EXPLAINER: Information Safety Invoice-Significance, criticism; all you’ll want to know
The Central Government on Wednesday withdrew the Data Protection Bill (PDP) which was first proposed in 2019. Union Electronics and Information Technology Minister Ashwini Vaishnaw said the Center was taking the decision as a parliamentary panel’s review of the bill had suggested 81 amendments, leading to the need for a new “comprehensive legal framework”.
He said that the Personal Data Protection Bill, 2019 was deliberated in great detail by the Joint Committee of Parliament (JCP) and 81 amendments were proposed and 12 recommendations were made toward a comprehensive legal framework for the digital ecosystem.
“Considering the report of the JCP, a comprehensive legal framework is being worked upon Hence, in the circumstances, it is proposed to withdraw ‘The Personal Data Protection Bill, 2019’ and present a new bill that fits into the comprehensive legal framework,” he said.
Here’s an explainer of the Data Protection Bill:
The Personal Data Protection Bill, 2018, was prepared by a high-level expert group headed by former Supreme Court judge BN Srikrishna.
The PDP bill was first brought to the Parliament in 2019 and passed on to the JCP for examination at the time. The JCP was initially chaired by BJP Member of Parliament (MP) Meenakshi Lekhi. PP Chaudhary was appointed in her place since ministers are not allowed to chair Parliamentary Committees.
The Data privacy/Protection Bill is landmark legislation meant to regulate how various companies and organizations use individuals’ data inside India.
What does the Data Protection Bill say?
The Bill aimed to provide protection of digital privacy to individuals relating to their personal data, specify the flow and usage of data, and create a relationship of trust between persons and entities processing the data.
The 2019 draft of the bill proposed the formation of a Data Protection Authority (DPA), which would regulate the use of users’ personal data by social media companies and other organizations within the country.
The PDP Bill was akin to the European General Data Privacy Regulation and would set the stage for how big technology firms operate in the country.
The Bill had proposed social media platforms to create a mechanism so that for “every user who registers their service from India or uses their service from India, a voluntary verifiable account mechanism has to be made”. The provision puts the onus of creating the mechanism on the company.The provision was largely aimed at checking social media trolling.
The bill categorizes data into three categories—critical, sensitive and general. Sensitive data—financial, health, sexual orientation, biometrics, transgender status, religious or political beliefs and affiliation—can be stored only in India. However, data can be processed outside India with explicit consent.
Critical data will be defined by the government from time to time and has to be stored and processed in India. Any data that is non-critical and non-sensitive will be categorized as general data with no restriction on where it is stored or processed.
The draft bill proposed in 2019 had been opposed by social media firms, experts and even ministers, who said that it had too many loopholes to be effective and beneficial for both users and companies.
Companies including Facebook and Twitter have for years been concerned with India’s proposed tighter regulations for the technology sector, which have often strained relations between US and India.
India says such regulations are needed to safeguard the data and privacy of citizens.
Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates. More Less
Subscribe to Mint newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.