Regulators around the world are scrutinising tech companies—the US, EU, India and other jurisdictions are filing competition lawsuits against large digital platforms, and the EU as part of its digital data strategy recently released drafts of the Digital Services Act, Digital Markets Act, and Data Governance Act on competition, content moderation, platform liability, and other aspects of digital technology. In India the government recently released draft frameworks for non-personal data regulation (the NPD Report) while a Joint Select Committee in Parliament is deliberating on the draft Personal Data Protection Bill, and the government indicates interest in a focus on developing artificial intelligence and related technologies.

Data is at the core of how digital platforms provide the products and services we use today, and is central to their functioning. It also has wider implications, and the transition from a paper-based system to a digital one offers multiple advantages not always related to technology: permitting better management of information, increasing security and efficiency, and providing information and insights to enable better decision making. Data is also being used at an unprecedented scale, in public service delivery, finance, healthcare, transportation, and marketing. A variety of stakeholders are collecting increasing volumes of data, whether personal, non-personal or a combination of the two.

Yet vast amounts of data are not useful in themselves without ways to make sense of them. This is what many emerging technologies do, from machine learning to the wide range of tools named ‘artificial intelligence’—they are methods to analyse and derive value from large volumes of data, and in many cases the way they work improves when given more diverse data to analyse. It is only possible to do so by ordering and organising data into specific formats depending on the intended use: this is the role of a database.

This paper examines how databases are afforded protection and details some key considerations for database regulation in India. It explores database protections in other jurisdictions, primarily the European Union and the United States. Section 1 defines a database, 2 explores the protections afforded by copyright law, 3 examines sui generis or standalone database protections, 4 explores protection by unfair competition laws, 5 examines the protections prevailing in India, and 6 lists emerging considerations and policy recommendations.

Attribution: Aishwarya Giridhar, “Database Regulation: Examining Existing Approaches and Considerations for India,” Special Issue No. 205, Feb. 2021, Esya Centre