What is DEPA?
The Data Empowerment and Protection Architecture (DEPA) empower every Indian with control over their data, and democratises access and enables the portability of trusted data between service providers. This architecture will help Indians in accessing better financial services, healthcare services, and other socio-economically important services. DEPA is more commonly known as the ‘Consent Layer of India Stack’.
The rollout of DEPA for financial data and telecom data is taking place through Account Aggregators that are licensed by RBI. It already covers all asset data, liabilities data, and telecom data.
The purpose of the session is to understand the technological, institutional, market and regulatory architecture of DEPA, it impacts on existing data consuming businesses and how people could contribute to this new data sharing infrastructure that’s being built in India.
The session will be anchored by Siddharth Shetty (Data Empowerment And Protection Architecture Lead & Fellow, iSPIRT Foundation)
DEPA Unleashed
DEPA is a new approach, a paradigm shift in personal data management and processing that transforms the current organization centric system to a human-centric system. By giving people the power to decide how their data can be used, DEPA enables the collection and use of personal data in ways that empower people to access better financial, healthcare, and other socio-economically important services in a safe, secure, and privacy-preserving manner.
In the fight for data, the individual has lost control over how their personal data is collected, shared, and used. This can be a very disempowering experience for the user, who now has no means of gathering and using their data for their benefit. It also inevitably prevents the user from accessing essential financial services and inhibiting their participation in the market.
India, who is a step ahead of the curve, recognises the need to empower the user with their own data. The Indian government has operationalised the values stated above by encouraging and mandating organisations to seek the consent of the user to use and share their data and seeded the idea of data access fiduciaries, organisations envisioned to enable personal management of consent. The first manifestation of Data Access Fiduciaries is for financial data through the NBFC-Account Aggregator
|
NBFC Account Aggregator Ecosystem
|
 |
The Account Aggregator enables users to maintain and use their financial data as they see fit.
In the past, it was tremendously hard for an Indian to get a statement of his bank account; when applying for a loan, he had to share either unverifiable paper records or his banking password with the lender, not knowing what data might be extracted. With Account Aggregators, customers can allow certain financial data to be shared safely. And because the Account Aggregators operate on a fee-for-transaction business model and are legally prohibited from storing or selling data, users can rest assured that their privacy is respected.
The Account Aggregator performs two main functions. It assists and enables the user to access their financial data easily and it helps manage consent.
Session Flow
- Overview of the Data Empowerment and Protection Architecture (DEPA)
- Technology Architecture
- Institutional Architecture of Data Access Fiduciaries
- Market Architecture of the entire Ecosystem
- Q & A
Location
Residency Road, Bangalore
Time
5:30pm – 7pm
How to participate?
We’re inviting fintech entrepreneurs, product managers, developers and anyone else who is looking to understand the potential of the Data Empowerment and Protection Architecture.
If you want to further your understanding of the Consent Layer of the India Stack, click here to register for the session.
Due to limited seating, we will be unable to accommodate all applicants. (Confirmation emails with venue details will be sent across by 15th May 2019)
Key Resources
Policy
Technology
In addition to Financial Data, the Account Aggregator approach is being adopted for:
Reading List
