Can a Data Protection law soon become a Reality for India?
Now that the justice BN Srikrishna committee has submitted a draft Data Protection as well as the Personal Data Protection bill, 2018 (pdf) to the Narendra Modi government, the wait for comprehensive data protection rights may soon be over.Though it is not devoid of loopholes, this bill will form the framework for India’s data protection laws, prescribing how organisations should collect, process, and store citizens’ data.
The committee’s report recommends that the law should be applicable to processing of personal data if such data has been used, shared, disclosed, collected or otherwise processed in India. However, it asserts that in respect of processing by fiduciariesthat are not present in India, the law shall apply to those carrying on business in India or other activities such as profiling which could cause privacy harms to data principals in India.
Additionally, personal data collected, used, shared, disclosed or otherwise processed by companies incorporated under Indian law will be covered, irrespective of where it is actually processed in India. However, it empowers the Centre to exempt companies which only process the personal data of foreign nationals not present in India.
The Data Protection Bill if acceptedwill mandate companies to store one copy of all personal data within the country. The committee however has left it to the government to define which kind of personal data can be qualified as “critical” which will have to be stored only in India.
The Bill that will be subject to further review once it is introduced in parliament, showcases India’s growing concern for data privacy.The government has also sought comments from the general public on the draft Data Protection Bill which can be submitted by September 10. An August 14 notification on its The Ministry of Electronics and Information Technology website reads, "MeitY solicits comments from general public on the Draft Personal Data Protection Bill by 10th September 2018."
Experts have said that the Bill has been modelled partly on the European Union's General Data Protection legislation and India’s Information Technology Act, 2000. It runs into a total of 112 sections.....Read More
Comments
Post a Comment