- Sports Chavan writes to BCCI, MCA to reconsider his life ban
- Movies Himanshi Khurana On Sushant Singh Rajput’s Death: ‘It Affected My Health, My Blood Pressure Dropped’
- News Rahul Gandhi demands revocation of H-1B visas' suspension by US
- Automobiles Excess Fuel Filled At Petrol Pumps: Most Times It’s Because Of The Vehicle
- Lifestyle 10 Tips To Keep Your Vagina Healthy
- Finance India's Trade Deficit With China Reduces To $48.66 Billion
- Travel 10 Incredibly Scenic Places To Visit In South India In July 2020
- Education IIT Madras Launches World’s First Online BSc Degree In Programming And Data Science
Data Protection Bill 2018: Everything you should know
The report will go through the process of inter-ministerial consultations and Cabinet as well as parliamentary approval.
After a having a consultation for a year, Justice BN Srikrishna committee has finally submitted its report on the Personal Data Protection.
The panel was headed by Justice BN Srikrishna, handed the report to IT Minister Ravi Shankar Prasad on Friday.
The committee recommended certain key issues such as transparency, transfer of personal data outside India, the definition of personal data and penalties, compensation and offenses.
After submitting the recommendations to the minister Justice Srikrishna said," We have not treated data as a matter of property. It is a matter of my trust in somebody I have entrusted to and he is answerable to it. I am the principal of my data that someone else is processing it so I should have the upper hand."
The minister said: "It is a monumental law and we would be like to have a widest parliamentary consultation... We want Indian data protection law to become a model globally, blending security, privacy, safety, and innovation," Prasad said.
He said that the report will go through the process of inter-ministerial consultations and Cabinet as well as parliamentary approval.
While reacting to the development Siddharth Vishwanath, Leader - Cyber Advisory at PwC India, said, "The spread of digital ecosystem in India where e-wallets, ride-sharing services, e-commerce, online entertainment services and social media are thriving is the direct result of the digital disruption. But the absence of data privacy and protection law could lead consumers exposed to risks of their data being misused by organizations and data breaches on account of sub-optimal investments in security."
Amba Kak, India Policy Advisor, Mozilla, pointed out this bill provides a strong foundation of protection for Indians' privacy, but it is not without loopholes - in particular, the requirement to store a copy of all personal data within India, creating broad permissions for government use of data, and the independence of the regulator's adjudicatory authority.
We welcome the Government's commitment to a public consultation process, which we hope will rectify the cracks in this foundation."
Vidur Gupta, partner, EY India said" "The proposed introduction of a Digital Protection Authority(DPA) as an independent regulatory body with wider powers would be quite beneficial in the enforcement of the data protection law."
However Nikhil Pawa, co-founder of savetheinternet.in said: "This is a weak data protection bill and it should NOT be allowed to be passed in Parliament. Justice Srikrishna has disappointed."
Here are some highlights from the recommendations
1 The law will have jurisdiction over the processing of personal data if such data been used, shared, disclosed, collected or otherwise processed in India.
2 Additionally, personal data collected, used, shared, disclosed or otherwise processed by companies incorporated under Indian law will be covered, irrespective of where it is actually processed in India. However, the data protection law may empower the Central Government to exempt such companies which only process the personal data of foreign nationals not present in India.
3 The law will not have retrospective application and it will come into force in a structured and phased manner. Processing that is ongoing after the coming into force of the law would be covered.
4 The White Paper suggested the creation of an independent regulatory body for enforcement of a data protection legal
5 Further, it was suggested that this regulatory body should have the powers of (a) monitoring, enforcement, and investigation; (b) awareness generation; and (c) standard setting. It was suggested that a number of regulatory tools and mechanisms such as codes of practice and categorization of data fiduciaries could be deployed to achieve enforcement objectives.
6 The penalties imposed would be an amount up to the fixed upper limit or a percentage of the total worldwide turnover of the preceding financial year, whichever is higher.