Rules 2021 published by the Ministry of Civil Aviation on 14 July 2021.
Introduction
The potential commercial benefits that unmanned aviation can bring to an economy has been well established in several countries. A primary and immediate use-case for drones is in Geospatial data acquisition for various applications such as infrastructure planning, disaster management, resource mapping etc. In fact, as argued in the recently announced guidelines for Geospatial data, the availability of data and modern mapping technologies to Indian companies is crucial for achieving India’s policy aim of Atmanirbhar Bharat and the vision for a five trillion-dollar economy.
The current situation in India, however, is that the drone ecosystem is at a point of crisis where civilian operations are possible in theory, but extremely difficult in practice. Because the regulations in place are not possible to comply with, they have led to the creation of a black market. Illegally imported drones are not only significantly faster, cheaper and easier to fly but also far more easily acquired than attempting to go through the red tape of the previous regulations to acquire approved drones. Thus, rather than creating a system that incentivises legal use of drones, albeit imported, we’ve created a system that makes it near impossible for law-abiding citizens to follow the law of the land and discourages them from participating in the formal system. This not only compromises on the economic freedom of individuals and businesses but it also poses a great national security risk as evidenced in the recent spate of drone attacks. If we do not co-opt the good actors at the earliest, we are leaving our airspaces even more vulnerable to bad actors. This will also result in a failure to develop a world-class indigenous drone & counter-drone industry, thus not achieving our goals of an Atmanirbhar Bharat.
The Draft Drone Rules (henceforth the draft) have addressed some of these problems by radically simplifying and liberalising the administrative process but haven’t liberalised the flight operations. Unfortunately, closing only some of the gaps will not change the outcome. The draft rules leave open the same gaps that cause the black market to be preferred over the legal route.
With the three tenets of Ease-of-Business, Safety and Security in mind, it is our view that while the intention behind the draft rules is laudable, we feel that the following areas must be addressed to enable easy & safe drone operations in India:
Remove Requirement of Certificate of Airworthiness: The draft mandates airworthiness certification for drones whereas, no appropriate standards have been developed, thus, making the mandate effectively impossible to comply with.
Lack of Airspace segregation, zoning and altitude restrictions: The draft doesn’t mention any progressive action for permitting drone operations in controlled airspaces.
Business confidentiality must be preserved: The prescribed rules for access to data is not in consonance with the Supreme Court Right to Privacy Judgement
Lack of transparent Import Policy: This results in severe restrictions on the import of critical components thus disincentivizing indigenous development of drones in India
Insurance & Training must be market-driven and not mandated: We must let market forces drive the setting up of specialised training schools & insurance products & once mature they may be mandated & accredited. This will result in the creation of higher quality services & a safer ecosystem.
Fostering innovation and becoming Atmanirbhar: A. Encouraging R&D: by earmarking airspace for testing for future drones B. Encouraging the domestic drone manufacturing industry: through a system of incentives and disincentivizing imports should be inherent in the Drone Rules. C. Recognition of Hobby flying: Hobbyists are a vital part of the innovation ecosystem; however, they are not adequately recognised and legitimized
Encouraging A Just Culture: Effective root cause analysis would encourage a safety-oriented approach to drone operations. Penal actions should be the last resort and dispute resolution should be the focus.
Enabling Increased Safety & Security: NPNT and altitude restrictions would enhance safety and security manifold.
No Clear Institutional Architecture: Like GSTN, NPCI, NHA, ISRO, and others a special purpose vehicle must be created to anchor the long-term success of Digital Sky in India based on an established concept of operations
Lack of a Concept of Operations: Although drone categories have been defined, they have not been used adequately for incremental permissions, as in other countries; rather the draft appears to prefer a blank slate approach. The failure to adopt an incremental approach can arguably be considered as one of the root causes of the drone policy failures till date in India as regulations are being framed for too many varied considerations without adequate experience in any.
1. Airworthiness
In the long term, it is strategically crucial to India’s national interest to develop, own and promulgate standards, to serve as a vehicle for technology transfer and export. The mandatory requirement for certification of drone categories micro and up is the key to understanding why the draft does not really liberalise the drone industry. It would not be too out of place to state that the draft only creates the facade of liberalising drone operations – it is actually as much of a non-starter as the previous versions of regulations.
The standards for issuance of airworthiness certificates have not been specified yet the requirement has been stipulated as mandatory for all operations above nano category in the draft (pts 4-6). However, most of the current commercial operations are likely to happen in the micro and small categories. And for these categories, no standards have been specified by either EASA or FAA. EASA’s approach has been to let the manufacturer certify the drone-based on minimum equipment requirements. On the other hand, It is only fairly recently that the FAA has specified airworthiness criteria for BVLOS operations for a particular drone type of 40kg, and which it expanded to 10 drone types in November. Building standards is an onerous activity that necessitates a sizable number of drones having been tested and criteria derived therefrom. The only other recourse would be adopting standards published elsewhere, and as of date these are either absent (not being mandated in other countries) or actively being developed (cases noted earlier). Given the lack of international precedent, the stipulation for certificate of airworthiness in the draft needs to be eliminated, at least for micro and small category drones.
