Democratic Accountability in the Digital Age

There is, this Brief argues, a new governance paradigm emerging, characterised by the rise of "governance by networks" and "rule by data". This flux, say the authors, is marked by a hollowing out of the state, replacement of human functions in public administration by digital technologies, and networks where private actors are becoming part of government. The resultant crisis of governability calls for new institutional mechanisms to protect and promote democratic values, as old ones are rendered inadequate. This document examines and discusses shifts in the contemporary democratic fabric by focusing on emerging technological practices in government. It explores key concerns, and articulates the gaps in current legal-policy measures necessary to promote participatory democracy in the digital age. This brief is part of a series from IT for Change produced from its Voice or Chatter research project, which examines the relationship between ICT-mediated citizen engagement and democratic governance.


Summary of key issues
We are witness to the emergence of a new governance paradigm, characterised by the rise of 'governance by networks' and 'rule by data'. This flux is marked by a hollowing out of the state, replacement of human functions in public administration by digital technologies, and networks with private actors becoming (part of) government.
The resultant crisis of governability calls for new institutional mechanisms to protect and promote democratic values, as old ones are rendered inadequate. For actors concerned with questions of rights and social justice two imperatives arise: • To articulate and call for institutional norms, rules and practices that guarantee democratic accountability in this emerging context, and • To claim the civic-public value of digital technologies so that data and the new possibilities for networking are harnessed towards a robust and vibrant grassroots democracy and citizen empowerment.
This paper examines and discuss these shifts in our contemporary democratic fabric by focussing on emerging technological practices in government. It explores key concerns, and articulates the gaps in current legal-policy measures necessary to promote participatory democracy in the digital age 1 .

Digital technologies, datafication and democratic accountability -mapping the field
As digital technologies become near-ubiquitous, we see an overwhelming growth in the volume of data production, proliferation in the variety of data available and an unprecedented velocity of data processing 2 . The nervous system of our institutions -social, political and economic -is being rewired by this pervasive phenomenon of datafication.
Governance systems are no exception to these fundamental changes. The hallmark of the datafied system is that it is autonomous, and hence resists steering and norm-development. The ensuing crisis of governability brings to the fore the foundational question about how democracy can be directed in the age of the digital.

Risks and pitfalls of Big Data driven development
The rise of data can be seen as the death of politics. As algorithmic correlations and patterns of the here-and-now world become the technical knowledge guiding decisions, data ceases to be the 'source' of knowledge. It becomes knowledge itself 3 . Its extension to tackling social issues that require a deeper social grasp or theory dismisses social, economic and environmental causes and antecedents of marginality. Whereas information, for instance, from real time mapping of peak hour transport demands, can help city governance, responding to structures of marginality requires much more than an efficient data system.
Given the socio-economic differences that play out in digital access and capabilities, the marginalised leave smaller data trails and are less vocal online 4 . As a result of this, even in mature democracies Big Data tends to be exclusionary 5 . Data-driven decision-making must hence be reexamined for how it is currently employed by the state and by international development actors.

Big Data for public good and citizen empowerment
Although current models of Big Data tend to promote techno-managerialism and undermine the democratic content of governance, the potential for reflexivity and real time response in Big Data science also points to new horizons for development policies. This extends to many areas from the spread of diseases and food grain supply to energy consumption and more. Local experience can be made visible and legible, and hence governable, locally, with power to the people. This democratic dividend from data, however, calls for human decisions on what needs to be made visible and legible in the here-and-now. It requires that descriptions of phenomena that data allows not be treated as proxies for social understanding and collective wisdom. It necessitates a data capability at local levels that is sophisticated, which presupposes legal and institutional guarantees for citizens' right to connectivity. It also calls for the socialisation of data through the creation of a Big Data Commons that furthers collective decision-making without undermining individual right to informational privacy 6 .

