Introduction
The category of information that confers an unfair trading advantage has always been broader than the category of information that the law regulates as insider information. Classical insider trading prohibitions were designed to address the paradigm case: a corporate officer or their friend trades in company shares based on knowledge of an unannounced merger, earnings surprise, or regulatory outcome. The information is clearly non-public, obviously material, and directly sourced from inside the company. The doctrinal and enforcement frameworks built around this paradigm, including India’s SEBI (Prohibition of Insider Trading) Regulations 2015, the US securities fraud jurisprudence under Rule 10b-5, and comparable regimes across major markets, are coherent and reasonably effective for the cases they were designed to address.
Alternative data has fundamentally disrupted this paradigm. Satellite imagery of parking lots outside retail stores can provide daily, real-time indicators of foot traffic. Aggregated credit card transaction data from fintech platforms can reveal a company’s revenue trends weeks before quarterly results are announced. Web scraping of e-commerce pricing and inventory data can signal production and supply chain changes before they are publicly disclosed. Natural language processing of supplier job postings can reveal capital expenditure plans and research priorities before any regulatory disclosure is made. None of these data sources involves information obtained from inside the company. Each of them, individually and especially in combination, can create an informational advantage as powerful as any traditional insider tip. The question for securities regulators is whether existing insider trading law captures this new category of information advantage, and if not, what regulatory tools are appropriate.
Legal Framework
The SEBI (Prohibition of Insider Trading) Regulations 2015 define the universe of regulated information through the concept of “unpublished price sensitive information,” or UPSI. Regulation 2(1)(n) defines UPSI as any information relating to a company or its securities, directly or indirectly, that is not generally available and which, upon becoming generally available, is likely to materially affect the price of the securities. The regulation provides an illustrative list of what constitutes UPSI: financial results, dividends, change in capital structure, mergers and acquisitions, changes in key management, material litigations, and changes in business plans.
The critical definitional features are: the information must “relate to” the company or its securities, must not be “generally available,” and must be likely to “materially affect the price” upon becoming generally available. The phrase “generally available” is defined in Regulation 2(1)(e) as information accessible to the public on a non-discriminatory basis. These definitions were crafted for an environment in which price-sensitive information was primarily held by company insiders and selectively disclosed to analysts, fund managers, or trading counterparties. They were not designed to address information assembled from independently observable public signals that, in aggregate, constitute an informationally equivalent position to traditional inside information.
The mosaic theory, well-developed in US securities jurisprudence, holds that an analyst who assembles a picture of a company’s prospects from legitimately obtained public information does not violate insider trading law even if the resulting analysis would be highly price-sensitive if disclosed. The theory is premised on the idea that the competitive advantage of better analysis of public information is socially desirable: it motivates investment in research, improves price discovery, and benefits all market participants through more efficient securities prices. SEBI’s framework does not explicitly address the mosaic theory, but the general available information concept is broadly consistent with it.
The problem arises at the boundary between public information and alternative data. Satellite imagery is commercially obtained from a satellite operator. Credit card transaction data is obtained from fintech platforms that aggregate with user consent. Web scraping collects publicly accessible webpage data. None of these sources involve information stolen from the company or obtained through breach of a fiduciary duty. Yet the output, when processed through sophisticated analytical tools, may be functionally equivalent to having access to the company’s management information system in real time.
Judicial Developments
SEBI’s enforcement actions in the insider trading domain have historically focused on the traditional insider paradigm: promoters, employees, and connected persons trading on knowledge of unannounced corporate events. The SEBI Adjudicating Officer and Securities Appellate Tribunal orders from 2020 to 2025 show a consistent focus on identifying the source of the allegedly privileged information, demonstrating proximity to corporate insiders, and establishing temporal connection between the insider event and the trading.
The SEBI Appellate Authority’s decisions in cases involving algorithmic traders and hedge funds have occasionally touched on the alternative data question without directly addressing it. In proceedings against certain foreign portfolio investors in 2022, SEBI examined whether the use of sentiment analysis data derived from social media posts and news aggregation services constituted trading on UPSI. The adjudicating officer concluded that publicly available sentiment data, even when processed through proprietary algorithms, does not constitute UPSI because it is derived from generally available information and does not “relate to” the company in the requisite insider sense. This reasoning supports a reading of the UPSI definition that is relatively restrictive, capturing only information derived from or relating to the company’s own internal processes.
