The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.
***
>> CHETTY PRIA: Good afternoon, everyone, and thank you for joining us after the tea break. We are very excited today about this particular panel. Because it brings the data conversations that we've been having I think across the last few days into focus and today we're speaking about data for impact. And it's correlation with digital public infrastructure and how we can evolve and shift our approaches to data governance to bring more equitable and inclusive approaches to data governance this correlates I think with IGF something too which is around building sustainable and responsible innovation and I think is really been our experience as we've worked across the public infrastructure, artificial intelligence more recently, policies that are centered on micro and small enterprises in the digital economy and various other subjects interrelated with this subject, their data governance is really being looked to as a model to bring more equity and inclusion in what technology and innovation promises in this age. So a quick introduction of myself, the moderator for this session my name is Pria Chetty I come from research ICT Africa, we are a digital policy think tank based in Cape Town but working across Africa on a range of programmatic areas around digital equality and data justice. Your online moderator today is nick Keta Jane you'll see here, hello to all the online participants you'll see Nikita with you, an economist with the international council on economic relations. Welcome online participants and thank you, Nikita for the online moderation.
So just a few thoughts to set the scene for today. We have heard a number of conversations around digital public infrastructure and really this opportunity that is presented by DPI as a foundational layer technology option for digital transformation across society. And so we've heard a number of discussions in the lead up to this on DPI and the promise in digital public infrastructure to drive national digital transformation, to drive regional digital transformation to foster innovation and to produce some outcomes for sustainable development. Where there's a promise behind DPI and sustainable development. At the same time we have this realization that what we, the ambition that we have for DPI is not realized unless we have relevant governance frameworks to give us direction, to give us the strategy and to keep us accountable for what we will do with DPI. So what we want from the technical perspective is high levels of official si and sometimes they can be an over focus on the technical side of things so we want to have a balanced approach that is about technical efficiency but also about equitable outcomes if we are investing in digital public infrastructure. We want to have a fair degree of openness.
In terms of the systems, in terms of the applications and in terms of the data. And at the same time, we want to balance this with assurances that we need to give society and users about the security of the data and the protection of the data. And the assurances that will be both in the systems and applications that are constituted by digital public infrastructure. So what we are speaking about is that we want to advance the innovation. And at the same time, we want to make sure that the governance delivers an accountability framework that we can rely on as we implement digital public infrastructure. When we speak about data governance specifically we first speak about the association between data governance and digital public infrastructure. We've come to recognize that how we govern the data, the data exchange component, not just as a pillar of DPI but across digital identity and going pal payments implementation really determines whether DPIs can deliver on this promise.
That data governance has become so integral to the objectives of digital public infrastructure and this is where we speak about high we are going to one, adapt our data governance frameworks so that we can foster the innovation that we need because we need to see the data moving across this layer at the system level. And also how we can broaden the participation of those who engaging with the digital public infrastructure for data led value creation, can they participate in the data value chain? So when we speak about data governance, it isn't just about the protection mechanisms and the accountability mechanisms. It's also about whether it can be used and leveraged, the governance framework, to empower citizens digitally. Can changes in data empower citizens and users of DPI?
And when we enable this kind of integrated data governance framework, can we unlock this sustainable development gain? The challenge that we see at the same time is that this requires a different orientation to data governance so a reference that we work with at research Africa and a model in the global south is the African Union data policy framework and this particular framework is looking at this integrated approach to data governance it speaks about whether the frameworks that we have currently provide for the essential digital and data rights for all and we don't just mean the right to privacy or the right to information but we're speaking about the right to data, we're speaking about the right to meaningful connectivity. Whether the frameworks actually do allow this data exchange for beneficial data access to where citizens are not just their providers of data but they are in fact are using the data in beneficial ways whether these frameworks are adequate for transparency, accountability and responsible data use. Whether the mechanisms of enforcement and redress are there and apparent in the frameworks or whether we need to improve them to address issues of bias that can present in the data or rights violations. Do we need stronger oversight or intern operability mandates and where do we see this unique coming together of public and private sector of new models of cooperation?