2. Airspace
One of the major concerns since the early days of policy formulation in India has been the definition of airspace and its control zones. All regulations till date, including the draft, require prior air traffic control approvals for drone operations in controlled zones. However, given that controlled airspace in India starts from the ground level for the controlled zones upto 30 nm around most airports (unlike many other countries where it starts at higher levels), it effectively means no drone operations are possible in the urban centres in the vicinity of airports in India. While the Green/Yellow/Red classification system is a starting point for Very Low-Level airspace classification, the draft does not move to enable the essential segregated airspace for drone operations up to an altitude limit of 500ft above ground level.
3. Business Confidentiality
In the domain of Privacy Law, India has taken significant strides to ensure protection of individual and commercial rights over data. The draft (pt 23.) in its current form seems to be out of alignment with this, allowing government and administrations access to potentially private and commercially sensitive information with carte blanche. The models of privacy adopted in other countries in unmanned aviation are often techno-legal in nature. It is recommended that DigitalSky/UTM-SP network data access be technically restricted to certain Stakeholder-Intent mappings: executing searches for Law Enforcement, audit for the DGCA, aviation safety investigations and for Air Traffic Control/ Management. This would need due elaboration in the detailed UTM policy complemented with a legal framework to penalise illegitimate data access.
4. Insurance
One constant hindrance to compliance is the requirement of liability transfer. While the principle of mitigating pilot and operator liability in this fashion is sound, the ground reality is that as of date, very few insurance products are available at reasonable prices. The reason behind it is that insurance companies have not been able to assess the risks of this nascent industry. Assuming the regulation is notified in its current form (pt 28), arguably affording a clean start at scaling up drone operations, we will continue in this vicious dependency loop in the absence of incentives to either end. Again, market forces will drive the development of this industry with customers driving the need for drone operators to obtain insurance for the respective operations. Therefore it is recommended that initially, insurance should not be mandated for any category or type of drone operations, and instead be driven by market or commercial necessity. Over a period of time, insurance may be mandated within the ecosystem.
Similar feedback has been shared by Insurers: “Though the regulator (aviation regulator) has made mandatory the third party insurance, the compensation to be on the lines of the Motor Vehicles Act is somewhat not in line with international practices,” the working group set up by Insurance Regulatory and Development Authority of India (IRDAI) said.”
5. Training
Currently, there’s a requirement of training with an authorized remote pilot training organization (RPTO) (pt 25), applicable for micro-commercial purposes and above (pt 24). While the intent is right, it should not be mandated at the initial stage. The reality is that there are very few RPTO’s that offer training and the cost of such training is often higher than the cost of the drones themselves, while quality is inconsistent. While the current draft rules try to address this problem, they do this with the assumption that liberalizing the requirements for establishing RPTO’s will solve this problem. While this incentivizes more RPTO’s to be established, it still does not incentivize quality and leaves in place the same bureaucratic process for registration. This has been the experience of the ecosystem so far. While it is certainly reasonable to expect that remote pilots should receive training, the goal of better informed and equipped pilotry is better achieved, at this time, if left to manufacturers and market participants to drive it.
There are currently two types of training – Type training and Airspace training. Type training can be driven by manufacturers in the early days, as is the current practice, and Airspace training can be achieved through an online quiz, based on a Concept of Operations. It is our view that customers of drones will have a natural incentive to seek training for their pilots, thereby creating the market need for better quality training schools. Furthermore, as manufacturers establish higher levels of standardization and commoditization, they will partner with training schools directly to ensure consistent quality. In the upcoming years, as the drone ecosystem grows more mature, it will become reasonable to revisit the need for mandating pilot training at approved training schools, and DGCA may create a program that accredits the various RPTOs.
6. Fostering innovation and becoming Atmanirbhar
6A. R&D
To encourage institutional research and development further, we recommend authorised R&D zones be designated, particularly where low population and large areas (like deserts, etc) are available, some key areas of experimentation being long range and logistics operations which might require exemptions from certain compliance requirements.
6B. Import policy
Rather than simply delegating the entire import policy to DGFT (pt 8), there needs to be a clear statement of the import guidelines in the rules based on the following principles in the current draft:
No barriers for the importation of components and intermediary goods for local assembly, value addition and R&D activities
Disincentivising import of finished drone products, both pre-assembled and Completely Knocked Down. Possible avenues could be imposition of special import duty as part of well-considered policy of “infant industry protection”, a policy used successfully in the recent past in South Korea and is considered a part of the policy of Atmanirbhar Bharat by the Principal Economic Advisor to the PM, Sanjeev Sanyal.
