adopting global best practices to advocate changes in ...internet of things (iot) contribution would...
TRANSCRIPT
Smart Governance October 2018 www.theiet.in/IoTPanel
Smart Governance
Adopting global best practices to
advocate changes in Indian Policy
Framework for Smart cities
implementations
A Position Paper
Credit: Shalini Nair
Smart Governance October 2018 www.theiet.in/IoTPanel
Table of Contents
List of Contributors __________________________________________________________ 3
Executive Summary _________________________________________________________ 4
1. Objective ________________________________________________________________ 5
2. Definition & Scope ________________________________________________________ 5
3. Need for ‘Smart Cities’ _____________________________________________________ 5
4. Challenges Faced by Selected Global Smart Cities ______________________________ 6
5. Policy Regulations Changes Brought In by These Global Smart Cities _______________ 7
6. Relevance of These Legal and Policy Changes in Indian Context __________________ 11
7. Way Forward 12
8. Digital Infrastructure Development Framework _________________________________ 15
9. Cyber security and Personal Data Protection __________________________________ 17
REFERENCES ______________________________________________________________ 17
Smart Governance October 2018 www.theiet.in/IoTPanel
List of Contributors
A. Primary Authors / Drafting Committee
Name Designation Organisation E-mail address
Mr. Vivek Gupta
Partner, Angel Investor and Mentor
Mentoring Advisors LLP
Ms. Srishti Bhatia
Assistant Professor RLA College, University of Delhi
Mr. Arijeet Satapathy
Student IIIT Bhubaneswar
Mr. Tapaswin Padhy
Student IIIT Bhubaneswar
B. Contributors (Working Group Smart Cities – IET IoT Panel)
Name Designation Organisation E-mail address
Mr. V Srnivasa Rao
Chairman & Managing Director, Chief Digital Consultant
BT & BT [email protected]
Mr. Ranjeet Koul
Vice President & Country Manager APAC & ME
Aeris Communications
Mr. Dhaval Doshi
Founder and Director
Smarthome NX [email protected]
Mr. Joy Rajan Cheruvathoor
Chief Marketing Officer
L&T Smart World & Communications
Mr. Vinay Solanki
Director, Strategy & Strategic Management Development
Aeris Communication
C. IET Review Committee
Name Designation Organisation
Shri T. V. Ramachandran Founder & CEO Advisory@TVR
Mr. Shekhar Sanyal Country Head IET
Ms. Anitha Kaveri Manager – Sector and Special Projects
IET
Ms. Neha Abhyankar Sector Support Executive IET
Smart Governance October 2018 www.theiet.in/IoTPanel
Executive Summary
The increase in industrialization in recent past has fuelled significant development leading to rapid
growth in urbanization especially in last two decades. The UN1 recently predicted that by 2050, urban
cities would be hosting 68% of the global population as their citizens. This trend will put more
pressure on all emerging economies specially in African and Asian sub-continents which are
projected to have about 90 % of the global urban population, creating greater need on the availability
of smart amenities to improve and enrich citizens experience. The challenge here is to develop
forward looking smart infrastructure using emergent digital technologies and transforming the existing
governance process into transparent, accountable, collaborative and participatory governance, in
short, Smart Governance which is nothing but an intelligent use of emergent digital technologies to
improve decision making. The first step towards achieving Smart Governance might be upgrading the
regulatory and policy frameworks to facilitate digital transformation within the smart city infrastructure
to create the following foundational capability for smart governance services:
i. Big Data: there is an immediate requirement to uplift government capability in formulating big
data security and privacy guidelines to positively impact the envisaged exponential growth in
near future. This includes building technical resources capacity and creating a development
platform using artificial intelligence tools for collection of big data and using analytics to solve
the societal challenges.
ii. Spatial data: sharing of spatial data is crucial for facilitating the smart city applications. This can
be facilitated by development of required infrastructure.
iii. Data Center: an integrated cloud infrastructure having latest functionalities to facilitate delivery
of digital government services is an essential need for the smart city.
iv. Cybersecurity: with the fast-paced growth in digital data, there is an urgent need to upgrade the
guidelines, policies and governance models for cybersecurity protection by raising all round
general awareness on security risks and adopting global best practices while developing
appropriate IoT security guidelines.
v. Digital Persona: for authenticating the digital identity of citizens, a Digital Persona infrastructure
needs to be put into place.