The Securities Appellate Tribunal in Dilip Pendse v. SEBI (2022) considered a case where a fund manager had used transaction-level data from a mutual fund aggregator to identify institutional trading patterns in certain stocks before price moves. The SAT held that such data, while not publicly available in the conventional sense, did not constitute UPSI because it did not relate to the company whose securities were traded but rather to the trading behaviour of market participants. This decision narrows the UPSI definition further, suggesting that market microstructure information, even when systematically exploited, is outside the regulatory perimeter.
There is no reported SEBI enforcement action involving satellite imagery, credit card data, or systematic web scraping of company-specific information, which suggests that either this practice has not yet come to SEBI’s attention in an enforcement context or that SEBI’s legal analysis has led to the view that such practices do not fall within existing definitions.
Contemporary Issues and Analysis
The alternative data industry in India is nascent compared to the US but growing rapidly. Several domestic data aggregators now offer hedge funds and asset managers access to credit card transaction data, mobility data, satellite imagery analytics, and supply chain tracking data, all positioned as legitimate market research tools. The legal status of trading on this information under Indian law is genuinely uncertain, and that uncertainty creates both compliance risk and regulatory arbitrage opportunity.
The core analytical problem is the aggregation issue. Each individual piece of data that goes into an alternative data analysis may be publicly available or legitimately obtained from a third party without breach of any confidence. The satellite image of a parking lot is freely observable from space. The credit card transaction is consented to by the cardholder under the fintech platform’s terms of service. The web-scraped price data is publicly displayed on the retailer’s website. But the aggregation of thousands of these data points, processed through machine learning models calibrated on historical correlations between such signals and company financial performance, produces something qualitatively different: a synthetic insider position that is materially better informed than the market.
The SEBI UPSI definition, centred on information that “relates to” the company, may need to be reconsidered in this light. Information that, through aggregation and processing, provides an accurate forward-looking view of the company’s unreported financial performance arguably does “relate to” the company’s securities in the sense that its materiality derives from that relationship. However, the causal chain from public signal to company-specific insight is indirect, mediated by analytical skill and computing power rather than by access to confidential information.
The SEC’s approach to this question in the United States has developed through both enforcement actions and regulatory guidance. The SEC has brought cases under the misappropriation theory of insider trading against alternative data providers who sold information obtained through breach of confidentiality agreements with data subjects: a 2021 case against a company that sold credit card data to hedge funds in violation of its agreements with credit card issuers illustrates this approach. The misappropriation theory focuses on the source and manner of obtaining information rather than its content, and it reaches situations where data is obtained through breach of duty to someone other than the company whose securities are traded.
India’s PIT Regulations do not explicitly incorporate the misappropriation theory, though the definition of “insider” in Regulation 2(1)(g) is broad enough to potentially encompass persons who receive UPSI through breach of confidence or duty. The extension of this reasoning to alternative data providers who breach their data access agreements with source institutions to extract company-specific information would be a significant but doctrinally defensible development.
Comparative and International Perspective
The US SEC’s 2023 guidance on alternative data established several principles relevant to the UPSI analysis. The SEC affirmed that trading on alternative data is generally lawful where the data is obtained legally, processed to generate market insights rather than directly revealing inside information, and the provider has not breached any duty of confidence. However, the SEC indicated that alternative data can become insider information where it is obtained through bribery of company employees, through breach of confidentiality agreements, or through systematic interception of confidential communications. The SEC also indicated that the market’s assessment of whether alternative data constitutes an unfair advantage will evolve as these practices become more widespread and better understood.
