What does the Digital Data Protection Bill 2022 hold for edtech platforms?
As per the PwC report, edtech is expected to play a vital role in the Indian education system and grow at a CAGR of about 30% to reach a market size of $10.4 billion by 2025.
Online learning has changed the teaching and knowledge acquisition landscape in India. Both teachers and learners have transitioned to academic cyberspace to offer a rich and rewarding learning experience.
This significant spurt was primarily due to COVID-induced lockdowns, demand by traditional educational institutions for edtech infrastructure, and the general shift towards digital in society.
As per the PwC report, edtech is expected to play a vital role in the Indian education system and grow at a compounded annual growth rate (CAGR) of about 30% to reach a market size of $10.4 billion by 2025.
Several factors contribute to this growth, including ambitious expansions by industry leaders into Tier II and III cities, upskilling platforms, and edtech companies entering non-traditional segments beyond K-12 education like coding, gamification, and skill development.
Need for data protection framework
The National Education Policy (NEP) 2020 came at a benign moment, providing a flip to the edtech industry. It envisaged the creation of the National Educational Technology Forum—a floor for the free exchange of ideas on technology in education.
The rapid expansion of edtech is accompanied by increased responsibility and accountability concerning a large amount of data it collects while offering its services.
While edtech firms are improving the online education system, a significant concern is how user data is gathered, retained, analysed, and potentially, commercialised. The generated data provide an opportunity for edtech companies to improve end-user engagement while also imposing a responsibility to keep user data secure.
Edtech companies use data like location tracking, personally identifiable information such as email and contact information, and personalised learning trackers, which detect users' cognitive behaviour to better understand consumers' pain points and unmet needs. They may also gather information about the student's parent or guardian.
Sometimes edtech companies also rely on AI and ML algorithms to analyse the collected data to develop new products and services and personalise advertising and marketing to improve their reach.
They may use this data for internal business planning purposes or share it with associated or partnering entities to position their product or services to prospective customers.
Further, numerous platforms monetize such data through data analytics and data transfers, raising privacy concerns for end-users.
Therefore, taking measures to safeguard, regulate, govern, and control the massive amount of personal data is imperative. While self-regulation is a positive development, a policy to address the challenges posed by the edtech sector and set benchmarks for its operation is required.
And, with organisations leveraging edtech to enhance learning outcomes in India, edtech in India—currently used by 10% of students—is set to grow exponentially.
For edtech growth to be sustainable and equitable, India necessitates an aggressive edtech policy followed by restrictive frameworks.
Data Protection Bill in edtech
Edtech entities are primarily technology-driven. They fall outside the purview of education laws per se, allowing business flexibility. However, a host of other laws apply to them. One of them being the Data Protection Bill.
The Indian government introduced the Personal Data Protection Bill 2019, but it withdrew and replaced it with a new bill with a comprehensive legal framework of global standard laws.
It included digital privacy laws for contemporary and future challenges and catalysed Prime Minister Narendra Modi's vision of India Techade. The Ministry of Electronics and Information Technology (MeitY) has released a draft bill named ‘Digital Data Protection Bill 2022’, currently open to feedback from the public.
It frames out the rights and duties of the citizen (digital nagrik) on one hand and the obligations to use collected data lawfully of the data fiduciary on the other. The bill is based on the principles around the data economy.
Over the last few years, it has become clear that while the internet and technology are a force for learning and connectivity, it is also a place where user harm and misuse can exist if these rules and laws are not prescribed.
Children and teenagers who are the prime digital citizens should get special protection as they may be less aware of the risks, consequences, and their rights regarding personal data processing. That is why laws and rulemaking for the internet have to be around digital citizens' basic foundational principles and expectations of transparency, safety, trust, and accountability.
While this occurs, edtech organisations must create systems that protect the interests of users in addition to establishing data ethics.
Edited by Suman Singh
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)