New Delhi The government withdrew the draft Personal Data Protection (PDP) Bill introduced in 2019 to replace it with a comprehensive legal framework on the digital ecosystem based on suggestions made by a parliamentary panel.
In a statement in Lok Sabha, Electronics and Information Technology Minister Ashwini Vaishnav said that the government is withdrawing the PDP Bill as the Joint Committee of Parliament (JCP) has cleared several issues and changes the Bill to make it more comprehensive. suggested.
see full image
“The Personal Data Protection Bill has been withdrawn as the JCP recommended 81 amendments to the 99 Sections Bill. Above this, it made 12 major recommendations. Therefore, the Bill is withdrawn, and one for public consultation. A new bill will be introduced,” the minister said in a statement on Wednesday.
Minister of State for Electronics and Information Technology Rajiv Chandrashekhar said that the JCP has identified several important issues which were not part of the purview of the existing data protection law.
“The JCP report on the Personal Data Protection Bill identified a number of issues that were relevant but outside the scope of modern digital privacy legislation. Privacy is a fundamental right of Indian citizens, and the global standard for a trillion-dollar digital economy is the need for cyber laws. is required,” the minister said in a Twitter post.
Riju Ray, chief business officer of startup IDFi, which helps with KYC and regulations, said many startups will breathe easier due to the withdrawal of the draft law. However, “I’m not sure it’s a good thing that such an important issue as data privacy is being delayed,” Ray said. Tech and legal experts said the government’s move was expected as the three-year-old draft bill was amended. Overdue. Some said the new bill would have a broader context and include the JCP’s recommendations on the protection of personal and non-personal data of Indians.
“This move appears to be a precursor to the introduction of a new draft. Whatever be the final decision, i.e. only a personal data protection bill or a joint draft including NPD, there is a need to expeditiously introduce and pass the much-awaited legislation. Therefore, clarity on the proposed legislation and timeline would have helped prevent speculation. It would be fair to assume that the new bill would be in line with JPC’s draft, although it may limit itself to personal data,” said NS Nappinai, a Supreme Court lawyer and founder of Cyber Saathi.
“The new legal framework is expected to be a comprehensive law that not only covers personal data but also separates personal and sensitive data – and how firms will handle each segment. Cyber security experts and lawyers in the Supreme Court Pawan Duggal said, the law will also make rules on how companies in India have to handle non-personal data.
He said the new law could increase compliance requirements for companies in India.
Duggal said the new framework could be introduced by the end of the year.
Prateek Waghre, Policy Director, Internet Freedom Foundation of India, said the future of data privacy in India is unclear. “Data localization could also be a part of the future framework, which appears to be the direction in which India’s cyber security and data protection laws are progressing. It is also in line with the overall global direction of data privacy and localization laws, and it provides further cover to pursue such legislation. However, it could create problems with how we envision a global, open Internet infrastructure,” he said.
The proposed bill, which was introduced following a Supreme Court mandate that recognized the right to privacy as a fundamental right in 2017, was one of several controversial reasons between the government on the one hand and technology companies and civil society on the other. Has become a flash point. provisions of the draft law.
The bill proposed to create three categories of personal data, sensitive personal data and critical personal data, each with different rules and compliances. The bill proposed firms would have to tell users about their data collection practices, while consumers’ consent was to be obtained for storing and deleting data. However, the Bill exempted government agencies from its provisions; Nevertheless, they may receive non-personal anonymized data from data trustees.
The JCP suggested broadening the scope of the law to cover non-personal data, mandatory mirroring of sensitive data locally, regulation of content on social media platforms and treating platforms that are not intermediaries as publishers. Huh.
catch all business News, market news, today’s fresh news events and breaking news Updates on Live Mint. download mint news app To get daily market updates.