The drafting of DPDA 2022 signifies an approach completely different from the drafting principles adopted earlier. It appears that an entirely different team worked on the Bill. It is not clear if the Ministry of Law would be comfortable with this draft since it appears to be “Over simplified” for the purpose of getting it through the Parliament. In the process a far too much has been set aside to be attended through the subordinated legislation of “Rules”.
All controversial aspects regarding the “Protection of the Right to Privacy by Law”, “Constitution of the Data Protection Board”, “Contours of Cross Border Data Transfer” or “Powers of the Government” have all been brushed under the carpet. But each on of them has to ultimately surface in the form of rules and I would not be surprised if each is contested repeatedly in the Supreme Court.
It is like a boxing match when a player ducks and sways to bide for his time and probably exhaust the opponent and strike back in later rounds. The approach appears to be, let us get the Bill passed for now and worry about the details later. But if the Boxing match has to go to 15 rounds, the ducking and swaying cannot be a winning strategy but only the punches that land on the opponent could be relevant.
In this draft of the Bill it appears that the Government thinks that it can get through a proper legislation through the rules and it would be flexible. Partially this is true but it makes the task of DPB too onerous because it has to take the responsibility for subordinate legislation and push it through the Supreme Court.
There is a possibility that this could lead to a Judicial person being the head of DPB which will seriously erode the functioning of the Board. If a Judge is heading the Data Protection Board it may be judicially strong but operationally rigid.
Puritan Legal practitioners would definitely be unhappy with this over simplified version of the law. They would however be happy with the Judicial person heading the DPB. But this may be counter productive in the long run and lead to stagnation, procrastination, inefficiency and ultimately corruption.
The approach is consistent with the lack of conviction and inability to take the bull by its horn but is disappointing from the overall perspective.
We shall reserve our detailed comments for direct submission to the MeitY, but the red flags need to be raised to warn the Government that this may not be a successful strategy but one that will haunt the Government in future with repeated legal challenges in the High Courts and Supreme Court.
Naavi
Previous Article:
DPDPB 2022-Simple,…Need to know basis…less scope for objections
I agree with the author’s observations that DPDPA is an “Over simplified” legislation in the making. The substantial law to be placed before the Parliament need to be comprehensive and should cover and address the prevailing requirements of the digital environment, so that it could be appropriate and progressive in nature. When the Rules subsequent to the enactment are framed, being a delegated legislation, cannot go beyond the perimeters of the original law. Further the privacy element as a inevitable part of the Article 21 of the Constitution of India, as clarified by the Highest Court, is not fully honoured in the draft bill circulated. These aspects are to be considered before making a Bill to be placed in the Parliament session, so that the rights of the citizens are protected as guaranteed. As of now we have lost valuable time in legislation and the harms are caused by the fiduciary go unabated. It is time for the law makers to understand the present digital environment and come out with a comprehensive enactment as has been done in other countries.