Private actors and non-accountability
Policy and governance practices based on digital mediation have given rise to 'governance by networks', a post-democratic system that favours elite interests and shuts out the public 7 . When expertise becomes the staple of democratic decision-making, governance must then transform into a networked activity through win-win partnerships between those with the know-how to change the world. As private entities come in to take on core governance functions, the integral process of democracy is subverted into a data economy, driven by corporate interests and opaque to citizens producing the data. The result is a blurring and obfuscation of who retains control and responsibility for outcomes of such approaches.

Algorithms and subversion of deliberative democracy
Policymakers are increasingly resorting to Big Data analytics as a method for capturing citizen feedback and opinion. But passive, indirect interaction decoded from data cannot become a substitute for participatory and deliberative methods to shape government decision-making. Much of the 'how' and 'what' behind data-driven participation remains hidden in proprietary black boxes, belying the unlimited transparency promised to citizens through new governance paradigms 8 .

Need to strengthen 'new governance' for citizen rights
Emerging 'new governance' trends (characterised by networks and rapid datafication) pose critical concerns for citizenship and people's democratic rights. But given that digital networks can be steered to reach the ideals of participatory democracy, evolving principles for their governability becomes a priority. This, inter alia, involves development of: standards and benchmarks and the legal limits to manage and steer the data economy; guarantees for representation of the plurality of experience and diversity of standpoints -especially of the marginalised -in democratic governance; and public interest data and algorithms to empower local communities for participatory democracy and collective action.
3. Datafication and governance in India -framing the issues The vision, design and implementation of e-governance in India and the shift to a 'digital by default' discourse in government must be examined and interrogated from a citizen rights standpoint.
3.1 E-governance and public services delivery 3.1.1 New exclusions from welfare services Digitalisation and lack of last-mile bank linkages: As the Economic Survey of 2016 has pointed out, the national level push for JAM-based cash transfers is not backed by institutional preparedness. Even though 95 per cent of India's adult population has an Aadhaar card, and mobile penetration in rural households is over 67 per cent, hardly 27 per cent of villages have access to a bank within 5 kms. Thus, getting money from the banks to the beneficiaries at the last mile remains a huge impediment in the implementation of JAM 9 .

Errors in Aadhaar seeding: Errors in the seeding of beneficiary databases of departments with
Aadhaar numbers, as part of the switch to Aadhaar-authenticated service delivery at the last mile, have led to unfair denial of benefits. A well-known example is the case of old age pensions in Rajasthan, where data entry errors have resulted in many beneficiaries being struck off the pensions list, and even transfers of pensions into wrong bank accounts 10 .

Authentication failures at the last-mile:
The fingerprint authentication technology being used in last mile service delivery has been found to be highly susceptible to errors. For example, in Andhra Pradesh, failure analysis reports for Social Security Pensions (SSP) and the National Rural Employment Guarantee Act (NREGA) show that failures due to 'biometric mismatch' have remained around 20 per cent -i.e. one in every five fingerprint authentication fails 11 . Similarly, in Aadhaar linkages in MGNREGS in Jharkhand, a UNDP study has found that only 4 per cent of the surveyed beneficiaries reported successful fingerprint authentication at the first attempt 12 . In addition to glitches in biometrics, interrupted power supply, patchy Internet connectivity, and server issues pose challenges for Aadhaar verification at the last-mile.

Lack of room for local flexibility:
The centralised nature of the Aadhaar data operations may not guarantee the decentralisation of discretion necessary at the last mile for responsive action on beneficiary identification and selection. For instance, more powers to the Gram Sabha/ Ward Sabha may be needed in this regard so that the dynamic nature of poverty and vulnerability can be accounted for.

Lack of redress mechanisms for citizens
There is currently no provision in the Aadhaar Act that enables beneficiaries to seek redress against unfair denial of entitlements due to hiccups in JAM roll-out or authentication failure at the last mile. There is only a weak sub-section, Clause 23(2)(s), that permits the UIDAI to set up grievance redress mechanisms at the block level to address these issues, if it deems fit.