Do we have the necessary mechanisms not just in our data protection framework but also in our consumer protection laws and our marked mechanisms with our composition laws and policies to prevent monopoly ization while also fostering this open innovation and that brings us to our session today.
Which we hope will be interactive and we hope that you will engage with us on recommendations that we can take forward. There's been a lot of conversations on what we need but how exactly are we going to do it? So we're going to hear from our fantastic panelists today, we're each going to bring unique perspectives from their work and their on the ground work in this space. And then we're going to have some audience engagement where I hope you will not just raise questions for the panelists but also share your recommendations and your experience working in this space. I think what's wondering about the IGF is we're in a roomful of experts.
With that I want to bring our panelists into the conversation. We are delighted to have with us today Souhila Amazouz and has been engaged in over two decades in various situations of ICT frameworks.
Policy frameworks, digital policy frameworks, now data, including in regional harmonization frameworks and member states in Africa. We have Andrew Vennekotter from Amazon Web Services, a senior manager there and to date only the person I know who has worked at NASA but he has. He is an expert in cybersecurity and insurance work in the trust area and worked for many years in the public sector and now leading public‑private efforts at AWS. We have Payal Malik who is the senior advisor on the council for economic relations and Payal has been based at the competition commission where she advised and informed policy shifts so her work is at the intersection of economics, competition and policy, we have Thomas Linder with us from the open north a senior coordinator on various initiatives related to data governance, to citizen engagement and we have Mariana Rielli who is the co‑executive director of data privacy Brazil and talks about the Brazil on the ground and really looking forward to her on the ground from Brazil data governance work. Over to our panelists. Sue HeLa if I can come to you first for your continental and public sector perspective.
What, can you point the picture for us? What are the relevant policy frameworks that guide data governance for DPI especially when we speak about equitable and inclusive outcomes for society from DPI? And what is your experience with those frameworks? What can you share and from, yeah, from your experience of engaging with those frameworks and lessons here for the IGF community?
>> SOUHILA AMAZOUZ: Do you hear me? Good afternoon. I would like to thank the commission to be part of this important conversation on how to develop or to advance effective and well functioning data governance frameworks and mechanism to support deployment of the public infrastructure. Knowing that data is from national component of KPI. So to respond to your question I would say that from our African Union perspective we see DPI as a game changer for Africa it will have to support our integration and development data it has the option to accelerate the attainment at 2063 at digital transformation and address the economic inequalities knowing it is kind of a concept of integrated systems and interoperability of digital systems that will create platform for citizens participation and also improve life as it will access to essential services. This will really help to bridge the digital divide effecting the continents and also the opportunity to create new business opportunities for people like to boost Africa digital trade, development of inclusive economy and also it will be the aim that through the implementation of the DPI concept we can achieve the prosperity of the continent. At this level so far we don't have a continental policy on DPI but we have many strategic frameworks that have been adopted. They are laying the foundation for the development of DPI across the continent maybe as you mentioned, the main one is the African Union that policy framework that was adopted in 2022 that have formed objective is to see how to harvest the potential of data to transform the economies and societies and also it aims to build the capabilities of African countries when it comes to data like how to manage data to have the data storage capacities and also to create kind of a data exchange at the national level. It will have data access and also facilitate the data transfer so the data policy frameworks lay the foundation for the development of integrated governance approach across the continent and we are now in the implementation phase as we are implementing the framework through continental initiative which is data governance initiative for Africa where we support all African countries to develop the international data strategies or policy to develop capacities because there's also need to build institutional human capacities in data to enable data to make data available to enable data access, use data sharing and it is one of the main conditions that we enable as we develop DPI so just to highlight all this, and all framework that is directly related to DPI is the interoperability framework for digital which is also the framework developed in 2022. It aims to create like space for minimum, to big countries to agree on minimal standards and typical parameters also the policies. Facilitate and enable the use of digital ID across the continent. There is also an initiative on digital payment where we created, a payment and settle on the system in Africa. It is a digital platform that is already operational but it aims to facilitate payment across the continent without relying on foreign policy so this is the key strategic frameworks that we have in place but both of them, they are in the implementation phase and all of them, they are aligned with our main core values like and principles of equity and integrity and also introduced new concept of data, justice and also transparency through the data justice we aim to ensure equal representation to all people in the digital space including the diversity of languages and culture. So as I said, we are now working with all countries to develop national capacities because it is important. At the same time, also, we have many countries that are started implementing the DPI at national level. We have countries that adverse the DPI as a national priority such as South Africa that are also pushing through the G 20 also for DPI and to have other countries that are really making good progress in advancing DPI as an integrative approach. We have already progress when it comes to advancing digital IT systems and also experiences on digital, on data exchanges, for instance, we have around 60% of African countries. They have already data privacy in place. We have like 60% in place transactions legislations and when it comes to the countries with data exchanges we have 28 countries so far, they have data exchanges, among them they have 22, they are cross‑sector data exchanges but only nine of them have the data exchanges. And we have so far 35% of countries have some kind of digital payment systems.
