The ODR approach can offer the soon-to-be-formed Data Protection Board mechanisms that are digital from the ground up. By integrating various elements of India’s digital public infrastructure into the ODR process adopted, we can ensure that data protection in India is techno-legal from the get-go.
This article was first published in The Mint. You can read the original at this link.
Over the past decade-and-a-half, I’ve had the good fortune of having witnessed India’s rapid digitisation from the sidelines. As exciting as it has been to see this transformation from up close, I’ve felt a mild sense of unease about what will happen if things go wrong. Given how frustratingly analogue our dispute resolution process is, it will matter little that we have streamlined our commercial interactions if we still settle disagreements the old-fashioned way.
The pandemic showed us that courts can function without parties being physically proximate. We need to use these learnings to rebuild our dispute resolution processes and make them better suited to the digital age—so that litigants and resolution professionals can function without always having to meet face-to-face. As much as we’ve been led to believe that the drama of arguing issues in open court is essential to meet the ends of justice, it is extremely difficult to assemble very busy people in the same place at the same time. We can leverage digital technologies to solve this problem. Which is why I have, for some time now, been promoting the idea of online dispute resolution (ODR).
SEBI Embraces ODR
Unfortunately, despite the valiant efforts of a burgeoning ODR community, its uptake has been slow. Which is why I was pleasantly surprised to learn that the Securities and Exchange Board of India (SEBI) has not only embraced ODR, it has taken significant steps to ensure it is actively used for disputes in the securities market.
Under newly issued regulations, investors and listed companies are encouraged to leverage online conciliation and/or arbitration measures for disputes related to their activities in the securities market. To this end, SEBI requires market infrastructure institutions (MIIs)—such as stock exchanges and depositories—to establish and operate a common ODR Portal for this purpose. All MIIs have to identify and empanel one or more independent ODR institution/s to offer time-bound conciliation and/or arbitration through online means.
Investors whose grievances have not been satisfactorily redressed through SCORES — SEBI’s complaints redressal system—can initiate dispute resolution through the ODR Portal, which has been designed to make it easy for investors to enrol themselves, file their complaints and upload all relevant documents online. The actual process of resolution is carried out by MIIs through pre-conciliation and thereafter by conciliators and arbitrators empanelled with various ODR institutions for this purpose in an end-to-end online process. Various measures have been put in place to ensure that parties treat the ODR process with the required level of seriousness. This includes strict timelines within which resolution must be completed and an obligation on market participants to train their staff on handling references arising from the ODR Portal.
Since MIIs are required to put in place appropriate management information systems to report how dispute resolution is progressing, statistics such as the number of disputes filed, how many have been resolved and the aggregate value of claims decided are accessible online and in real-time. I was delighted to note that ever since the system went live in August 2023, of the over 1,700 disputes that have been filed on the ODR Portal, more than 500 have already been resolved. As more market participants and investors register on the portal, these numbers are bound to increase.
The fact that an important commercial regulator like SEBI has embraced ODR will do wonders for its broader adoption. This implementation of ODR stands as an example for other regulators to emulate. It goes without saying that a wide range of different sectors and fields of regulatory activity can benefit from this sort of approach—from telecom to competition and consumer protection. Now that a working model exists, it is my sincere hope that other regulators will follow SEBI’s lead.
Lessons for Data Protection
I am particularly hopeful that this is the approach that the soon-to-be-appointed Data Protection Board will choose for its operations. Under the Digital Personal Data Protection Act, 2023, one of the main mandates of this board is to look at complaints filed by data principals about failures by data fiduciaries to observe their legal obligations under the Act. In carrying out these obligations, the statute demands that it function as a digital office, that it is digital by design, and also that it adopts such techno-legal measures as may be prescribed.
While we are still awaiting the details of what all this means—what shape the digital office will take, how it will be designed and the specific techno-legal measures that will be stipulated—if there is one approach that checks all these boxes, it has to be ODR. Not only does the ODR approach offer the Data Protection Board mechanisms that are digital from the ground up, by integrating various elements of India’s digital public infrastructure into the ODR process adopted, we can ensure that the entire approach to data protection in the country is techno-legal from the get-go. This, in turn, will ensure that not only will the board be able to function entirely digitally, it may not even need to have a physical office.
I would urge the government to leverage the good work done by SEBI — to use it as a reference implementation for how dispute resolution can be designed in a manner best suited for the digital age.