Privacy and Aadhaar
While the Aadhaar Act restricts access to the identity information and authentication records stored on the UIDAI database for protecting confidentiality of individuals, it sidesteps privacy rights 13 . In fact, owing to two broad exceptions, the provision for restricted access is significantly diluted 14 .
• Exception 1: District judges can pass orders that authorise state agencies' access to Aadhaar data without any disclosure or discussion with the citizen affected, and without any avenue for appeal. • Exception 2: In the interest of 'national security', any Joint Secretary authorised by the government can direct disclosure of information.
The only review mechanism instituted for such orders is the constitution of a committee comprising of the Cabinet Secretary and the Secretaries to the Government of India in the Department of Legal Affairs and the Department of Electronics and Information Technology. There is no independent oversight mechanism for reviewing the disclosure orders issued by the executive.
These gaps are worrisome in the post-Snowden era, especially in India, where the national security establishment has adopted mass surveillance programs like the Centralised Monitoring System with almost no safeguards in place to prevent abuse of power. Further, in May 2016, following the enactment of the Aadhaar Act, the Secretary of the Department of Electronics and Information Technology announced a plan to create a convergent database of beneficiaries for Aadhaar-enabled service delivery, positioning this as the foundation for an efficient welfare regime in the country 15 . The Secretary also shared that the government is contemplating the handing over of powers of updation of this database to CEOs of janpad (block level administration) in rural areas, and to the Chief Municipal Officer in urban areas. Against this backdrop, plans for creating a centralised, convergent service delivery database are likely to compromise individual privacy, giving the state immense powers to track citizens.

Lack of a data commons roadmap
Local democracy in the digital age requires locally available data for planning, budgeting and community monitoring. Such a public data commons, owned and managed by local communities and allowing for disruptive citizenship opportunities, especially for the hitherto marginalised, needs to be grounded in a strong legal-policy framework. While the rhetoric in the Digital India documents underlines the importance of decentralised planning, it does not spell out the necessary institutional arrangements to promote 'local data for local democracy'. As demonstrated by the 'information utilities' proposal that was widely disseminated in the early days of Aadhaar, the state has been more than willing to collect citizen-data, hand it over to private parties and pay them to 13 http://www.caravanmagazine.in/vantage/aadhaar-bill-another-legistlation-leaves-power-centre 14 http://www.thehindu.com/opinion/lead/lead-article-on-aadhaar-bill-by-chinmayi-arun-privacy-is-a-fundamentalright/article8366413.ece 15 http://www.governancenow.com/gov-next/egov/using-data-improve-social-welfare-schemes 4 buy back analysed data 16 ! The much-publicised Smart Cities programme also seems to follow the same trajectory, partnering with technology companies and promoting a data-based solutionism. The guidelines underpinning the scheme make no reference to the need to ensure that civic data generated in the Smart City projects must be retained as a data commons, and not appropriated/ locked in by the IT vendor.
3.2.2 Lack of a comprehensive data governance framework that speaks to concerns of privacy, transparency and ownership India currently lacks a data governance framework to oversee the multifarious dimensions of data governance, affirming citizen right to privacy (and protection from abuse by state and non-state actors), while balancing considerations around the public value of data. The government's approach to protection of citizen data has been rather ad-hoc. A recent study by the Centre for Internet and Society found that of 33 schemes initiated by the government under the Digital India programme, 20 have published their privacy policies online. While 22 schemes specify that the ownership of the data is with the individual, 7 state that ownership lies with the government agency. Only two schemes explicitly state that data collected may be re-used. Though all 33 schemes take consent, the form and comprehensiveness of the consent varies 17 .
Data re-use without explicit consent can directly violate citizen rights. The Big Data landscape is a mammoth, unregulated industry, posing ever new ethical challenges to governance. Google's DeepMind, for example, is currently collaborating with the National Health Service (NHS) in UK to support health care solutions. The NHS has used a loophole around 'implied consent' in the rule book, and handed over access to personal records of 1.6 million patients to Google, without their knowledge 18 .