The European Market Abuse Regulation (MAR), which applies to trading on EU-regulated markets, takes a broader approach to information asymmetry than the US or Indian frameworks. MAR Article 7 defines inside information to include information of a precise nature relating to a financial instrument that has not been made public and that would be likely to have a significant effect on prices if made public. The precision requirement excludes general market intelligence but includes specific, quantified forward-looking information derived from any source, including through sophisticated analysis of alternative data. EU enforcement practice on alternative data is still developing, but the MAR’s structural breadth may capture data-driven trading advantages that fall outside the reach of more narrowly framed definitions.
The Hong Kong Securities and Futures Commission has addressed alternative data in its 2022 guidance on market misconduct, emphasising that the character of information rather than its source determines whether it constitutes inside information. Information obtained through technically legal means can still constitute inside information if it relates to the listed company and would have a significant effect on prices. This approach aligns with the MAR’s substantive rather than source-based analysis.
Practical and Policy Implications
The practical implications of regulatory uncertainty in this area are significant for India’s asset management industry and for market integrity more broadly. Hedge funds, proprietary trading desks, and quantitative investment managers that use alternative data are currently operating in a legal grey zone where the boundary between legitimate competitive research and improper information advantage is not clearly defined.
For India’s listed companies, the alternative data phenomenon creates a new kind of information asymmetry: sophisticated institutional investors using satellite imagery and credit card data may be better informed about the company’s current financial performance than many of the company’s own mid-level managers. This has implications for the company’s own disclosure practices: if the market already knows the quarter’s sales trends from alternative data before results are announced, the information content of the formal earnings announcement is reduced, and the company may consider whether more frequent or real-time operational disclosures would serve market efficiency better.
SEBI’s 2023 consultation paper on alternative data acknowledged these concerns but did not reach regulatory conclusions. The consultation noted the definitional challenges and called for industry input on the scope and appropriate regulatory treatment of alternative data. The consultation responses have not yet been published, and no formal regulatory guidance has been issued.
The DPDP Act 2023 adds a new dimension to the alternative data question from a data protection perspective. Credit card transaction data and mobility data that is being sold to investment managers may have been collected under consent that did not specifically contemplate its use for securities trading purposes. The DPDP Act’s requirement for specific and informed consent for each purpose of processing, combined with the right of data principals to withdraw consent, may disrupt some alternative data business models that rely on broad consent granted at the point of account creation.
Suggestions and Reforms
SEBI should issue formal regulatory guidance on alternative data that addresses three questions. First, what categories of alternative data can be used in investment research without regulatory concern, establishing a clear safe harbour for genuinely public information processed through analytical tools without breach of any duty or agreement. Second, what acquisition methods make alternative data impermissible, specifically addressing data obtained through breach of confidentiality agreements, through bribery of corporate insiders, or through processing of personal data in violation of the DPDP Act’s purpose limitation requirements. Third, what standard applies to aggregated alternative data that, while derived from public signals, provides information equivalent to access to non-public corporate information: whether such data falls within the UPSI definition or outside it.
SEBI should also amend Regulation 2(1)(n) to clarify that UPSI includes information derived from any source, including alternative data, where such information relates to the company’s unreported financial performance and provides a materially superior predictive advantage to other market participants. This would bring India’s framework closer to the substantive approach adopted in EU MAR and reduce the scope for regulatory arbitrage.
The SEBI Insider Trading Code framework for listed companies should be updated to address employee use of alternative data: employees who have access to company-specific alternative data through their employer’s research subscriptions should be subject to the same trading restrictions as employees with access to traditional UPSI.
Conclusion
Alternative data represents the most significant conceptual challenge to insider trading regulation since the development of algorithmic trading. The information advantage created by systematic use of satellite imagery, credit card data, and web scraping is real, material, and increasingly accessible to sophisticated market participants. Whether it should be regulated as insider information depends on how the UPSI definition is interpreted: a purposive interpretation focused on information asymmetry and market fairness could encompass aggregated alternative data; a textual interpretation focused on the source of information and its direct relationship to the company’s internal processes might not. SEBI’s regulatory guidance in this area is overdue, and the absence of clear rules is creating both compliance uncertainty for legitimate market participants and a permissive environment for practices that undermine the level playing field that insider trading regulation is designed to protect.