The availability of Smart infrastructure in upcoming smart cities would act as an enabler to the city
governments to transform themselves towards smart governance for creating enriching experience for
stakeholders viz local government to citizens to private service providers.
Smart Governance October 2018 www.theiet.in/IoTPanel
1. Objective
Key objective of this paper is to throw light on some of the key challenges faced by selected few
global smart cities that led to changes in the ICT infrastructure policy framework in these city
government(s) and best practices that can be adopted in Indian environment to trigger successful
implementation of smart cities for all stakeholders.
2. Definition & Scope
A ‘smart city’ aims to transform local city spaces by developing an ecosystem, resting itself on 4 pillars
of developmental infrastructure: 1) Institutional 2) Physical 3) Social 4) Economic.
The premise behind the overarching concept of smart cities is to provide a decent quality of life to the
citizens by building core infrastructure, replete with a clean and sustainable environment. Inclusive
development is at the forefront of the ideation of smart cities. The idea is to develop a repeatable
model which is sustainable and evolving in transforming other cities.
3. Need for ‘Smart Cities’
The main driver behind retrofitting ‘smart cities’ is recent UN1 report mentioning that total global
population living in urban cities will increase to 68% by the year 2050. The urbanization trend,
together with a greater attention to the consumption of water and energy resources, environmental
pollution, and economic and technological changes, is one of the many countless challenges facing
urban centers in recent decades.
To address these phenomena and their transformations, cities need to become smart, leveraging the
diffusion of ICT technologies to improve citizens’ lives, respecting the environment and future
generations, and increasing local attractiveness and competitiveness, thus opening up to new
opportunities for economic and social development. Among the host of emerging technologies,
Internet of Things (IoT) contribution would be significant in the creation of smart cities.
Smart City enhances city parameters like local government, city environment, citizens living in cities
and their quality of life, city economy, citizen’s mobility etc.
Smart Governance
Smart governance emphasizes on active citizens’ role in collaborative decision-making for keeping
the decision processes transparent and improving quality of life. The key objective of smart
governance is its value creation for society and improving livability index through novel form of
collaborations, data sharing and information integration services, bringing transparency, encouraging
citizen participation in decision making, fostering public-private partnerships, fixing accountability of
city government and its leadership, improving their responsiveness etc.
Shortlisted Smart Cities:
Smart Governance October 2018 www.theiet.in/IoTPanel
Using a benchmarking-based approach, we have shortlisted the smart cities of Barcelona, Singapore,
Hong Kong and Seoul. This shortlisting has been done on the basis of similarity Indian cities share
with that of Hong Kong, and the proximity we share with China. Barcelona and Singapore have been
selected as they have been the pioneers in this field, paving the way for other cities to follow. Seoul
has been making headways with its waste management and traffic systems.
4. Challenges Faced by Selected Global Smart Cities
On the road to becoming a smart city, there are a lot of barriers on the way. The cities are often
fragmented into different municipalities, each functioning as a silo in itself. Such fragmentation leads
to inefficiencies, and it hampers collaborative city services. There are many such challenges facing
the development and progress of smart cities, some of which are listed below:
1. Air Quality: In major metropolitan cities across the world, particularly in China, there has been rising
concern about the quality of air and Chinese government has been making significant attempts to
improve air quality and reduce the emissions. There has been a pressing need for coming up with
clean energy solutions to bring down the city’s carbon footprint. As per the research report of a
Sweden-based group EasyPark, Hong Kong was ranked at the 68th position, out of the top 100 cities
in its 2017 Smart Cities Index. Singapore bagged the No. 2 spot, while South Korea's Seoul was
ranked 21st. As per the index, Hong Kong performed poorly in areas ranging from transport and
mobility to sustainability, innovative economy and digitization.
2. Congestion: Till 2008, Singapore had been facing a lot of traffic congestion. They implemented a
parking solution that provided real-time parking availability of a parking space by sensing and
transmitting it over cloud on their mobile devices installed in cars. This solution helped in immediate
reduction of traffic congestion in the city.
Seoul is also among the densely populated urban city hosting about 20% of South Korea’s
population. To manage traffic congestion, the city government installed traffic sensors and
surveillance cameras on the roads to provide real time access to traffic data, traffic map and
congestion points, travel time calculator etc.
