Ever since the supreme court has come up with privacy fundamental right 2017, citizens of India were waiting for legislation to be into laws that will govern our country. This came into achievement through the personal data protection bill which was drafted under the panel headed by Justice B.N. Srikrishna. The bill was raised against the concerns of lack of data privacy and criticism from stakeholders stating that could kill innovation of big data and affect the digital economy. The main intention of the bill is to regulate the data use of individuals and grant them rights over their data and ownership. It helps users to have control over the data with the help of various websites, apps, etc., act against data misuse and social media trolling. It divides data not only as personal and non-personal but also as critical, sensitive or general with each having different rules. Sexual orientation, religious affiliation, and financial data are included in sensitive data. The data of this kind to be processed outside India with consent. Such data need to be processed within Indian borders. Many of the foreign tech servers need to set up or rent local servers even though this was intended to protest the extra server cost which they would have to bear on 100% data localization.
The bill was prepared in 2018 as a reason for the controversy involving Whatsapp, where the opposition questioned the government has done any deal with Israel based tech firm NSO which is into developing spyware which has a spy on 1400 users around the world including 121 Indian journalists. The draft of the Data Protection Bill was introduced last year under the European Union’s General Data Protection Regulation (GDPR) to protect the individual’s data by government and private companies. A voluntary verifiable account mechanism made will help the user to control their service from India or anyone who uses their service from India.
The economic survey 2019 stated the importance of data privacy and fairness of data. Private data is different from public data and it should be emphasized in Data Protection Bill. The government collects data of four types which include administrative data – birth, marriage, pension and death; census data; transactions and institutional data which contain information like Unified Payments Interface (UPI) remittances via the BHM app; and data of public hospital. The survey pointed out merging such data for the welfare of society. Public-private partnership is now focusing on public welfare and private players are generating transaction-level data.
The Department for Promotion of Industry and Internal Trade (DPIIT) developed the e-commerce policy containing rules and regulations of use of personal data and data generated by companies. Draft Data Protection Bill is not restricted to e-commerce companies by applicable to every industry and sector. It also says that any data generated within India and stores abroad should not be made available to other businesses outside India even with customer consent. Data should not be made available to the foreign government even with customer consent. Cross border data collected outside India has no such restrictions. Sharing of community data which is proposed in the policy break the monopoly power of technology giants and creates new entrants. But there is opposition from industry in respect of the handling of data that wants the DPIIT to be norms in such a way that data should reside within companies and should not be accessed by government or citizens. According to Merril Lynch’s research report Reliance industries will make revenues of $1-2.5 billion from the enactment of this bill while this will affect companies like Facebook, Amazon, etc.
In the case of minor violations of this rule, a company has to contribute Rs. 5 crore or 2% of its worldwide turnover whichever is higher and Rs. 15 crores or 4% of global turnover including jail term in case of major violations. With the processing of data, the country will become the world’s biggest data refinery which allows data for lawful purposes. The central govt. has the power to exempt any government agency from this act and allow them to access personal data.
Personal healthcare data falls under sensitive data which is accessible with the consent of individuals. There is no clarity regarding the clause stated in the bill on “fair and responsible process of data” and the use of artificial intelligence by companies to collect consumer data to deliver the products of their interests. There needs to be enough flexibility on non-personal data as healthcare is one among the sector which requires data to collect on the personalized manner and which further helps the govt. to fix the insurance plan and policies. Companies such as Amazon, Uber, Snapdeal are against the data sharing to the government for better policymaking.
One dangerous impact of this policy is that the government can have access to private agency data in respect of sovereignty or public order. This act can change the country into a controlled State. This Bill is still under the inter-ministerial process. We can hope that the bill will be passed in the parliament according to the interest of the public along with the security and sovereignty of the country.
Official Media Partner: Newswire
Official Promotional Partner: IBS Messenger
Comentários