But 20% of them they are interoperable which shows that it is work in progress. There is a lot of policy development and also implementation. While at the same time we try to align to the African context. We know that our main challenge is to address the infrastructure and digital scheme deficit. While at the same time, integrating all that is related to digital transformation including DPI national development agenda. I stop here and I will be happy to come back if there is any questions, thank you.
>> CHETTY PRIA: Thank you so much you already introduced a few defining concepts for us to take forward. The one signalling the need for interoperability of the data.
And the data systems if we're really going to unlock the access to the digital services in our digital transformation ambitions. The second, data justice where access to data benefits all. And seeing how we meaningfully deliver on that. You spoke about integrated governance. And you also gave us a picture, I suppose, of the data ecosystem that we see across the continent and the need to boost the maturity of the data ecosystem. I wonder if I can bring Andrew into the conversation now. Sue HeLa spoke about the ambitions of the continent and what relies heavily on innovation.
I wanted to ask you what is the reason for us to get the data governance right? If we want to enable this kind of DPI innovation? Why is data governance so critical in this space? And I wonder, Andrew if you can draw on your public sector and your private sector experience.
>> ANDREW VENNEKOTTER: Sure, so thanks and I want to say first of all I appreciate the opportunity to speak at this event. One of my actually my last posting for the U.S. government was in Ghana so I spent a year living there so to all those out there thank you for welcoming me to this. So let me start with why data governance is so critical for enabling innovation. At its core data governance is about asserting positive control over especially in the AI world generative AI outputs so we have to ensure they're not just useful but also safe and beneficial and so while large language models are becoming increasingly sophisticated at content and performing deep research there's no shortcut for around good data governance. The better we help AI understand our data the better results we'll achieve and that goes for private companies and governments and public organisations alike. But then you have to also think about security. Which is a critical part of data governance so security is a fundamental aspect of governance frameworks. It can't be an after thought or bolted on solution. It has to be woven into the organisation's cultural fabric and prioritized by leadership.
Which means carefully selecting providers who demonstrate a strong security culture. And clear data ownership is also crucial. So we also recommend the organisations work with partners who establish distinct ownership and tools for data management. So another aspect of data governance is a responsible AI. Right? You need to have a concrete plan for managing risks. I recommend starting with established frameworks like NIST's AI framework. Those provide structured approaches to developing AI safely. While limiting potential harmful content. And so there's a lot of, that's data governance, right? But why do we need DAIBTS? What is the whole point of gathering data processing and generating new information.
What are we doing this for? And I think a lot of the benefits of gen AI have not been fully realized by a lot of organisations. So there's a lot of buzz around it but I want to share some actual research and exciting findings. There's a Harvard Business School study that investigated 776 professionals at Procter & Gamble and revealed some remarkable insights. Teams using AI completed tasks 12.7% faster while producing higher quality work and what's particularly interesting is that a single AI enabled individual was able to perform at levels comparable to traditional teams working without AI. And so it also, that study also found that AI helps break down expertise barriers within organisations. It bridges functional silos such as R&D, commercial teams, and enables professionals to produce more balanced solutions regardless of their background. This democratization of expertise is transforming how organisations operate. It's also enabling people who are may not be extremely technical or engineers to start thinking about creative solutions to technical problems in new ways which is I think something we're all interested in and we're seeing benefits in real world applications and not speaking for all providers but for us, we have a customer and they're using AI to revolutionize medical writing. Regulatory medical writing. Which is significantly accelerating the delivery of new medicines. And by maintaining a human in the loop approach, they ensure not only regulatory accuracy and compliance but also save pharmaceutical companies thousands of dollars in operational time so that human loop approach is also critical. We have to think about where humans need to be in fact involved in the AI data governance so that's a critical thing that all organisations public or private should be thinking about. So you know we talked a lot about governance and regulation. So when does government regulation of technology make sense I think where it makes sense is when we focus on risks and principles. We need to develop frameworks based on principles if we, if the compliance costs for most government imposed regulations are pretty high in the EU they're about 40% of the total products value. So if you think about how to enable innovation and you're already taxing in an organisation's resources with 40% you can think of all the different things you can do with those resources. And so harmonizing standards is also critical. Right? So enable, to enable international cooperation are things like data governance. We need to figure out how to make the standards work together with each other. Because technology does not have borders anymore really. And so the more we can enable innovation everywhere in the globe the more the entire world benefits from them. We also need to think about when not to do that, right? When should we be cautious when mandating new standards because I think we all can think of an example of a standard regulating something when the technology advances much faster than standard. And so that's not to say that we shouldn't do standards. Obviously we should. We have lots of standards that we comply with in my organisation. But it just means that we need to make sure that the technology is in a subtle place, in a place that will allow for the use of standards in a smart way that thinks about the risks and principles involved. And so the second thing we need to do is to accelerate private sector digital option and that means streamlining access to private finance for start‑ups and government funding for businesses. A factor that45% of businesses said is critical we also need to think about lifting up all boats by building digital skills.
84% of businesses see AI skills as crucial but only 26% feel adequately prepared. And that goes for the entire globe especially when you think about some of the great innovations going on in Ghana where I served. I knew a lot of folks who were itching to spread their products to the globe but they were facing limitation of digital skills in terms of the labor workforce so I think there's a lot of work we can do both in private sector and public sector to enable that. And then finally.
>> CHETTY PRIA: I wonder if we can pause there and come back to the recommendations, final recommendations in the closing remarks. I thought it was a good point to bring in AI innovation as an example. And to then use that as a proxy for speaking about the positive control.
That we might need over some of the AI innovation outputs. But at the same time I think it's a good time to bring in Payal now what we're seeing especially in DPI and Andrea has spoken quite a bit about AI as a proxy.
But across the DPI we're see thing model of public and private participations model. And I wanted to come to you to give us a perspective on how this is influencing markets. And what some of the key data governance challenges are that are emerging in that space. Are they risks of market concentration, data extractivism, privatization of public data. I page ‑‑ make these three points.
I wonder if you can come in at this point. Oh, what is the interplay between the public and private sector. What are the risks we should be aware of and what is the potential for data governance to address some of those risks?
>> MALIK PAYAL: Thank you, Pria and that was great to collaborate with you because these issues which were not discussed in the DPI ecosystem, especially the role of data governance, et cetera, and how it may be a competition issue as well. So as we all know DPI's characteristics and that's what we're all excited about because it is really transformational when it comes to public service delivery. Characteristics of openness, interoperability and scalability to underscore DPI's criticality beyond just technology but for the larger goals of public and private service delivery so what was heartbreaking with this kind of technology where the public infrastructure was kind of real was the provided network that enabled other entities and especially the private entities and that's where the real value creation came from to scale up to a simple plug and play system by building digital applications. Or services on these rails. But the economics of multisighted platforms where DPIs are essentially the platforms connecting multiple actors be it users, be it service providers, be it the applications, the value of the platform to one side increases with increased number of participants on the other side so these inherited network effects can lead to winner takes all outcomes resulting in the creation of monopolies. So these, in the data ecosystem, there are significant concerns that these applications which are the private entities trying to create value out of the public infrastructure may involve or may be extracting a huge amount of data. What are the data usage principles are they governed by any or is it free‑for‑all because these zero priced products because these, for instance, in the case of India's UPI, it is zero price market for users but the application providers that is the third party application providers are harvesting vast amounts of user data over time. Because data is like a shareable modular input that allows these firms who are again driving on these digital public infrastructure rails to also expand into adjacent markets for instance in the payment system we are seeing that exploring these data harness ed from these public infrastructures, companies are then getting into retail lending.