3. Waste Management: A common challenge across the length and breadth of all the cities has been
tackling the waste management system. Singapore introduced smart waste bins, equipped with
monitors and sensors on the lids to gather information about waste disposal. The city of Seoul too
faced the challenge of overflowing litter and lack of waste bins in public.
4. Digital Divide: Though digital devices are getting popular in providing for smooth functioning of the
smart cities, but still major chunk of the population is not having access to it. Singapore government
identified digital inclusivity as one of the major challenges in becoming a smart nation. They took
several initiatives to ensure digital inclusivity trickles down to lowest level of the society.
5. Inability to foster innovation: The lack of tech-savvy environment blended with incompetence
results in a complacent atmosphere in the city. As per an advisory report commissioned by KPMG to
YouGov for conducting a survey of residents and business executives, on smart city attitudes in Hong
Smart Governance October 2018 www.theiet.in/IoTPanel
Kong, 87% executives stressed that the biggest challenge for Hong Kong, on its way to achieve the
smart city status, was its (in)ability to foster more innovation. This problem is aggravated by the local
government lack of interest in becoming tech-savvy. One of the senior official of the local technology
federation said that “Hong Kong is pretty slow in its pursuit of becoming a smart city. This is partly
because the government is not even tech-savvy itself.” He adds that the harsh reality is reflected in
the daily operational work of the officials - they still rely largely on paperwork; the smart city initiative is
being done in “bits and pieces” and lacks comprehensiveness.
6. Data Privacy/Breach: The great societal challenge is to assure user’s privacy and security. In order
to ensure that users partake in the Smart City vision, their consent and trust has to be built for greater
acceptance of the initiative. There has to be an integration of security and privacy-preserving
mechanisms. Since trust is not static but dynamic, evolutionary trust models have to evolve. E.g. If
cities track cars individually (as Singapore plans to do with its satellite-based road pricing system),
how exactly will the data be guarded so that it’s not easily hacked by nefarious elements?
7. Sensory Overload: For the idea of smart cities to work well, sensors are needed that will
communicate with each other, like roads, buildings and street lights can discuss about weather and
take appropriate actions by using sensors. The overload on sensors will be enormous. Lux Research,
a research advisory firm, reports that there will be 1 trillion sensors deployed by 2020. The challenge
lies in how will the sensors be powered?
8. Data Exchange Standards: It’s crucial for smart cities to integrate themselves into existing
regional, and national infrastructures, e.g., to share data about businesses or development. There is a
lack of development of data and service standards – resulting in vague interoperability between
different data sets. How will data sharing mechanisms evolve? There is lack of clarity on development
of transnational authentication systems for citizens and businesses.
5. Policy Regulations Changes Brought In by These Global Smart Cities
To foster the overall all developmental goal for citizens living in smart city and enriching citizens
experience through smart governance, the government(s) of above mentioned global smart cities,
initiated numbers policy and regulatory framework changes. Some of these initiatives were:
Healthcare2: In Singapore, Healthcare Care Services Act came into action in 2014, intending to
reform the existing Private Hospitals and Medical Clinics Act PHMCA to make existing laws relevant
to current and future models of healthcare and advancements in the medical science field, with focus
on public’s rising expectations of safe and affordable care, shift the regulatory focus to ‘services-
based’ rather than ‘premises-based’ licensing , to recognize new and emerging healthcare service
models and businesses. It addressed the elements like telemedicine or mobile medical services, need
for care continuity and patient expectations of dignity of care.
Smart Governance October 2018 www.theiet.in/IoTPanel
Image Source: https://www.straitstimes.com/singapore/health/all-practices-roped-into-plan-to-put-
residents-medical-history-in-electronic
Another important policy intervention was the introduction of National Electronic Health Records
(NEHR) to support “One Patient, One Health Record” throughout the patients’ lifetime, enabled
authorized healthcare professional to access their patients’ medical history from the NEHR to make
better-informed diagnosis and treatment decisions that could improve a patient’s health outcomes.
The patients’ NEHR records are kept confidential to ensure safety and privacy of the data.
