Indian citizens will have to wait a little longer for statutory protection of their data: The government has withdrawn the Personal Data Protection Bill, 2019, which includes a slew of changes – 99 clauses in the 81 bill – as well as 12 key recommendations. Proposed by a joint committee of both the Houses of Parliament, which reviewed the bill. There’s no reason to believe the government is dumping data protection and privacy – the ruling party has the numbers to push the bill through Parliament without including amendments of its choice. It makes sense to accept the official explanation that the government proposes to completely rework the law and come up with a “new framework”. [that] This will include the new Digital Privacy Bill, a new bill that will update the IT Act, the National Data Governance Framework policy and policies and rules and regulations for cyber security,” said an interview to Business Standard. We expect this to be done by the winter session of Parliament. Will happen.
Digital data is a subset of several types of information about a person which, if made public, would violate that person’s fundamental right to privacy, enshrined in a combination of fundamental rights specifically guaranteed by the Constitution, as has been confirmed by the Supreme Court. Its the famous 2017 Puttaswamy decision. It would be prudent for the government to codify the right to privacy first; its scope and limitations; the conditions and to what extent it may be violated in certain circumstances; due process for such breach; and procedures for holding the executive responsible for such breach of privacy. Once we have a statute on privacy, it will be easier to have a law on data protection that protects privacy.
Some of the bill’s most controversial provisions that have now been withdrawn relate to limits on personal data subjects’ ownership of their own data; Government access to personal data without the consent of the data subject; the statutory autonomy or lack thereof of the proposed data protection authority; and lack of clarity regarding the localization of non-personal data and data storage. Regulation of social media platforms and reporting of data breaches are also related issues.
Last week, artificial intelligence company DeepMind, the knowledgeable purchase of Alphabet in London, announced that researchers around the world had used its AI program AlphaFold to predict the three-dimensional structures of 200 million proteins, each of 20 amino acids. Made of acid. Various permutations and combinations. Artificial Intelligence (AI) is fast becoming a major factor in scientific and technological progress in addition to commercial competition. AI is based on the availability of data. Should the Data Protection Bill consider making data available for training AI or for other applications?
Advocates of data privacy agree with the notion that data protection should be considered for non-personal purposes such as the collective good of humanity when legislating on data protection. We are not Modeled data should be available to generate large data sets for further use in science and commerce. But for that, imputation has to be really effective, beyond the ability of hacking nerds to trace datasets back to their individual origins. The standards for this must be specified in the statute of limitations, while non-traceability on individual data subjects must be part of the statute.
You might also like
Does RBI policy need attention?
Pelosi’s visit to Taiwan presents an opportunity for India
How is the tax calculated on the sale of an apartment?
India’s oldest wealth portal grew 7 times in 2 years
Once this is done, it will be possible to override individual autonomy over the data to make the data available for lawful purposes. Take rare diseases, which afflict about 6% of Indians. 7,000 or more have been identified worldwide, while India recognizes 450, of which seven are curable alone, while the rest have to be satisfied with medication for symptomatic relief. Let’s say that every victim of a rare disease, Goucher says, in which fat accumulates in various organs to cause severe, painful dysfunction, decides that their personal privacy exceeds the potential for data on their condition and treatment. important which provides future cures. This will rule out the possibility of future treatment. We regulate gambling and the use of mind-altering drugs, because we recognize that individuals are not always the best judges of their own interests. Why should there be a heterogeneous view on personal judgment when anonymized data is made available? Credit scores would be impossible, for example, if full personal data sovereignty was to be established and loan agreements were barred from sharing information on loan servicing with the likes of CIBIL. The bottom line is that personal data should not be accessed without the consent of the data subject – unless there are valid considerations.
The Supreme Court has outlined conditions such as the need, purpose, proportionality and due process of a person to access his data without his consent. Let’s say law enforcement detects a terror plot and decides to survey some of the prime suspects, monitoring their voice and data transmissions and physical movements. In a situation where the selection of suspects is fair, some people shy away from giving the requisite permissions.
This brings us to the difficult question of state access to personal data. The repealed bill gave the state broader rights to access personal data. This should be stopped. The conditions of necessity, purpose, proportionality and due process must be met while the state enjoys the right to breach the personal data of any person. The due process should be a judicial order obtained from a High Court. Due process should include the latter’s accountability to a committee of the legislature. No person of their choice should be allowed to continue the current practice of spooks deciding to conduct a survey for any length of time, without disclosure to anyone and accountability for the results of such monitoring.
The data protection authority should be appointed in the manner of appointment of the Comptroller and Auditor General, and be accountable to a committee of the legislature rather than the executive.
Data localization has its merits. It should not happen that Indian authorities cannot access the data of Indian citizens when there is a need for criminal or financial investigation. If Nirav Modi’s data is stored in a Caribbean island, he could be more effectively doomed to justice than otherwise. If their data is stored in other jurisdictions, such access may be blocked or delayed. But the current insistence by the government that the data of Indians should be stored only in India is excessive. While data on Indian citizens must be stored in India, there is no reason why such data cannot be reflected abroad, in jurisdictions that maintain the data protection standards that India adopts for itself.
India needs a comprehensive new law on data protection, before and in compliance with it, a code on privacy—the sooner, the better.
Elsewhere in Minto
In opinion, Manu Joseph replied free speech warrior, Maithili Bhusanurmath says MPC is out a feather and a prayer, Long story has a cheeky sense stock market jargon,
catch all business News, market news, today’s fresh news events and breaking news Updates on Live Mint. download mint news app To get daily market updates.