Microfinance, et cetera. So what needs to be done and that's how we started that discussion of there is an absence of contractual or regulatory framework. Which governs these private entities operating on these public infrastructures. So there should be some governance reforms and what we are discussing at various forums is that DPI must be treated as a shared infrastructure and not, can be worded into exclusive assets because only a handful of companies are then harvesting the data. So there should be some kind of contractual arrangement or concession agreement. Between the private entity and the public infrastructure provider. To provide for open access but rate, also put limits on the kind of data which could be collected, the minimization of data collection, et cetera. And these agreements therefore should establish fiduciary obligations on the private partners to uphold public interest and competitive neutrality thereby aligning the private incentives with public goals. So there is currently regulatory blind spot if I may say. Because if this data collection, data usage, by the private entities on these public platforms is not regulated, it may lead to creation of monopolistic enclosures and data hegemony in these. And this enables these players to leverage DPI infrastructure and create more dominance in many several markets. And current ly we see there is an absence of effective governance arrangement.
Which exacerbates the data extractivism, network effects exploitation and reinforcement of existing hierarchies. So while these DPIs were supposed to be by design, competitive and of course they did allow multiple parties to participate. But the fear is they may end up as big tech because of the data misuse and in the absence of data governance. So I can stop here and there we can just then discuss what are the possibilities, what could be a good data governance framework, not just limited to the data protection laws but because data protection laws do not take care of these structural infirmities which are arising out of indiscriminate data used by private entities.
>> CHETTY PRIA: Thank you so much Payal and thanks for introducing that what we are witnessing here is these platforms connecting multiple actors. We do need to ask the question of how to create the value, how to embed these governance principles, using the examples of digital payments as needing those embedded frameworks including regulatory frameworks and it comes back to that question of what makes DPI in fact public infrastructure. What makes it public? And so let's emphasize the concepts of openness, interoperability, Andrew you mentioned democratization and the need to develop the appropriate standards and I think that's where we want to place the emphasis is on the maturity of the governance frameworks we have. But also have that democratization element you mentioned that is so crucial I wonder if we can come to you now, Thomas, to bring in the civil society perspective and your data justice work. What is the role of civil society here? As these governance frameworks are being built? And how do we strengthen data governance frameworks by bringing in the crucial civil society perspective?
>> LINDER THOMAS: Thank you, Pria, it's a pleasure to be here and follow such excellent speakers I think from this perspective I would like to broaden the scope somewhat and talk about what data governance has become in the conversation about DPI. It's becoming this for quite a while when you think about it. Data governance originated in the corporate space and was tied to connections of efficiency as it pertains to profit making however that's really not what we're talking about in DPI that much anymore for sure there's some for‑profit elements but a lot of it is in public infrastructure. It's in the name we're talking about something much broader it comes down to questions of democracy and participation and equity and all of those things. And once we understand data governance from that perspective, it becomes far more a question of using data governance to understand the social contract that we're developing with DPI, right? This isn't just a simple for‑profit venture, this is a redesign ing of fundamental paths of society.
And including civil society is essential as it has been for a wide range of many other society changing developments ta we've had over the last decades.
