The data protection Bill seeks to provide for the protection of the personal data of individuals and establish a Data Protection Authority for the same. Without the explicit consent of citizens, it proposes to put restrictions on the use of personal data
On over various aspects and suggestions related to the draft data protection Bill, are extensive deliberations, and the government hopes to resolve certain complex issues soon and get Parliament’s approval on the legislation latest by the monsoon session, according to IT Minister Ashwini Vaishnaw.
He said there is no plan to scrap the current draft data protection legislation that has undergone detailed consultation and parliamentary panel deliberations.
The data protection Bill seeks to provide for the protection of the personal data of individuals and establish a Data Protection Authority for the same. Without the explicit consent of citizens, it proposes to put restrictions on the use of personal data.
Giving its views on various provisions, the Joint Committee on Personal Data Protection Bill, 2019, on 16 December 2021, tabled its report in both the Houses of Parliament.
Vaishnaw said, ”the consultations which happened were very comprehensive and the report which has come out is again very comprehensive report. It definitely is a complex subject, which has matters that need to be resolved.” The minister said he was hopeful those aspects and points will be resolved ”soon”.
“I think we should be able to resolve them very soon and bring it…our target was actually this budget session itself. But, definitely, by the monsoon session, we should be able to do that,” he said.
On whether the government is hopeful of getting Parliament’s approval on the draft Bill latest by the monsoon session, the minister said, ”Yes, that is the target”.
As it works out the framework for the cross-border transfer, accountability of entities processing data, and moots remedies for unauthorised and harmful processing, the data protection Bill proposes to specify the flow and usage of personal data and protect the rights of individuals whose personal data are processed.
To give exemptions to its probe agencies from the provisions of the Act, a move that has been strongly opposed by the opposition MPs who had filed their dissent notes, the data protection Bill also seeks to provide the government with powers.
In December, a parliamentary panel recommended tougher norms to regulate social media platforms by holding them accountable for the content they host and said that the Centre must ensure data localisation norms are duly followed by all local and foreign entities, with the establishment of Data Protection Authority.
To include both personal and non-personal data with ”a single administration and regulatory body”, and sought greater accountability for social media platforms by treating them as ‘publishers’, the panel also recommended widening the scope of proposed data protection legislation.
The committee, however, did not recommend any major dilution of the contentious exemption clause, which gives powers to the government to keep any of its agencies outside the purview of the data protection legislation.
To a specific question on the issues that need to be ironed out, Vaishnaw said some of the stakeholders had expressed concerns over implementation structure, in the context of the fast-changing digital landscape.
Some tweaking, on the draft legislation, will be needed to make sure that the implementation is smooth, he informed.
“The points which have been flagged by the committee, should we put it in this Bill, include it in this Bill or should we think at a separate, totally new legislation for many other things which are happening. These are some issues which need to be resolved”, he said.
The legislation will define the course of the country’s digital ambitions and, hence, it will be deliberated at length.
With the USD 200-billion IT industry that employs millions of people, the government will take all measures to ensure that there is no adverse impact of the legislation, on any sector, he assured.
“We will proceed carefully. I do not think we should rush it, at all,” Vaishnaw said.
Facebook-parent Meta in its recent regulatory filing to US SEC had said, ”Some countries, such as India, are considering or have passed legislation implementing data protection requirements or requiring local storage and processing of data or similar requirements that could increase the cost and complexity of delivering our services.” Vaishnaw added that some companies have expressed concerns over a new set of compliances, as per reports.
“What is important is that compliance mechanism should be as digital as you can make it, then the friction is reduced. The objective should be met, friction should not be there. That is the work we are trying to accomplish, and it is a complex task,” he said.
Globally, the exemptions to the Government are ”far-far more”, Vaishnaw asserted on the exemption clause.
Citing the EU General Data Protection Regulation (GDPR) provisions that list out nine such areas, Vaishnaw said that in comparison, India’s legislation, which is in the works, only mentions four areas of exemption.
“There are other geographies where data protection bill has given a complete exemption to the government…no reasons required. We have given reasons which are required as per the Constitution. It is a very fair construct,” Vaishnaw argued.
To then say that it amounts to not making government accountable ”is an unfair and uninformed way of looking at it”, he said.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics