Since the release of the draft PDPB 2021, there have been many views expressed by different organizations and some of them are listed below:
-
- Comparing the Draft Data Protection Bill 2021 with its predecessors: thequint.com
- Data Protection Bill: Hits and Misses: bloombergquint.com
- Explained: How India’s data protection Bill compares with EU regulation: Indian Express
- Data Protection Bill is Orwellian, loaded in favour of the Government: Justice B N Srikrishna: Moneycontrol.com
- PDP Bill recommendations will have higher compliance burden on Startups: IAMAI
- Decoding Data Protection Bill: Economic Times
- Key Takeaways: The JPC Report and the Data Protection Bill, 2021#SaveOurPrivacy: internetfreedom.in
- Data Protection Bill 2021: MP Amar Patnaik bats for Data Regulators at state level: medianama.com
MR P P Choudhary in his interview with news18.com has also expressed some views which are important to understand what went on the minds of the committee in the final stages before the draft was released. Some of the views expressed by him are highlighted here.
On the need for inclusion of Non Personal Data in the Act, he said-
“… Non personal data as on today is not included but for future govt can formulate the policy under section 92 to deal with violations related to it.”
We note that he had admitted that this is an empowerment for the future and as on today Non Personal data is not included.
Regarding the powers to the Government, he has said-
“We can’t put government and private entities in same basket….If you compare birth of section 35, it is article 21 of Constitution of India which is a fundamental right. It says no person shall be deprived of personal liberty except in accordance with the law. So, this is a condition by Constitution. More safeguards have been provided in bill. It says only data can be processed if authorised by the government and will be based on rules framed by the government. On basis of those rules, government can authorise agencies to process the data. The purpose is given in the section 35. Processing of data is only for purpose is national security, protect the sovereignty and integrity. The individual right to privacy will be over-ridden if they clash with national interests”
As regards the dissent on the exemption of Consent for Government Mr Choudhary categorically stated…
” These dissent notes are basically misconceived and unfounded. These notes do not stand legally anywhere. The dissent was not limited to Section 35 but also about Section 12 without consent data shall not be processed. Meaning there will be a complete embargo. It means government can’t process the data. I am asking them, if we don’t process the data of farmers while making them the payments of government schemes what will happen. Should we ask each one one of them separately about their consent. Whether it is expected from the government to obtain consent from 10crore farmers.
If government want to transfer payment to NREGA labourers to public distribution, should we seek consent from everyone. We say government can process the data in accordance to the law. The section say personal data can be processed for benefit for data principal.
Where do they want to take the country? Do they want to take the country back to paper economy from digital economy. The opposition is trying to halt the progress of digital economy. Suppose the government need to raid someone, should income tax authorities seek consent? Is it practical or feasible, should we seek permission from terrorist before processing this data.”
We appreciate the clear and bold statement from the JPC chairman on the dissent notes. The tenor of this interview suggests that even when the dissent is raised in the Parliamentary debate, the Government will defend it with force.
Naavi.org has already provided its views on some of the aspects of the new Bill in the following articles:
1. Anonymisation is like Encryption with a destroyed decryption key
2. PDPA 2021: The data breach notification regarding Non Personal Data
3. PDPA 2021: The Data Protection Officer is now in an elevated professional status
4. PDPA 2021: The nature of Data as an Asset and nomination facility
5. PDPA 2021: Regulating the human perceptions
6. PDPA 2021: Definition of Harm to include psychological manipulation
7. PDPA 2021: Should Big Data and Data Analytics industry be worried?
The discussions on the Bill will continue.
Naavi in association with FDPPI (Foundation of Data Protection Professionals in India) has started a “Privacy and Data Protection Awareness Campaign” addressing
a) The Public
b) The Data Fiduciaries
c) The Data Protection Professionals
Various programs have been undertaken to address the requirements of each of these segments, details of which will be announced as we go forward.
Naavi
Other articles on DPA 2021
14. PDPA 2021: Concept of Discovery Consent
13. JPC Recommendations on SWIFT Alternative: Out of scope and Disruptive of Global Economic System
12. JPC recommendation on Children Data
11. JPC recommends DPA to watch on Incident Register
10. JPC comments beyond the Amendments-2: Implementation Schedule
9. JPC comments beyond the Amendments-1-Priority of law
8. Clarifications from the JPC Chairman on DPA 2021
7. Anonymisation is like Encryption with a destroyed decryption key
6. PDPA 2021: The data breach notification regarding Non Personal Data