Citizen participation and digital rights
The National E-Governance Division is building a Rapid Assessment System (RAS) that will enable individual departments to mine SMS feedback from citizens about services, to determine follow-up action 19 . The Government of India is also engaged in Big Data analysis of citizen voice on its MyGov platform and social media accounts. Policy priorities in 19 areas are being determined through this process 20 . This switch to data-based decision-making is part of a larger trend of reducing the idea of public dialogue and consultation from a complex process that includes debate, deliberation and answerability to an individualised exercise of fixing a grievance. What these developments mean for democratic participation will be a key question in the coming years, considering the overwhelming evidence about the lack of representativity and potential for structural exclusion of minority view-points in algorithmic decision-making 21 .
A related concern is the absence of meaningful cultures of citizen participation online. This is owing to many interrelated factors: Although the National Telecom Policy (NTP), 2012, speaks of a right to broadband, this does not translate into a de facto right, the quality of connectivity for the majority being poor. Consider this: while the NTP defines broadband as an Internet connection with upload and download speeds equal to, or greater than, 512 kilobits per second (kbps), this benchmark is vastly lower than the 25 mbps for downloads and 3 mbps for uploads, set by the Federal Communications Commission in the US. • Common Service Centres at the village level, despite the intent of their architects, have not emerged as key public access spaces that facilitate marginalised rural users' access to governance services and citizen engagement platforms, or as key nodes galvanising local civic networks. • Even though the National Digital Literacy Mission was set up to promote a digital literacy model that would enable "citizens to actively and effectively participate in the democratic and developmental process", it has not been able to move beyond a narrow, skills-training approach.
Open data efforts, despite the existence of the National Data Sharing and Accessibility Policy, have not been able to effectively open up access to information that can bring about real change on the ground. As observed by a 2015 research study, "critical datasets are unavailable on (the government's official data portal), available datasets are often outdated, duplicated, incomplete, inadequately referenced and lack common terms used to describe the data. Top level meta data such as data collection methodology and a description of the variables are also either missing or incomplete 22 ." As a result, the meaningful re-use of open data by citizens, to strengthen their claims-making on state structures and demand accountability from authorities, becomes difficult.

Privatising government
Public Private Partnerships (PPPs) seem to be the preferred modus operandi in the emerging digitalised governance ecosystem. The result is a marketisation of governance functions, a process in which democratic accountability is completely compromised.

Corporatisation of the welfare apparatus
Welfare service delivery is undergoing end-to-end privatisation, under the Common Service Centre (CSC) scheme, which aims at setting up 2,50,000 last-mile service delivery kiosks across rural India. In this initiative, the state is partnering with private companies to set up points of service through a PPP model.
It has been noted by researchers that profitability of service delivery, rather than inclusion, gains primacy in the CSC model. Most worryingly, there are no legal safeguards to ensure accountability to citizens in this entire privatised welfare delivery apparatus.

Privatisation of data management in governance systems
As part of the Digital India vision, government data centres are currently being modernised by commercial entities -particularly foreign entities 23 . Creation and maintenance of data systems for government agencies are outsourced to private vendors, often without clear rules about data management protocols 24 . As a result, de facto control of the data is vested in the private partner. The state agency finds itself in a position of dependency vis-a-vis the private partner, lacking bargaining power in the PPP.
In the context of Aadhaar, the management of identity information is being undertaken by a government agency, the Central Identities Data Repository (CIDR), with a network of registrars who will assist in enrollment and authentication processes at the last mile. Registrars can be public or private sector agencies. Though in the initial stages of UIDAI roll-out most registrars were government agencies and commercial banks, the involvement of data companies at a future stage is very likely. Under the Smart Cities programme, the government has embarked on creating IT-enabled cities under a PPP model. IT solutions such as "Smart Parking, Smart CCTV Surveillance, Smart Street Lighting, Smart Water Management/Leak Detection and Community Messaging" are being proposed for urban infrastructural problems. The model is likely to create a situation where city governments and citizens end up as consumers of a range of IT-enabled applications and platformbased services that are developed, owned and maintained by foreign companies. The risks such an arrangement can pose for citizen-data in a context without robust privacy and data protection legislation are quite huge.

