UDISE+
Unified District Information on School Education(UDISE)
UDISE was initiated in 2012-13 by the Ministry of Education by integrating DISE for elementary education and SEMIS for secondary education
Conceived of the UDISE+ platform in 2018
Crucial role in collecting and exchanging real-time information on school infrastructure, teachers, student enrolment, and academic performance
Covering more than 14.89 lakhs of schools, 95 lakhs of teachers and 26.5 crores of children
It allows the Ministry to curate outcome-based policies to enhance the quality of education in India
APAAR
Automated Permanent Academic Account Registry identification (APAAR)
It is a specialised identification system designed for all students in India, beginning from an early age
It is introduced in accordance with the National Education Policy (NEP) of 2020 and the National Credit and Qualifications Framework (NCrF)
It assigns a unique and permanent 12-digit ID to each student, consolidating their academic records into a single accessible platform
Registration for an APAAR ID is voluntary, not mandatory
Measures are being introduced to enhance ease of schooling, which necessitate linking of APAAR and UDISE+
Steps to automate student admissions, in turn, to reduce dropout rates and enhance opportunities for continuing education are being made
DigiLocker and ed-tech companies frequently collaborate with State governments form integral constituents of the modern education system
The Education Ministry commendably formulated a data-sharing policy for school education and literacy in 2020.
However, this is yet to be updated to reflect the regulatory overhauls post the enactment of the Digital Personal Data Protection (DPDP) Act, 2023.
In the absence of clear regulations or minimum standards (importantly, for ed-tech players), their compliance with the Act comes under question.
Challenges and complexities of managing student data
There are numerous potential pressure points wherein non-compliance of the involved actors may materialise.
For instance, there is limited guidance on what constitutes verifiable parental consent.
Consent from parents for minors’ data, sought under the UDISE+/APAAR regime, may violate this requirement.
Moreover, the DPDP Act emphasises the importance of collecting personal data for specified legitimate purposes only.
Due caution is also a prerequisite to counter potential cases of data thefts and cyber breaches
Adherence to the principles of data privacy and data minimisation is particularly pertinent given the sensitive nature of children’s personal data
Regarding exchange of personal data of children for an unspecified purpose, integration of third parties (such as entities like DigiLocker, etc.) could also raise doubts on the role thereof
Identification of actors who qualify as data fiduciary, data processor, and data principal, would be required from a liability affixation standpoint
Justice K.S. Puttaswamy (Retd.) v. Union of India (2018) laid down the three-part test against which state action must be adjudged.
This test is deployed to assess the impact of state action on the right to privacy of citizens.
The 3 conditions stipulated under this test are:
(i) there exists a legitimate state interest in restricting the right;
(ii) such restriction is necessary and proportionate to achieve the interest; and
(iii) the restriction is imposed/affected by law
Aadhaar integration in APAAR/UDISE+ must comply with these three prongs
COMMENTS