India’s Digital Personal Data Protection Bill of 2023 has been passed and will come into full effect once the President of India has approved it. This Data Protection Law completely changes how tech companies handle users’ data but raises concerns regarding government surveillance.
Lawmakers have opposed the Bill, stating that the legislation would enable governments and agencies to access users’ data from companies and their confidential data without their consent.
The law allows private companies to transfer users’ data outside of India.
It gives the government the authority to collect information from firms and give directions to block any content on the guidance of the Data Protection Board that the Federal Government has appointed.
What Does The Bill Propose?
The Bill is considered a replacement for the Personal Data Protection Bill 2019. The Bill was withdrawn by Lok Sabha and the Parliament. The withdrawal came following reports that a comprehensive version of the Bill would be introduced.
It is the first Act passed in India that uses “she/her” pronouns instead of the traditional “he/him” pronouns. The Act details the rights and duties of Indian citizens and the obligations of the Data Fiduciary to use the collected data lawfully.
The Act aims to establish comprehensive guidelines that govern digital personal data protection in India. It provides the processing of digital data in a way that protects the rights of individuals when it comes to protecting their confidential data, societal rights, and processing personal data lawfully.
The Act contains several provisions, some of which include:
- The right of she/her to access personal data.
- The right of correction and erasure.
- The right to revoke consent.
- Special provisions to protect the data of minors (under 18).
- A minimum penalty of 250 crores (INR) for failure to take appropriate security measures against a breach.
- The right to grievance redressal.
- The right to nominate a consent manager to manage data-related requests on behalf of a data principle.
- The terms, conditions, and information related to data collection should be available in 22 languages in the 8th schedule of the Indian constitution.
What Are The Privacy Concerns Of This Bill?
Although people argue that such measures are necessary to protect citizens’ information, there are rising concerns about the misuse of personal data, according to Politicians.
Raktima Roy, a Privacy and policy attorney stated in a LinkedIn post that “The Bill mandates government access with little to no safeguards. Given how India has limited procedural safeguards on the laws concerning interception, monitoring and content blocking, the new provisions of this Bill are even more concerning.”
Another concern raised was a provision in the Act that the Central Government can notify countries or territories outside of India to which a data fiduciary can transfer data.
People have also raised concerns regarding the fact that it will the weaken the Right To Information Law (RTI) which was passed in 2005 and allowed citizens to gain access to information and data by governments and public authorities.
About The Author
No comments were posted yet