Cracking Down on Data Privacy! Key Highlights of the Data Protection Bill

Data Protection Bill: The draught Data Protection Bill was cleared by the Union Cabinet on Wednesday, clearing the way for its introduction during the Monsoon session of Parliament. Six years after the Supreme Court declared privacy to be a basic right, if the law is approved, it will become India's primary framework for data regulation. The Digital Personal Data Protection Bill, 2022, which aims to protect personal data, will be introduced for discussion and passing during the forthcoming Monsoon session of Parliament.

Conflicting Interests of Government and Social Media Giants

The government and the biggest social media companies have appeared to be at odds with one another over a number of topics in recent years. If passed, the bill will provide the government the authority to safeguard Indian data and impose sanctions on organisations that disregard its requirements. The immunity that these platforms enjoy because they serve as a middleman was one of the main points of conflict between the government and the social media companies. The first draught of the Digital Personal Data Protection Bill was created in 2018, under the direction of a special expert group headed by Justice BN Srikrishna. The bill was introduced in the legislature in 2019, but in December 2021 it was submitted to the Joint Parliamentary Committee. The government withdrew the bill in order to reintroduce it with the recommendations of the parliamentary committee. The bill's key provisions include forcing data collection businesses to stop keeping personal information or to eliminate any mechanisms that allow personal data to be connected to particular data principles.

The Role of the Data Protection Board in Safeguarding Privacy

Since the government began drafting the bill, experts have advised that the punishment and protection of Indian customers should take precedence. The government will set up a Data Protection Board to monitor how the law is being applied. This board will serve as an arbiter of privacy-related complaints and disagreements between parties. The chief executive of the board and board members shall be chosen by the Centre. Additionally, the bill permits "voluntary undertakings" in which platforms that contend they have broken the law can present their case to the data protection board. The board shall have the power to accept settlement costs and to fix the amount of the penalty. The maximum fine for a platform for a data breach has been set at Rs 250 crore per incident. However, the meaning of "per instance" is still open to interpretation and might apply to either a single data breach or the sum of all the impacted people times Rs 250 crore. It's significant that the law include provisions to make sure that it doesn't conflict with existing rules issued by other government agencies or ministries.

India's Efforts to Align with International Precedents

India is moving towards enacting comprehensive data protection laws in line with international precedents like the General Data Protection Regulation (GDPR) of the European Union, which went into effect in 2018. Individuals are given control over their data under the GDPR, which also requires specific agreement for processing sensitive information and levies severe fines for data breaches. Laws to protect personal data have also been passed in other nations, including Germany and France. The Asia-Pacific Economic Cooperation (APEC) Privacy Framework offers voluntary rules for safeguarding personal data in the Asian area. The US-EU Privacy Shield Framework, meanwhile, streamlines the exchange of personal data between the US and the EU.

Keep watching our YouTube Channel ‘DNP INDIA’. Also, please subscribe and follow us on FACEBOOK, INSTAGRAM, and TWITTER