Incentivising investments in the indigenous manufacturing industry by aligning public drone procurement with the Defence Acquisition Procedure (2020) and supplemented by targeted government programs such as PLI schemes and local component requirements, which will help realise the PM’s vision of ‘Make in India’ and “Atmanirbhar Bharat’.
In the long term, developing incentives for assemblers to embed themselves into global value chains and start moving up the value chain by transitioning to local manufacturing and higher value addition in India, to be in line with the PM’s vision of Atmanirbhar Bharat. Some suggestions here would be prioritisation for locally manufactured drones for government contracts, shorter registration validity for non-locally manufactured drones etc.
6C. Hobby Fliers
While research and development within the confines of institutions is often encumbered by processes and resource availability, hobby and model flying has enjoyed a long history in manned aviation as a key type of activity where a large amount of innovation happens. Hobby clubs such as The Homebrew Computer Club, of which Steve Jobs and Wozniak were members, and NavLab at Carnegie Mellon University are instances out of which successful industries have taken off. Far from enabling hobby or recreational fliers, they are not even addressed in the draft, which would only limit indigenous technology development. Legally speaking, it would be bad in law to ban hobby flying activities considering hobby fliers enjoy privilege under the grandfathering rights. A solution could lie in recognising hobbyists & establishing hobby flying green zones which may be located particularly where low population and large areas are available. Alternatively, institution-based hobby flying clubs could be authorised with the mandate to regulate the drone use of members while ensuring compliance with national regulations. The responsibility of ensuring safe flying would rest with these registered hobby clubs as is the case in Europe and USA.
7. Encouraging A Just Culture
Implementation is the key to the success of any policy. One of the key factors in encouraging voluntary compliance is an effective means of rewarding the compliant actors while suitably penalising any intentional or harmful violations. Therefore, arguably, an important step could be to build such rewards and punishments. In the context of aviation safety and security, the key lies in effective investigation of any violation while fostering a non-punitive culture. Effective investigations enable suitable corrective actions whilst minimal penal actions encourage voluntary reporting of infringements and potential safety concerns. ICAO encourages a just and non-punitive culture to enhance safety. Penal actions, if considered essential, should be initiated only after due opportunity and should have no criminal penalties except for deliberate acts of violence or acts harming India’s national security. However, considering the fallout from any unintentional accident as well, there should be adequate means for dispute resolution including adjudication.
8. Enabling Increased Safety & Security
The draft while taking a blank slate approach clearly aims to reduce hurdles in getting drones flying. However, we argue that lack of clarity on several issues or not recognising certain ground realities actually reduces the chance of achieving this. We list the details of these issues in the subsections below.
Points 13-14 acknowledge the existence of non-NPNT (No Permission No Takeoff) compliant drones and makes airworthiness the sole criteria for legally flying, provided such drone models are certified by QCI and are imported before the end of this year and registered with DigitalSky. This is a great step forward, however, keeping in mind the win-for-security that NPNT provides through trusted permissioning and logs, it is recommended that NPNT be phased back in with an adoption period of 6 months from the date of notification.
To bring back a semblance of safety to the thought process and keeping in mind that manned aviation would be operating above 500 ft except for takeoff, landing and emergencies, it would be pragmatic to enforce altitude fencing in addition to two-dimensional fencing going forward. Permissive regulation has the effect of encouraging good and bad actors alike, and this measure ensures the correct footing for the looming problem of interaction between manned and unmanned traffic management systems, where risk of mid-air collisions may be brought back within acceptable limits.
9. Institutional Architecture
The draft indicates that institutions such as QCI and Drone Promotion Council (DPC), along with the Central Government, would be authorised to specify various standards and requirements. However, no details have been specified on the means for notification of such standards as in the case of the Director-General (Civil Aviation) having the powers to specify standards in the case of manned aircraft. Such enabling provisions are essential to be factored in the policy so as to minimise constraints in the operationalisation of regulations e.g. as was observed in the initial operationalisation of CAR Section 3 Series X Part I which did not have a suitable enabling provision in the Aircraft Rules.
Further, effective implementation demands that responsibility for implementation be accompanied by the authority to lay down regulations which is sadly missed out in the draft. In the instant draft, the authority to lay down standards rests with QCI/ DPC but the responsibility for implementation rests with DGCA which creates a very likely situation wherein the DGCA may not find adequate motivation or clarity for the implementation of policy/ rules stipulated by QCI/ DPC.
It is not clear that setting up a DPC would advance policy-making and be able to effect the changes needed in the coming years to accelerate unmanned aviation without compromising safety and security. We argue that for effective policy and making a thriving drone ecosystem, Digital Sky is a unique and vital piece of digital infrastructure that needs to be developed and nurtured. In the domain of tech-driven industries, the track record of Special Purpose Vehicles (SPV) is encouraging in India, the NSDL, NPCI and GSTN being shining examples.