Finance3: As one of the fastest growing global economy, Singapore has earned a reputation of a
sound and stable location for business expansion and investments. To maintain its financial
leadership and a vision of transforming Singapore into a smart financial hub following measures were
initiated:
a) In August 2015 a Financial Technology & Innovation Group was created to promote the use of
technology in managing risk, improving its efficiency and reinforcing competitiveness in the
financial sector by developing new strategies and regulatory policies. The Smart Financial
Centre (FinTech) were created to popularize new financial products that can facilitate pervasive
usage of technology.
b) Financial Industry API Register was created to provide the initial landing site for Open APIs in
the Singapore financial industry and is updated on an ongoing basis. It consists of Informational
(i.e. non-sensitive data, no/minimal authentication required) and Transactional type (i.e.
contains sensitive client data, user/partner authentication required) data.
c) Drive innovation in Electronic banking platforms and fostering new mechanism to integrate
legacy IT systems and emerging technologies with these platforms.
d) FinTech Regulatory Sandbox is a live and safe environment for experimentation where financial
institutions, innovators and FinTech startups can test new products and services by mimicking
the production environment on a real-time basis to help simulate responses from all the
systems an application interface with it.
e) The Financial Sector’s Technology and Innovation scheme funds up to 50-70% of cost to the
financial institutions or technology solution providers operating only from Singapore, for early
stage development of novel solutions to financial industry problems, with maximum up to
$200,000, for up to 18 months.
Smart Governance October 2018 www.theiet.in/IoTPanel
f) Nurturing collaboration among the start-ups, technology solution providers, investors, research
institutions and innovation professionals, financial institutions and government agencies to
continuously build capabilities in FinTech.
As a result of the above, companies are continuously inventing application of artificial intelligence (AI),
machine learning algorithms (ML) and virtual reality (VR) concepts, to study and learn investor
behavior and decision making on host of existing financial products in the sandbox environment so
that better recommendations can be developed for the investor.
Data Privacy and Cybersecurity4: The technological advancements and phenomenal growth in
social media has ushered in the threats of cyber security and personal data piracy. In Singapore, the
Personal Data Protection Commission Act 2012 (PDPA) (PDPC) was brought in to provide a
framework for:
i. protecting Singapore’s economy
ii. empowering the Cybersecurity cell to investigate cyber security threats and incidents, assess
their impact and prevent any further harm
iii. facilitates information sharing to identify vulnerabilities in the system
iv. licensing of service providers, namely penetration testing and managed security operations
center (SOC) monitoring
Recently a major cyber-attack on Singapore's largest health group leaked the personal and
healthcare information of 1.5 million people, including that of few senior government officials. To
handle the problems related to Cyber-security threats, Singapore introduced centralized National
Cyber Security Policy Reforms.
Few months back, Singapore brought Data Piracy Bill which adopted some features of GDPR such as
power to take, remove, or duplicate the contents of disk storage to assess the impact of a cyber-
threat. This statute has privacy implications especially for CIIs (Critical Information Infrastructure)
operating on a global level adhering to privacy regulations like GDPR.
Cloud Computing5: Cloud computing enables network access to a shared pool of resources (such as
networks, servers, storage, applications, and services etc.) over internet, based on convenience and
demand of the user. It works on a use-and-pay basis. A third-party provider typically owns and
maintain these computing resources.
With an objective to drive adoption and deployment of cloud computing technology in Hong Kong, a
committee of Experts on Cloud Computing was formed by inviting eminent personalities from the
industry, academia, community and the Government. The Privacy Commissioner for Personal Data
recently highlighted the particular characteristics of cloud computing that are riskier from a privacy
perspective through a leaflet designed for data users looking to engage cloud providers. The Personal
Data (Privacy) Ordinance brought a regulation for the companies storing data in foreign areas to
disclose the location of data being hosted, to let the data owners know which country’s laws and
Smart Governance October 2018 www.theiet.in/IoTPanel
regulations apply to their respective data. Regulations stipulate taking reasonable steps for data
protection to counter any potential misuse, loss, unauthorized access, and modification. Extra-
territorial applicability of law against violations of data security, privacy and intellectual property rights
has been a cloudy area due to internet and cloud being a cross-border services.
