Draft Personal Data Protection Bill 2019 — Tsaaro

1. Draft Personal Data Protection Bill 2019 — Tsaaro INTRODUCTION India, being an emerging nation, is experiencing rapid development, particularly in the realm of technologies. One such outstanding instance is India’s transition to a purely digital economy. However, in a nation like India, the lack of regulations regarding data protection has harmed the expectation of privacy guaranteed by the Indian Constitution; the requirement for such laws was highlighted by the court’s ruling in the instance of K.S. Puttaswamy, J. v. Union of India and others. HISTORY OF THE DATA PROTECTION BILL As a result of the increasing number of people using the internet and the broad use of technology, an immense amount of sensitive information has been generated. This data has been gathered without the consent or accountability of individuals, raising worries regarding privacy violations. In response to increasing concerns about data privacy, a group of experts was formed in 2012 to outline core areas of data privacy protection, such as transparency, collection and purpose constraints, security, confidentiality, consent gathering, availability of data, and correction, and observe them by investigating authorities. Several individuals were concerned about the growing popularity of Aadhar. Several petitions have been brought to the Supreme Court, alleging threats to privacy as a result of data breaches, etc.

2. Soon after recognising the need for such data protection laws in India, the authorities of India’s Ministry of Communication and Information Technology developed a group of ten specialists led by Justice B.N. Sri Krishna, a former member of the Supreme Court, within July 2017 to look into the problem-solving of the desire for laws governing data protection. The B.N. Krishna Committee of the Supreme Court published its report on July 27, 2018. Immediately following that, on December 11th, 2019, the Indian Parliament accepted the Drafted Personal Data Protection Bill, 2019. The primary purpose of this legislation is to address rising data security and confidentiality issues by promoting an environment that encourages the growth of a democratic and equitable digital economy while protecting Indians’ right to privacyg an environment that encourages the growth of a democratic and equitable digital economy while protecting Indians’ right to privacy. This Data Privacy Bill 2019 creates an independent Data Security Authority (DPA) to oversee data protection issues and allows for specific exclusions and their justifications. CURRENT SCENERIO: The Department of the Ministry of Information Technology and Electronics proposed a new law, the Digital Personal Data Protection Bill 2022, on November 18, 2022. If approved by Parliament, it will substitute for

3. rules as well as some elements of the current legislation. The bill intends to impose requirements on corporations that establish the aims and methods of data processing (referred to as “data fiduciaries”). Organisations that collect identifiable information from users for the purpose of selling and delivering groceries, for example, conclude that the aim of collection is to assist with the purchase and shipment of goods. It also attempts to govern firms that process this kind of information (known as “data processors”) in accordance with the companies’ decisions. For instance, if an application employs the services of an internet storage provider to keep sensitive data, such a provider would only operate on orders from the corporation. Aside from that, the bill specifies the legal rights of the people to whom personal data relates (referred to as “data principals”). RECOMMENDATION MADE BY THE GOVERNMENT: The Indian government recommended a personal data protection measure that would force firms to retain personal data in India, raising security and governmental access to data issues. Some businesses supported the bill, claiming it would improve law enforcement accessibility and give the Indian

4. government greater flexibility in taxing internet giants. Civil society businesses, on the other hand, criticised the open-ended prohibitions for government monitoring and pointed out that encryption keys may still be within the grasp of national authorities. The measure was opposed by IT behemoths and industry groups, who feared a fractured internet and protectionist rules that would damage young startups and larger corporations that process international data in India. Due to the response and the demand for reform, the measure was eventually dropped. CONCLUSION The Personal Data Protection Bill, 2019, was later abandoned and the Indian government has since submitted the Drafted Personal Data Protection Bill, 2022 in November 2022. The proposed law takes significant steps towards ensuring the rights of digital users by granting people actionable rights, requiring corporations, and proposing the establishment of the Privacy and Data Protection Board to serve as an adjudicatory authority for the settlement of user disputes. While the consultation with the public is still ongoing, it remains to be seen whether the bill will be introduced during the Budget Session. Click Here : Draft Personal Data Protection Bill 2019