Civil society's role there has always been as a kind of third sector. Right, to balance the interests of the state and to balance the interests of the, of corporate interests. Civil society organisations are in a very unique position in this, from this perspective. To represent different interests of groups and communities that would otherwise have been lost. And this is really essential because they function not just as a different interest but they also function to represent these interests on different levels. They can be extremely local to transnational we see all sorts of civil society organisations doing this whether they're nonprofit or charity or NGO or any other guise. So as we're thinking about introducing DPI and thinking about the data governance of it, we really need to ensure that we have this third sector voice that can represent these different organisations, these different communities, these different groups at these different levels. So including them in the conversation, including them this the design and implementation and operationalization of data governance is essential. Of course you're leaving out vast swaths of the people purported to be represented or usurped by the DPI. So what are the main ways that civil society orgs can participate in this? Because after all it is largely up to them to take up the baton and do that as many do. And from my perspective, there are four or if you count it differently, five different ways for civil society orgs to do this. The classic one is policy and research. Then the more let's call it the pie in the sky one is collective ownership of our data and also collective ownership and control over software and hardware. Our fourth one would be advocacy. Representing groups, pushing voices. And finally capacity building and I will get into each one of these one at a time. So from the policy and research perspective, civil society organisations and there are a great number of excellent organisations who do this, have done exceptional work to not just conduct civil policy analysis and provide recommendations by when we're talking about this kind of wholesale application of large, high level data governance principles, ethical frameworks, et cetera, what's really needed, what we see over and over again is a combination of adaptation and operationalization to local contexts and conditions. It will never work to simply take one model, one cookie cutter approach and replicate it all across the world: Certainly not in a place as diverse as Africa. It just doesn't work that way. You need civil society organisations with a deep embedded understanding of the local conditions who can help to do this integration adaptation and operationalization. Especially for something like DPI where there's projects whether around digital ID or payments or data exchange or whatever the next function is that we add to the DPI complex. Many of these things already exist in some form or another quite successfully and you can't just replace them. They need to be integrated. They need to be adapted so the topdown ideas of DPI need to be connected to these preexisting projects on the ground and the local civil society organisations that know them best are also best suited to help do this kind of work. Then civil society organisations can also help with coordination and translation of this knowledge. I am thinking here specifically of knowledge gleaned by practitioners on the one hand so people who have been doing the work to operationalize and implement this tech already but then also the important academic work that happens and frequently there's a mismatch between the two. The sides don't talk to each other very well but civil society organisations can be uniquely situated to help facilitate that connection to bring between the two worlds. And translate that knowledge that it may most effectively be adopted by both sides. We've seen several organisations in if we do this really well, Africa is one, and policy is one after that. So they already exist, it's just a question of championing them further.
>> CHETTY PRIA: I wonder if we can stop there I think we are waiting to get to Mariana as well. There is a good point to come in as we heard the different recommendations from the panelists. And also interesting now to bring you in with a, also a technical perspective on this topic.
So as you've listened in, I suppose what are your recommendations for how some of this can be built into the, yeah, the technical side of DPI? These essential elements, the essential attributes of what we're speaking about as the just information architecture if we want to realize these outcomes from DPI?
>> MARIANA RIELLI: Thank you Pria, thank you for the question and also the invitation to be on this panel and to the panelists before me. So I have this tough challenge of having little time being did last one to kind of try to bring everything together. But we were thinking, I speak from an organisation that is based in Brazil and is doing local and global work to promote for the rights in processes and we were acquainted somehow with these idea of DPIs as a framing and as a definition and that is disputed also around the time of the transition between the DG 20 in India and in Brazil that took place last year and we were asking ourselves I think some of these same questions. Like some more conceptual or what are we talking and some more normative what is the public and DPI what should it be and I think I heard. I heard a lot about the word integration and integrating frameworks and we have been attempting based on the Brazilian context where we have fundamental rights to data protection in a lively current landscape of both legal and institutional movements to kind of give life to this right and to this framework. How that can also be integrated to the discussions of DPI because I think her hypothesis was that this grammar of data protection was not duly integrated to the discussions of data governance when it comes to DPI.