Big Data and Data Analytics6:
Singapore government has emerged as a global leader in bringing forward looking technological
changes to their regulatory framework to enable adoption of emerging technologies. They designed
and open state funded incubation centers primarily to drive innovation in development of policies for
data regulation to leverage new initiatives and a speckle of boldness in big data. The key theme was
to ride on the first wave of smart and flexible legal strategy. These incubation centers act as a
platform for testing the suitability and applicability of these emerging technologies. In March 2017, a
Data Innovation Programme Office (“DIPO”) was set up to encourage the small and medium
businesses to experiment the
emerging technologies like data
analytics for developing permutations
in data sharing, provide a neutral
environment with relaxed regulations
to facilitate R&D activities to develop
new norms for the new economy.
These businesses were exploring the
usage of personal data for data
analytics without an obligation of
obtaining a legal consent from the
data provider, and using data mining
in growth of the data analytics sector
by incorporating minor changes in
copyright infringement act. An
awareness regarding potential
benefits of data sharing was spread
amongst these business and data
providers, highlighting specific data
analytic practices that would not
breach the provisions of the
Competition Act. The roles,
responsibilities and obligations of
critical information infrastructure
owners and the cybersecurity
measures to be implemented there
Smart Governance October 2018 www.theiet.in/IoTPanel
were clearly defined in the Cybersecurity Bill.
Image Source : https://in.pinterest.com/pin/548594798341228662/?lp=true
6. Relevance of These Legal and Policy Changes in Indian Context
In a country like ours, with burgeoning population, there is a lot of pressure on the existing resources
in the cities. The challenges and threats range from social everyday problems like traffic congestion,
air quality and waste disposal problems to technological ones like breach of data privacy and extends
up to governance problems like slow decision making, red tapism / bureaucracy and lack of alignment
between different departments in the government. One such example is the perpetual lack of
coordination between the Jal
Board and the PWD –
whenever a new road gets
constructed, within a few
days, it is dug out because of
some water issues by the Jal
Board.
India’s culture also lends a
unique nuance to the
implementation of solutions,
vis-à-vis smart cities in other
part of the world. With the
haphazard and random traffic
situation, will sensors be able
to detect a cow wandering
about on the city roads? How
will the random rush of
pedestrians crossing roads
out of nowhere in the midst of
green signal, be factored in by
the traffic sensors?
Decision to implement Smart
cities infrastructure to facilitate
installation of a transparent and citizen centric Smart city governance, was significant transformational
change envisaged by the Indian Government, primarily aimed at bringing significant all-round
improvement in quality of life for citizens in these upcoming cities in India. The cities shortlisted for
India’s Smart Cites mission are depicted as follows:
Map depicting the Smart Cities nominated in India
Smart Governance October 2018 www.theiet.in/IoTPanel
The Smart Cities Mission of the Government of India has proposed the following ‘smart solutions’:
7. Way Forward
In the Indian context, there are a myriad of laws that need to be relooked from future requirement’s
prospective and tweaked for faster and efficient implementation of Smart governance in upcoming
Smart Cities due to the advent of smart digital technologies including internet of things (IoT), cloud
computing, artificial intelligence, big data analytics, blockchain etc.
Smart Governance11
Governance refers to creation of an environment that enables the government to take care of the
needs of its citizens, by way of legal policies and regulations and an efficient government machinery.
With the advent of digital technologies, models of governance need to be modified to function within
the dynamic environment. It is imperative for governments across the world to partake in innovative
practices to decrease costs, and enhance stakeholder-engagement for finding out solutions to tackle
social problems.
The idea behind implementing smart governance in cities is empowering citizens and other
stakeholders to take part in decision-making and enhance their quality of life.
The digital enabled smart governance framework below illustrates a process wherein a collaborative
effort led to creation of a smart government model. Here, the word ‘smart’ connotates that
governments need to be flexible and adaptable in the face of ever-changing dynamic environment.
Smart Governance October 2018 www.theiet.in/IoTPanel
Given the background and context, governments need to evolve and start being changemakers by
implementing technology first in the government sector – be it e-governance or data-driven policy
making.
It begins with plain digitization with no change within the government organization, shifts to internal
organizational transformation, and ultimately transcends the boundaries to create an overarching
national impact.