The field of unmanned aviation has its own technical barriers to policy making. Its fast-evolving nature makes it extremely difficult for regulators who might not have enough domain knowledge to balance the risks and benefits to a pro-startup economy such as that of India. With the context formed through the course of this paper, it is our view that an SPV with a charter that would encompass development of a concept of operations, future standards, policy, promotion and industry feedback, would be the best step forward. A key example of success to model on would be that of ISRO, which is overseen by the Prime Minister. This would remove inter-ministerial dependencies by overburdening the existing entrenched institutions.
10. Lack of a Concept of Operations
The difference in thought processes behind this draft and the rules notified on 12th March 2021 is significant and is indicative of the large gap between security-first and an efficiency-first mindsets; keeping in mind that mature policymaking would balance the three tenets. It also points to the lack of a common picture of how a drone ecosystem could realistically evolve in terms of technology capability and market capacity while keeping balance with safety and security. The evolving nature of unmanned aviation requires an incremental risk-based roadmap; the varied interests of its many stakeholders makes reaching consensus on key issues a multi-year effort. To this end, taking inspiration from various sources and focusing on the harsh realities peculiar to India, we are in the process of drafting a Concept of Operations for India.
Concluding remarks
With the goal of raising a vibrant Indian drone ecosystem, we recommend the following actionable steps be taken by policy makers:
Immediate Term – Enabling The Ecosystem
Changes to the draft
Airworthiness Compliance requirements for all drone categories be removed till such standards are published
Hobby flying and R&D Green zones be designated in low risk areas
Guiding principles for Import policy formulation be laid out to incentivise import drone parts and de-incentivise drone models
A privacy model be applied to DigitalSky ecosystem data access that technically restricts abuse while laying a foundation for a legal framework for penalties
Insurance be not mandated for any drone categories
The provision for setting up the Drone Promotion Council be subsumed by a SPV as discussed below
Next six months – Setting the ecosystem up for long-term success
A) NPNT be re-notified as a bedrock requirement for security
B) An SPV outside of entrenched institutions be set up with a charter to
1. Envision India’s concept of aviation operations for the next few decades
2. Formulate Future Policy and institutionalize some aspects of key enablers of operations currently missing in India:
Development / update of ConOps
Monitor / develop / customize International standards
Establish Standards for Airworthiness and Flight Training
3. Develop and operationalise DigitalSky in an open, collaborative fashion with oversight and technical governance mechanisms
4. Redefine control zones and segregate airspace for drone operations
5. Establish an advisory committee with equitable membership of stakeholders
6. Address all charter items of the Drone Promotion Council
iSPIRT (Indian Software Product Industry Round Table) is a technology think tank run by passionate volunteers for the Indian Software Product Industry. Our mission is to build a healthy, globally competitive and sustainable product industry in India.
Building on the previous Balloon Volunteering Open House Sessions, we will give a flavour of available volunteering opportunities in the Technology space.
In the fourth Session, we have Dr Pramod Varma, Chief Architect of Aadhaar and IndiaStack, giving you an insight into what it takes to volunteer in iSPIRT. He describes our design principles for building digital public infrastructure and gives you a peek into the thought process of an architect in iSPIRT. Finally, he breaks down how we are redefining the approach towards solving societal problems. We are playground builders. We orchestrate or create a playground so that market players can bring out an array of solutions.
iSPIRT is addressing solvability. We have a multi-decade horizon as a mission-oriented volunteer-based Think-and-Do-Tank.
As part of this session, we have some of our volunteers explaining the technical challenges you can embrace as new volunteers at iSPIRT Foundation. The problems that we are tackling require a thought process that is new and innovative. We use cutting-edge technology.
In addition to the new technical volunteering options outlined in this session, other policy-related and ecosystem-building volunteer options also exist. Apply now on https://volunteers.ispirt.in.
How do you build using Lego Blocks? Watch the recording to learn more.
Following the success of our previous two sessions, we are back again. We are presenting this next session of our open house on the theme of Market Mavens and Market Architecture.
Please find attached the video, which will talk about the available opportunities and what it means to be a volunteer at iSPIRT.
There are many volunteering challenges available. So, if in the past you wanted to volunteer but couldn’t, please do check out the additional challenges listed here. We are adding to the existing challenges that we are working towards. So go ahead and choose any of the options that resonate with you.
This Balloon Volunteering process takes anywhere from 3-4 weeks to start. Also, to get a better idea please do read our Volunteer Handbook and Playground Coda here https://volunteers.ispirt.in/.
iSPIRT Volunteering is about being mission-oriented and being self-motivated, for there is no glory here. So if you have the bandwidth and want to write the new India script, please reach out to us.
