The Asian Age

Data Bill to prevent willful wrongdoers: Srikrishna

The legislatio­n contains a provision for ‘ Right to be Forgotten’, which is in line with GDPR

Bengaluru, Aug. 5: The proposed data protection bill, making offences cognisable and non- bailable, is a deterrent for businesses who wilfully do wrong as giant corporatio­ns can otherwise get away with flagrant breaches ‘ merely by throwing the fine monies,’ Justice B. Srikrishna has said.

“Every modern statute has a criminal liability clause. That is a deterrent for those who will do wrong intentiona­lly or grossly negligentl­y.

Without such provision, merely imposing civil liabilitie­s will make the law a toothless tiger as giant corporatio­ns can and will get away with flagrant breaches merely by throwing the fine monies,” he told PTI.

Data privacy is a fundamenta­l right emanating from Article 21, as held by the Supreme Court in the Puttaswamy case, and breach of fundamenta­l right must be viewed very seriously, he added.

Some businesses are gripped with fear about making offenses cognisable and non- bailable under the bill by saying this will make it tougher for businesses. They have argued that it would force companies and executives to deal with criminal machinery, instead of focusing on business, he said.

The central government had constitute­d the 10member committee, headed by Justice Srikrishna, in July 2017 to recommend a framework for securing personal data in the increasing­ly digitised economy, as also to address privacy concerns and build safeguards against data breaches.

The committee had submitted its report to the government on July 27, suggesting steps for safeguardi­ng personal informatio­n, defining obligation­s of data processors as also rights of individual­s, and mooting penalties for violation.

On “right to be forgotten” provision, Justice Srikrishna said it cannot be exercised unilateral­ly without considerin­g the consequenc­es of one’s action on persons who may have bonefide and innocently entered into transactio­ns for downstream processing of data, which would give rise to a series of legal liabilitie­s.

The proposed legislatio­n contains a provision for the ‘ Right to be Forgotten’, which is in line with European data privacy laws such as GDPR.

Without such provision, merely imposing civil liabilitie­s will make the law a toothless tiger as giant corporatio­ns can and will get away with flagrant breaches merely by throwing the fine money. — JUSTICE B. N. SRIKRISHNA