There has been exponential use of social media in establishing linkages between people. The
government can tap this linkage to enhance the quality of communication between its representatives
and the citizens. There can be increased exchange of information, better collaboration, more
transparency and effectiveness and better decision-making through empowerment of citizens. Since
there is a two-way impact relationship – social media influences the government actions and vice
versa, it is but natural that government deploys such tools to revolutionize delivery of public services,
and take collaborative action. In a nutshell, smart governance is the sum of all things a government
does to improve the quality of life in cities. It stands at the intersection of the elements of smart cities:
Smart Living, Smart Mobility, Smart People, Smart Economy and Smart Environment.
The usage of digital technologies is in the following (but not limited to) three area viz Healthcare,
Finance and Smart Digital Infrastructure, would help inch a step closure towards implementation of
smart governance
Healthcare
Since Independence every successive government has taken Healthcare as main policy agenda but
the masses specially the bottom of pyramid population were still deprived of basic healthcare facilities
due to poor policy implementation and lack of infrastructure. We can adopt usage of digital
technology, which has successfully demonstrated improved reach both in terms of cost and efficiency
E-Government
• Administraive Efficiency
• Interoperability
• Service Improvement
Smart Government
• Runs on Evidence
• Decision making is participatory
• Contribution of Social Media
Smart Governance
• Policy making through Data driven aproach
• Governance is open, citizen centric and collaborative
• Improving the quality of life
Smart Governance October 2018 www.theiet.in/IoTPanel
by building end to end infrastructure for “One Patient, One Health Record”. This will enable accessing
and appending of same patient record by different healthcare providers like General Practitioners to
hospitals in the lifetime of patient. The policy should enable safe and authorized access to these
patients’ medical history to make better-informed diagnosis and treatment decisions that could
improve a patient’s health outcomes.
The policy should also facilitate easy accessibility and saving of these public healthcare data on a
common platform, including complete medical history along with diagnosis statistics. Safeguards such
as provision of access logs to patients and regular audits on policy access should be planned to
protect against illegitimate access.
Options should be given for Patients who do not wish for their records to be accessed via the policy
but would be responsible to have their information uploaded to the policy. The figure below illustrates
this proposed policy and model:
Smart Governance October 2018 www.theiet.in/IoTPanel
Finance
India has achieved second highest adoption rate in FinTech among digitally active consumers
reported to be around 52%, second to China’s FinTech adoption rate at 69%, as per Ernest &
Young’s FinTech adoption index. The recent World bank Global Findex Report10 mentioned that India
has opened about 55% of the total 51.4 crore bank accounts opened globally during 2014-17. The
Indian government is reaching out to the bottom of pyramid segments of the society by formulating
policies to revolutionize banking and digital payments in India.
The finance ministry set up an 8-member committee in March 2018 to promote active use of Fintech
in access and adoption of digital payments, affordable housing, e-services to bottom of the pyramid,
financing of MSMEs etc. As per the terms of reference, the committee "will develop regulatory
interventions, e.g., regulatory sandbox model, that will enhance the role of Fintech in the sectors
identified for focused interventions."
There is remarkable progress in the FinTech and Digital Banking in India with issuance of Payment
Bank and Small Bank licenses. This has led to a need to further optimize the banking regulatory
regime with respect to these emerging technologies. An inter-regulatory Working Group was set up to
identify the gaps in current regulatory regime relating to FinTech and Digital Banking in India. One of
the recommendations of the working group was to setup a “regulatory sandbox” to promote innovation
in financial technology.
8. Digital Infrastructure Development Framework
There is an immediate need to initiate digital transformation to help facilitating Smart Governance
implementation, using the world-class digital ICT infrastructure listed and explained as under:
Big Data9
The existing regulatory framework is inadequate in meeting the future needs for data security,
especially regarding sensitivity of the collected data, given the explosive growth envisaged in this
area. A comprehensive regulatory framework defining the rights of data provider(s) over their own
data is the need of the hour i.e. having unrestricted and unlimited access to modify, transfer and/or
erase their data from any/all servers in which it is saved. The data collectors and/or processors should
be made accountable for ensuring data is secured at all times, with an obligation to inform the
respective data owners immediately whenever the data security is actually or perceived to be
breached.
The European Union has recently implemented a data protection law which is globally recognized and
appreciated for its comprehensive coverage over the rights of data providers and data processors.
