Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

How does this project fit into your broader strategy?

IDSA focuses on data sovereignty/ ownership. FarmStack wants to build software on top of the trusted connector and make use of the technology in the agriculture sector enabling farmers to control their data. This aligns with the government policies as well as DG’s broader vision.

Team

Project owner: Vineet Singh 

Team members: Razak K M Gerd Brost (Unlicensed) Michael Lux (Unlicensed) 

Status

Status
colourBlue
titleIN PROGRESS

Problem Space

...

Why are we doing this?

Problem statement:

How we may enable farmers to assert control on their data?

Impact of this problem:

Farmers, specially small holder

...

have to make multiple decisions that affects their livelihood directly. With agriculture tech ecosystem getting more focus, the importance of data is increasingly becoming important in aiding the decision making process. The data typically involves sensitive information and also transaction information which can’t be shared without consent from the farmers.

Impact of this problem:

Sharing this information unlocks potential of new services for the farmers as well as ecosystem actors as they can bundle services together leading to better experience of the farmers.

How do we judge success?

...

  1. Farmers consent to share their information maintained by one org to another to get a service they find useful

  2. Some percentage of farmers avail the service

...

  1. and find it beneficial

  2. Farmers are able to understand the value of their data and are willing to participate even more in future

  3. Org maintaining data and providing service see value with improved farmer satisfaction

What are possible solutions?

There are two broad ways to solve this problem:

  1. Each application provider publishes the data back to the farmers who maintain the data in some data wallet and share it at their own convenience

  2. Today most of the applications ask permissions to capture information of the farmers at the time of onboarding. The farmers, in the same way can give consent to share the data captured to avail some services beyond what is provided by the application. The consent can be a token that is collected against the user. The data itself is not maintained by the farmers but in stead they control with whom and for what it is shared.

Validation

...

Can consent be extended to create usage control (consent is used to transfer data but can not enforce how, to whom and for what data is to be transferred)?

...

Policy level signals/ insights:

  1. Globally, GDPR is being seen as a reference document and GDPR focuses heavily on consent and restricting purpose, time, storage etc.

  2. Government of India has already come up with a consent framework, here are some resources:

    1. Presentation: https://www.slideshare.net/ProductNation/data-empowerment-protection-architecture-depa

    2. They are already working on integrating a confidential compute with the consent framework

    3. Agriculture and Healthcare are the focus area with adoption in banking sector already setting precedence

    4. A pilot is being proposed in the state of Karnataka that takes consents from the farmers

...

There are group of startups who want to exchange data based on the consents

...

What do we need to answer?

Do farmers want it?

  1. Farmers are sensitive about some information: here is one news report and DG has seen that the farmers are sensitive about landholding size/ earning as opposed to crop grown.

  2. Farmers need to see tangible benefit. Data is as good as the benefit it can create for farmers - privacy takes backseat.

  3. Farmers like most users are not aware of how their data is being used and don’t like connecting to service that is irrelevant

Further questions

  1. User side:

    1. How do we get informed consent?

...

    1. - possibly use visual cues to explain not the terms but purpose

    2. Do we need to raise awareness for enforcing

...

    1. control

...

    1. over data?

...

Is the usage control imposed on provider or consumer or both (provider is collecting/ managing data but the true owner is the farmer)?

...

Ready to make it

...

What are we doing?

...

We have two use cases running in India. One in the state of Bihar and another in the state of Andhra Pradesh.

  1. In use case 1, Digital Green provides coaching to farmers on climate smart practice. Digital Green already maintains database of farmers, the practices they have adopted and the crops they have grown. While showing the videos, the extension worker gets the consent from the farmers to share their activity and field details to certifiers and buyers. If the farmers give the consent, the relevant data is transferred.

    1. Incentive for farmers: ease of onboarding and benefit of getting discovered

    2. Incentive for organisations: buyers get to discover the farmers easily

    3. incentive for govt: give control in the hands of farmers

  2. In use case 2, Digital Green right now is operating the certification shops for chilli farmers where the grade of produce is quantified and they get customised advisory to improve the quality and also to connect to the buyers who can give better price. In future this is to be operated by government owned shops where the details of the grade will be shared based on the consent of the farmers.

    1. incentive for farmers: decide whom and what data they want to share, if grade is bad they want to share to just the advisory service provider details about the practice

    2. incentive for the buyers: discovery of farmers and able to offer better price for better quality

    3. incentive for the govt: enable network and help improve quality in long term

...

Why will a customer want this?

...

  1. Use case 1:

    1. Farmers are sensitive about sharing the details of their field size etc unless there is benefit

    2. Government who is maintaining this data with digital green wants to impose necessary restrictions so that farmers data is controlled by the farmers

  2. Use case 2:

    1. Farmers who get lower grade may not want to share the data to the buyers as it gets lower price but they may want to share the details with an advisory service to know how they can improve their grades

    2. The grade of the produce by the farmers is a sensitive information that needs to be managed by the government and they want necessary restrictions to be placed

...

Visualize the solution

...

  1. Use case 1

    1. The extension workers who show videos to the farmers and provide advisories collect consent using an app:

      1. The app has visual images or videos that explain the data that is held by the govt, how sharing this can help the farmer and the reason for their consent

      2. Explain that the farmers will get verification call and/or SMS and the response they should give

      3. Stage 1 focuses on enabling farmers to exercise control of “with whom and how data can be shared”

      4. Stage 2 enables farmers to exercise control of “what part of data can be shared to whom”

      5. Stage 3 enables farmers to exercise control of “the purpose of sharing specific part of data - defined by application”

    2. The data of the farmers about their farm and farming activity (including history) is maintained by DG in MySQL DB and an application is created that queries data from the MySQL tables to create a combined table of relevant columns. The application runs inside a connector and passes on only that field where the consent artefact is a) obtained and is b) valid. The application need not be real time and can have some latency in fetching data

    3. Every time data is shared for a specific farmer, the transaction is logged which has the details of a) the connector or endpoint where it was made available, b) the metadata of the org who had the access.

    4. The connector can be run by DG or by the government partner.

  2. Use case 2

    1. Similar to above except that the farmers give consent at the certification shops.

...

Scale and effort

  1. Use case 1:

    1. Scale: we wish to start in a toned down use case where we start with advisory creation by sharing location data for getting soil parameters (start with few 100 farmers)

    2. Effort: Medium

  2. Use case 2:

    1. Scale: pilot done with 2000 farmers

    2. Effort: Medium - large

    1. - not initially, rather we capture how willing are farmers to control their data

    2. How do the farmers and/or organisations get value ? - please see the use cases here

  1. Backend tech:

    1. What does consent look like? - we use consent artefact as defined in DEPA architecture adopted by Government of India, it defines issuer, collector, requester and signature.

    2. How does consent relate to usage control? consent is a token in DEPA used primarily for verifying issuer, collector, data provider and consumer. It also has a section called purpose and access type. The purpose is just a text now which can become the application hash or a list of orgs where it can be shared. If the farmer details are in a row, each row will refer to a consent and the data transfer will happen as per the consent provided.

    3. Is the usage control imposed on provider or consumer or both? - stage 1: enforce on provider to whom and how data can be shared, stage 2: enforce on provider what part of data can be shared and stage 3: enforce on provider what part of data can be shared to whom and what the consumer can do.

Further reading

Consent use case

Requirement formulation

Additional resources

Depa book:

View file
nameDEPA Book.pdf

...

Detail presentation of use case here:

...