What Happens When Personal Data Protection Bill Becomes A Law?

What Happens When Personal Data Protection Bill Becomes A Law?

The blanket powers that the bill provides the government with, to access customer's data is termed 'dangerous.' Some believe that the bill would represent new, significant threats to Indians’ privacy.

  • Whatsapp
  • Telegram
  • Linkedin
  • Print
  • koo
  • Whatsapp
  • Telegram
  • Linkedin
  • Print
  • koo
  • Whatsapp
  • Telegram
  • Linkedin
  • Print
  • koo

For Summary of the report, visit here and sign the petition.

Personal Data Protection Bill, a bill that failed to make the headlines amid all the social unrest in the country, is now a big threat to the country and its citizens. The government has been pushing for a 'Digital India' in a country which has approximately 500 millions internet users. However, what the country needs is a proper law that will protect the data of these users.

Without privacy, internet users modify their private behaviour out of fear. It takes away their ability to make important choices about life and removes personal autonomy.

In order to ensure that India has an effective legal system regulating data privacy, the Personal Data Protection Bill, 2019 was introduced in the Lok Sabha on December 11, 2019. The Bill is currently being analysed by a Parliament select committee.

The Bill

The Personal Data Protection Bill aims to create a 'Data Protection Authority' to ensure the security and privacy of a person's data available on the internet.

A bill which was drafted with an aim to protect the data of the individuals and prevent any kind of misuse is now under threat. People are worried that the bill might be used for surveillance purposes and serious misuse.

Under the Bill, the central government can exempt any of its agencies from the provisions of the Act in the interest of the security of the state, public order, sovereignty, integrity of India and friendly relations with foreign states.

In a first, the bill proposes social media platforms to come up with a mechanism in which "for every user who registers their service from India or uses their service from India, a voluntary verifiable account mechanism has to be made."

The provision puts the burden of creating the mechanism on the company. Additional responsibilities will also be put on companies based on the volume of data they collect from users. This includes timely security audits, the appointment of a data protection officer and performing data protection assessments.

Social media platform providers will also be asked to enable customers to verify their accounts.

Criticism Over The Bill

IT services provider, Cognizant, recently said that the Bill would impose strict obligations on the handling of personal data.

"Complying with changing regulatory requirements requires us to incur substantial costs, exposes us to potential regulatory action or litigation, and may require changes to our business practices in certain jurisdictions, any of which could materially adversely affect our business operations and operating results," the IT firm said.

Several countries have considered enacting data localization laws that need certain data to stay within their borders.

While speaking to The Economic Times, the chief architect of the draft law, Justice B N Srikrishna, had called the PDP bill "dangerous" with an ability to turn India into an "Orwellian state."

"They have removed the safeguards. That is the most dangerous. The government can at any time access private data or government agency data on grounds of sovereignty or public order. This has dangerous implications," he added.

WhatsApp has also insisted that the bill in its current form would require breaking encryption, which would compromise the privacy and security of more than a billion people across the world.

The Bill states that personal and non-personal data may be processed without obtaining consent from the concerned user to help in the delivery of government services. This has triggered a lot of criticism from users as well as companies.

What Happens If It Becomes A Law?

Data protection often revolves around the transfer of data.

In this regard, the proposed Bill has attracted a lot of attention from Indian firms and technology tycoons across the world.

The PDP Bill lays down provisions for combating the misuse of personal data in the country. It mandates data processing activities like data protection, storage and management. However, on the other side, if the bill is passed, it could bring major implications for national security, foreign investment and international trade.

The blanket powers that the bill provides the government with, to access customer's data is termed 'dangerous.' Some believe that the bill would represent new, significant threats to Indians' privacy.

India's smartphone market has risen to over 500 million active internet users. It has also seen a surge in internet-based start-ups.

"There is an increasing need to have proper guidelines in place to secure confidential data… we hope the Bill will have a proper balance of data privacy and protection, which will lead to increased transparency," Bhavin Turakhia, founder of Flock, a team collaboration software said.

The bill has not specifically cited the government's desires to contain false information for this proposal. Instead, the bill insists that this would bring more "transparency and accountability."

With the support of Internet Freedom Foundation, The Logical Indian is running a campaign to make people aware of the Data Protection Bill and then fix it. Through #SaveOurPrivacy initiative we are taking our voice to a Joint Committee of Parliament that is, at present, considering and taking inputs. By clicking on the pledge you sign on to the campaign and bring a change.


Also Read: Know All About India's Data Protection Bill And How It Is A Threat To Privacy

Contributors Suggest Correction
Editor : Prateek Gautam

Must Reads