So what we, we had already at that point had some research and policy work on risks of digital identity systems in the Brazilian context. And those were risks arising from data processing specifically but also broader risks of discrimination, exclusion, I mean, I think we all know where we're talking about here. But basically I think our concern was to not frame the problem of data related risks of ID and of digital infrastructure only in terms of privacy but rather understanding how data protection as a procedural right that has certain mechanisms to be implemented that already involves a whole number of actors that needs to be accountable how that can be better integrated into discussions with the DPI and also the framework. More recently we produced this new report that kind of seeks to create, to propose that integration, of course it considers a Brazilian legal framework for data protection but we understand that there is a lot of it that is relevant elsewhere. And I think it goes back to the idea that while privacy is substantive, the idea of data protection is really starts from the idea that personal information will circulate and should circulate and it provides the rules and the constraints to ensure that this information flow is just and protects fundamental rights including privacy but also other fundamental rights. So we think that this is relevant because we think it provides a bridge to concerns about trust that not being formulated only in terms of worthiness of systems but rather from a relational perspective that centers people. That centers their rights and creates mechanism to ensure transparency, accountability and redress for people. So from this particular context, from this particular read on DPI the report comes to a few conclusions and attempts to articulate these ideas. I will briefly share them. I know we have very little time but it starts really addressing the public value in DPI as a condition for it and that data, economic value being generated by data. Regardless of how that is shared, does not guarantee the achievement of public value if the rights of people are being neglected and that informational autonomy and self‑determination at the same time that it ensures that individuals are able to exercise their capacity to develop their personalities but also to know how their data is being used and can also generative value as it creates trust in people and databases and even connect barrier to fraud and identity theft and using those data protection and those ideas of self‑determination we also talk about privacy as contextual integrity. This is important to bring into the discussion. This is confined to data protection, scholarly circles but we think it makes sense in the context of DPI as well and the informational separation of powers the idea that at least on the state side of things, there needs to be also administrative oversight and certain mechanisms to make sure that the sharing of data is also not creating more concentration of power on that side of the equation. And finally, there are also some discussions on accountability mechanisms. And the idea that data protection is already containing a preventative and sometimes a precautionary principle and accountability mechanisms such as assessments and things that could also be looked at in terms of being updated and being adapted to the context of DPI but that we think really not be taken for granted and I think the idea is that sometimes you have this notion that a data protection is solely related to privacy or that it is very individual but what we try to kind of stress here is whether that framework also can be further assessed in terms of value creation so what we have attempted to do in Brazil recently is that and I will stop here so we have some time for questions. Thank you.
>> CHETTY PRIA: Thank you so much Mariana and I think everyone is wondering when they can get access to that report and read it and certainly I am very keen to read it. Thanks for that is that you were speaking about the embedding the rights frameworks even in the information flows and speaking about I suppose beyond privacy by design.
You know, what comes next in terms of these real mechanisms of accountability. And you spoke about autonomy and self‑determination and I think that goes back to what Thomas was describing as the social contract. If we want people to show up, then, you know, how do we deliver on the value that was initially promised? And so this has been an excellent set of provocations for how we get closer to the data governance framework that we need so thank you panelists for bringing those very many perspectives and Mariana you also mentioned integrity I think that ties in with some of what we spoke about in terms of security as well but placing now the emphasis even when we speak about integrity on how we deliver assured data value for citizens. So let's turn now to our people in the room and let us Nikita if we any questions when the screen swapped a little bit I did see some comments and perhaps some questions in the chat. Any Keta can we go to you and get a sense of any comments or questions that have come from online participants and while we're doing that can I also ask everyone in the room if you've got a question, to please come up to one too far these microphones and we will take a round of questions. Potentially two or three before we need to close.
>> Nikita: Basically we have one comment. Let me go through that. It says that like in basically we should structure the DPI in a way that facilitators seamless cross border movement and if this way we will enable innovation such as in designing models. That's one feedback that we have got in the chat besides that there is one who want to discuss the findings of implementation of VPI in India in a healthier space and focusing on the ABDM so she was discussing the findings from before change and she present it in a seminar. I'm just giving a brief overview of the findings that is provided in the chatbox and then the panelist consist provide their feedbacks if they have any.
So the findings are basically although there have been efficiencies in patient data sharing among doctors and then health care analytics supporting insurance companies, significant outcomes have been realized as well. So these include lack of access to trusts, for instance people with chronic diseases like leprosy or people with disabilities struggle with enrollment leading to exclusion of those in need of health care services. Diluting the access to health care. The next finding is data prospective sharing in this manner. Also some from accessing digital health care at all. For example, patients or businesses with social stigma suggest HIV/AIDS. So these are the findings that have been presented there's some, any of the panelists, yeah. Over to you, Pria.