Taking clues of some of the best practices from this law, India should formulate its data protection
policy with respect to our own socio-economic, legal and demographic needs. This proposed policy
should make a determined attempt to first define a purposive approach for data protection and then
elaborate it in detail by defining, a) the obligations of the businesses in data processing and ensuring
Smart Governance October 2018 www.theiet.in/IoTPanel
its seamless exchange across multiple channels, b) the legal aspects such as the rights of
entities/data processors located outside of India but performing data processing activities on Indian
data subjects, for example data profiling, assessing the risks in data protection etc., c) obligation of
data collectors for providing complete traceability of data collected, used, saved and or destroyed, d)
guidelines for data usage in research and developmental activities to facilitate innovation. As it is
evident that data usage will grow exponential in near future, the proposed policy framework should
have in-built flexibility to evolve along with evolving technologies and innovations.
Cloud Computing7:
Though cloud computing is becoming popular in India, but there are numerous issues in its adoption.
List of issues ranges from restrictions imposed on data flows across border for privacy protection and
security, servers installed in multiple geographic locations making it challenging to legally access
data, difficulties faced by law enforcement agencies while conducting crime investigations or
capturing cyber forensics or performing surveillance and interception in the cloud etc. Some of the
proposals to help manage the above listed difficulties are:
a. Data Classification Technology8: The cloud service provider normally has datacenters, clients,
end customers and resources maintaining the services all in different geographic locations. And
the national security, cyber security, privacy and content regulation related regulatory
requirements requires cloud service providers to comply with local requirements, making it a
colossal task for the cloud service providers. The legal and regulatory framework should be draft
in such a manner so that it can achieve a winning balance of local regulatory requirements vis-a-
vis benefits of global architecture in cloud services.
b. Cloud Forensics: With the increasing adoption of cloud in the B2B and B2C segments, cloud
forensics is becoming an essential element specially in situations like crime investigation. But
uninformed and unskilled investigator(s) may complicate the investigation, thus putting
unnecessary burden on the cloud service providers. The Law Enforcement Agencies (LEA)
should be properly trained in the cloud forensics.
c. Digital Certificates: The cloud service providers using the global software products should
recognized the root certificates authorized by the Indian Controller of Certifying Authorities (CCA).
The usage of foreign digital certificates by these cloud service providers create jurisdictional
issues as it makes it difficult, and in some case impossible, for LEAs to access the logs and other
details from a foreign digital certifying authority.
d. Encryption: Cloud service providers faces challenges in meeting the monitoring, encryption,
decryption and interception related regulatory requirements due to wide variance in requirements
for the strength of encryption standards across multiple geographies, making it difficult to meet
these varying requirements altogether. A separate international arrangement, similar to
Wassenaar Arrangement, is required to facilitate balance among member country’s individual
legal and regulatory requirements. In Wassenaar Arrangement, restrictions are implemented in
exporting identified sensitive technologies to non-member countries that are listed as dangerous,
Smart Governance October 2018 www.theiet.in/IoTPanel
to check misuse of technology. India should join the Wassenaar Arrangement as a member
country else this may create some barriers in procurement of cloud services.
9. Cyber security and Personal Data Protection
The India cybersecurity laws related to data protection and data security are in the nascent stage of
development. The increased usage of technology is poised to generate a huge volume of data
potentially in Petabytes per day and with the evolving business models’ number of stakeholders are
also increasing, the service providers are finding it economical to outsource the responsibility of
accumulating, processing and safekeeping of the data to third party “specialist data brokers/vendors”.
In these situations, the Indian regulators should make it mandatory for service providers to enforce
separate vendor agreements with regulated terms and conditions to protect “sensitive personal data
or information”. Such agreements should clearly stipulate the responsibilities of all stakeholders- the
service provider / consumer / user and define the Assignment/Licensing terms, Intellectual Property
Rights, Limitation of Liability, Indemnification and Dispute Resolution etc. Recently a new draft bill
was tabled in the parliament. The key highlights of this bill are summarized in the figure below.