Towards a road-map for democratic accountability and citizen empowerment in digital times
Reclaiming democracy in the digital age calls for action on many fronts: • Norm development for a digitalised public service delivery model that guarantees citizen rights. • Laws and protocols on data that cover privacy safeguards, transparency and accountability considerations (including open data practices), social ownership of data, regulation of the data economy. • Rules and protocols for participatory and deliberative democracy, including digital rights of citizens. • Reining in run-away 'network governance' through legal-institutional mechanisms that check anti-democratic practices of private and public actors.

Questions
Our policy research raises the following questions for democratic accountability and citizen empowerment in digital times: 1. How can we develop a digitalised system for welfare services that not only ensures effective targeting and efficient service delivery, but is also locally responsive and accountable?
• What safeguards need to be explored to prevent exclusions arising from authentication failures? • How can individuals have better control over their personal data in Aadhaar?
• Can there be alternatives to bio-metric based authentication?
• What redress mechanisms are necessary to tackle denial of services stemming from authentication failures? • How can we move towards a decentralised data system in welfare management? • How can responsiveness to the citizen be programmed through discretion and flexibility in beneficiary databases? • What is the role for the panchayat and citizen forums in relation to digitalised welfare?
2. How can we move towards a regulatory framework that effectively balances the multiple considerations for an effective data governance (data-in-governance) regime?
• What kind of design principles are necessary, if the starting point for all networked infrastructure is based on 'privacy by design'?
• How can techno-design architectures ensure distributed data storage and retrieval?
• What new institutional arrangements may be necessary for independent oversight of data protocols and practices in governance? How can these address the need for socialising public data ownership? • What are the technical approaches to balancing transparency and privacy considerations effectively, in governance data systems? • What kind of information about digitalised welfare delivery must be in the public domain and what guarantees does the citizen need while using authentication systems?
3. How should we rethink the right to participation in the digital age? What does it mean to extend this right to online spaces and what new guarantees and institutional safeguards are required?
• What would qualify as a 'right to (quality) connectivity'?
• What legal-institutional mechanisms are necessary to address emerging challenges to civilpolitical rights in online spaces? Do we need new laws? • What principles would be necessary to tackle the impunity of Internet platforms/ corporations? • What mechanisms can be contemplated to make data-driven decision making transparent and respectful of individual privacy?

How can we check anti-democratic tendencies of private actors in network governance arrangements?
• How do we address the corporatisation of public services delivery and its governance from the standpoint of accountability to the last citizen? • As we enter a no-looking-back era of algorithmic decision making (in programmes such as Smart Cities), what kind of correctives are necessary to take back the control from corporations over people's data? I  2  0  1  6   T  h  i  s  r  e  s  e  a  r  c  h  h  a  s  b  e  e  n  p  r  o  d  u  c  e  d  w  i  t  h  t  h  e  f  i  n  a  n  c  i  a  l  s  u  p  p  o  r  t  o  f  M  a  k  i  n  g  A  l  l  V  o  i  c  e  s  C  o  u  n  t  .  M  a  k  i  n  g  A  l  l  V  o  i  c  e  s  C  o  u  n  t  i  s  a  p  r  o  g  r  a  m  m  e  w  o  r  k  i  n  g  t  o  w  a  r  d  s  a  w  o  r  l  d  i  n  w  h  i  c  h  o  p  e  n  ,  e  f  f  e  c  t  i  v  e  a  n  d  p  a  r  t  i  c  i  p  a  t  o  r  y  g  o  v  e  r  n  a  n  c  e  i  s  t  h  e  n  o  r  m  a  n  d  n  o  t  t  h  e  e  x  c  e  p  t  i  o  n  .  T  h  i  s  G  r  a  n  d  C  h  a  l  l  e  n  g  e  f  o  c  u  s  e  s  g  l  o  b  a