>> CHETTY PRIA: That's a great example to use because it makes some of what we're speak about here really, really come alive. I'm looking around and there aren't any hands raised so please, ah, Andrew's raised his hand. Can I ask you when you raise your hand as well, to also maybe just share a closing thought, perhaps it's included in what you're going to raise but share a closing thought as we turn to each of the panelists for a line, a word, something you taking out of the session as we close the session.
>> ANDREW VENNEKOTTER: Just really quick reaction to that question. There actually are some pretty good approaches right now in terms of technology. Such as data clean room. Which is what something that you use basically to analyze data without sharing the raw data among different organisations. And that's a technical privacy preserving technique that can help if you're interested in sharing some of that sense of medical data across providers. So ‑‑ an approach that has been implemented by different providers in different ways. But data clean rooms are something to explore unrelated to that question. And I will keep my remarks at that. Thanks for the opportunity. Remember, risks and principles based frameworks don't lock in technology before the industry's agreed on a standard and make sure to lift all boats with skills and technology development.
>> CHETTY PRIA: Thanks Andrew, can I come to you Souhila with closing thoughts?
>> SOUHILA AMAZOUZ: Pria? For myself I would say that data governance is imperative for equity. We have seen there is a need to have, to ensure that there is multistakeholder multisectorial safe data sharing systems like to support the personalization of DPI and this can only achieved also with opportunity placed through accountability, transparency, and also measures to mitigate the use. As you mentioned when we start with the session the DPI main objective if we can say is to ensure digital inclusion and also to empower people. Thank you for this opportunity to speak.
>> CHETTY PRIA: Thank you so much Souhila, Payal and then Thomas if I can come to you for closing thoughts.
>> MALIK PAYAL: I think that was a good question from the audience and that basically is the core of our discussion here. That DPI government system that is supposed to be having embedded privacy by design, competition by design but those principles are continuously violated and she gave the example of India's health digital mission. So I guess the sooner the DPI community understands which they do but the sooner some governance frameworks integrated governance frameworks are discussed the better it is because the very benefit which these DPIs were supposed to bring to, on the table, would be lost because we don't want to be in a situation by the absence of clear governance guardrails and especially data governance this data can quietly slip into quasi private control without transparency, accountability or equitable return to public. And why we keep on talking about integrated data governance frameworks because laws generally just focus on individual consent and privacy. These are important. But they are insufficient as they do not address many structural risks. And lastly, the Indian state government also I just pulled out because of the question which has been put out is quite aware of the data concerns and which not only we are challenging related to cybersecurity but also protocols regarding robust encryption and data storage and Andrew is here is also to be looked into carefully where is most of the data getting stored? Is there so much of private control on data storage, what is the government's control on this data? What are the rules in place, et cetera? So in short, it's not just about privacy and consent awareness, which do get protected, get covered through data protection laws if they exist. Data governance is far more broad and should not be left to a single law or a data protection law but should integrate all aspects of the DPI ecosystem such that even issues such as disproportionate control, data sharing, et cetera, interoperability and portability are also taken into consideration. Thank you.
>> CHETTY PRIA: Thank you so much I've been signal that had we have run out of time but Thomas I wanted to say that both to you and Mariana that I think layering onto what Payal and Andrew have said I think there's also value one in bringing these perspectives together and thank you for sharing those perspectives. And also value value in what you described. There are lessons to be learned from our digital ventures that came before and in my Mariana as you said so excited to read that report and thank you also for sharing. I think we have heard from India and we're hearing from Brazil. These are the crucial lessons as we develop new interests in DPI. What is working, what is not working, really timely and current insights coming from live DPI applications.
Thank you potential panelists. Look forward to these initiatives across the spectrum of stakeholders to make the DPI governance work for the outcomes that we're pursuing. Thanks, everyone.
>> MALIK PAYAL: Good‑bye.