Image Source : https://www.livemint.com/Opinion/zY8NPWoWWZw8AfI5JQhjmL/Draft-privacy-bill-
and-its-loopholes.html
REFERENCES
Smart Governance October 2018 www.theiet.in/IoTPanel
1. https://www.un.org/development/desa/en/news/population/2018-revision-of-world-urbanization-
prospects.html
2. https://www.ihis.com.sg/nehr/about-nehr
3. http://www.mas.gov.sg/Singapore-Financial-Centre/Smart-Financial-Centre/FSTI-Proof-Of-
Concept-Scheme.aspx
4. https://www.pdpc.gov.sg/Legislation-and-Guidelines/Personal-Data-Protection-Act-Overview
5. https://www.ogcio.gov.hk/en/about_us/committees/archive/egccss/
6. https://www.taylorvinters.com/article/singapore-smart-nation-how-the-law-is-changing-with-big-
plans-for-big-data/
7. https://www.dsci.in/
8. Legal and Policy Issues in Cloud Computing - Discussion Paper based on DSCI-BSA Workshop -
Prepared by Data Security Council of India,
https://www.dsci.in/sites/default/files/documents/resource_centre/Discussion%20Paper%20on%2
0Policy%20Legal%20Issues%20in%20Cloud.pdf
9. http://www.indialawjournal.org/big_data_a_challenge_to_data_protection.php
10. https://www.businesstoday.in/current/economy-politics/india-accounts-for-55-per-cent-of-new-
bank-accounts-opened-globally-world-bank/story/275348.html
11. https://www.researchgate.net/publication/325304603_Smart_governance_in_the_context_of_sma
rt_cities_A_literature_review
Smart Governance October 2018 www.theiet.in/IoTPanel
About IET India
The IET is one of the world’s largest engineering institutions with over 168,000 members in 150
countries. It is also the most multidisciplinary – to reflect the increasingly diverse nature of
engineering in the 21st century.
The IET is working to engineer a better world by inspiring, informing and influencing our members,
engineers and technicians, and all those who are touched by, or touch, the work of engineers. The
IET office started operations in India in 2006, in Bangalore. Today, we have over 13,000 members
and have the largest membership base for the IET outside of the UK. Our strategy is to deliver
activities that have an impact on overall competency and skill levels within the Indian engineering
community and to play an influencing role with industry in relation to technology innovation and
solving problems of public importance.
We plan to achieve this through working in partnership with industry, academia and government,
focussing on the application of practical skills within the learning & career lifecycles (particularly early
career), and from driving innovation and thought leadership through high impact sector activities.
The technologies that we have chosen to focus on are:
a. The Internet of Things (IoT)
b. Future of Mobility and Transport
To drive this focus forward, we have created volunteer-led panels for each.
The IET IoT Panel
One of the most important technologies that will connect all sectors will be Internet of Things (IoT).
With 1.9bn devices expected to be connected in India alone, by 2023, IoT and related technologies
assume relevance of significant proportions. Across sectors we will see energy, power grids, vehicles,
homes, entire cities and manufacturing floors, computers and mobile devices being connected.
Leveraging its position as a multi-disciplinary organisation, IET India launched its IoT panel on
February 20, 2015 with Dr Rishi Bhatnagar (President – Aeris Communication) as the Chairperson.
The panel, being a first of its kind in India, focuses not only on technology but the application aspect
of IoT in various segments.
The focus is to facilitate discussions that will help in making the inevitable connected world more
efficient, smart, innovative and safe. It will focus on technology, security and regulatory concerns and
the need for nurturing capabilities and talent for a quicker adoption of IoT in all spheres. The panel
also constitutes sub panels / working groups focusing on the application of IoT in Agriculture, Retail,
Energy and Healthcare domains. Each of these sub panels will work towards undertaking neutral
pilots and studies and publishing white papers around the application of IoT in the respective
domains.
Smart Governance October 2018 www.theiet.in/IoTPanel
The IET India IoT Panel will provide a platform for stakeholders to participate in becoming an
authoritative, but neutral voice for the evolving movement of IoT in India. It aims to enable all the IoT
practitioners (including people from the hardware – devices, portables, sensors, software, business)
and IoT enablers ( including people from regulatory area, training area, investors in IoT, end users) to
work together on relevant areas to make this industry efficient as well as robust. The panel envisions
laying a solid foundation by supporting policy makers, industry in the next step of adoption of IoT.
The panel works through Working Groups - Healthcare, Social Impact, Telecom, Smart Living, Skills,
Standards, Regulatory & Legal, Cyber Security, Ganga Rejuvenation and Energy.
Read more on http://www.theiet.in/IoTPanel
If you are interested in volunteering for the IET or joining one of our panels, please write to us
Follow us on
@IETIndia
www.facebook.com/IETIndia
IET India