The Indian government has projected Open Network for Digital Commerce (ONDC) as a platform to democratise e-commerce in India and break the hold of private players such as Amazon and Flipkart on the Indian market. While addressing the ‘ONDC Elevate’ programme last month, Union Minister Piyush Goyal said that ONDC is an engine of growth and could redefine the e-commerce industry completely.
ONDC has been widely discussed due to its highly competitive price on food delivery, challenging the dominance of established players like Swiggy and Zomato. Many users flocked to the platform to avail the products at such cheap prices. It’s important to note that sellers on ONDC platform were able to sell products at such low prices because there’s no intermediary in between to take a percentage cut on every sale.
According to reports, ONDC will soon start offering mutual funds, insurance, personal loan, and insurance among other things. Users on the platform will only increase, even if not at par with other e-commerce platforms. However, amid this, the concerns regarding the approach of ONDC towards data privacy, particularly in the absence of a comprehensive data protection bill in the country remain.
Data Privacy concerns
“E-commerce platforms have a multitude of data points and they’re used for competitive pricing, recommendations, etc. Our concerns essentially stem from the fact that there is an absence of the data protection bill in the country,” Tejasi Panjiar, associate policy counsel, Internet Freedom Foundation told AIM.
The ONDC Strategy Paper does suggest that data points such as Personal Identifiable Information (PII) as well as seller data critical to trade will remain siloed within the buyer app and seller app respectively and will be protected from third-party access. It also mentions that ONDC may collect personal data about a natural person, living or deceased. However, in the absence of a data protection law, storing consumer data is a privacy concern and further, how ONDC is handling these data points remains unknown.
Moreover, the digital rights advocacy group has also raised concerns that arise regarding the network-wide sharing of ‘anonymised performance metrics.’ These concerns persist as the re-identification of anonymised data remains feasible with just a few data points, such as pin code, date of birth, and age, which can accurately identify users from anonymised datasets.
While once the Digital Personal Data Protection Bill (DPDPB) comes into effect, ONDC has to adhere to the laws of the land, however, Panjiar said that the bill does not do much to address the rights of the citizens either.
Does not come under RTI
ONDC was incorporated on 31 December 2022 with an initial investment from the Quality Council of India (QCI) and Protean eGov Technologies Limited. ONDC is not a government agency or a Public Sector Undertaking (PSU). It is a private non-profit company established by the Department for Promotion of Industry and Internal Trade (DPIIT). This has been done to diminish the motivation for profit maximisation and prioritise ethical and responsible conduct.
However, by doing so, according to the IFF, ONDC does not come under the ambit of Right to Information (RTI). “Given that ONDC is a Section 8 company and not a public authority, it falls outside the ambit of RTI,” IFF said in a blog post.
The exclusion of the ONDC from the purview of the RTI raises a significant issue. By not being subject to RTI, there is a lack of mechanisms for common citizens to obtain crucial information regarding ONDC’s operations, decision-making processes, and adherence to accountability and transparency standards.
“Since our fundamental rights are enforceable against the State, aggrieved citizens won’t be able to avail their right to file a writ petition under Article 32 and 226 in case of violation of their rights,” IFF said.
Additionally, this absence of transparency creates an environment where the public is unable to effectively monitor whether ONDC is upholding best practices and acting in the interest of the citizens it serves.
Piyush Goyal once said that it is essential for the ONDC to establish consumer trust by implementing strong mechanisms to address consumer grievances and enforce transparent policies regarding returns, refunds, and cancellations. Other e-commerce has built consumer trust upon a strong consumer grievances redressal channel and it’s a welcoming move for ONDC to have similar channels. However, as things stand, ONDC does n0t have such a mechanism in place. All users can do is write to an email id to share their grievances.
Additionally, the multiplicity of stakeholders within ONDC, encompassing buyers, sellers, and logistics, pose potential obstacles due to the complexity and coordination required among these various parties, potentially impeding the seamless functioning of the network. So far, many users have taken to Twitter to vent their frustrations about the unavailability of a proper grievances redressal mechanism.
Further, there is also a lack of clarity regarding the resolution of privacy-related grievances and breaches of data within the existing framework. Given there is no robust grievances mechanism in place currently, the potential for redressal of such concerns remains uncertain, raising questions about the overall accountability and trustworthiness of the system.
The post ONDC Has a Data Problem appeared first on Analytics India Magazine.