CIS Comments on NODE Consultation Paper

This Submission consists of the following parts: 

1. General comments 

2. Responses to the questions posed by the White Paper 

3. A proposal for the implementation of a NODE framework.

Broadly speaking, we would recommend that before implementation NODE project in its present form should be reassessed for :

• Impact assessment on national security.

• Security standards and practices.

• Clarity on architecture of the NODE

• Lack of clarity on the implementation of the NODE

• Absence of clear evaluation metrics, 

• Comparative and reliable appraisal of past efforts including Aadhaar and India Stack, 

• Clear and uniform policy prescription delineating personal data from non-personal data and a governance framework for both

• Use of open source technologies beyond just open standards and open API’s,

• Lack of clear institutional mechanisms for redress 

• Drawing of clear ‘red lines’ on the scope of a  NODE

• Adherence to public ownership, interest and benefit of the ecosystem

• Clearly articulated governance framework that  explicitly constitutional rights and values 

• When conceptualizing, designing, implementing and evaluating a NODE, the following questions are scrutinised for the entire ecosystem:

Is there a law allowing for the creation of the NODE?

Will the NODE enable an intrusion into fundamental rights? If yes, 

• Is an intrusion into fundamental constitutional rights necessary, i.e. is it the least intrusive option available?

• Is the intrusion proportionate to the objective (e.g. public service delivery) being sought to be objective? Is the objective legitimate? 

This re-assessment should serve as an essential pre-requisite before the NODE approach is rolled out. Read the full submission here