Srikr­ishna com­mit­tee up­holds pri­macy of in­for­ma­tion pri­vacy

High-level ex­pert group headed by for­mer Supreme Court judge B.N. Srikr­ishna sub­mits draft of data pro­tec­tion bill to govt PRO­TECT­ING DATA & PRI­VACY

Mint Asia ST - - News - B Y KO MAL G UP TA

The right to pri­vacy is a fun­da­men­tal right which ne­ces­si­tates pro­tec­tion of per­sonal data as an es­sen­tial facet of in­for­ma­tional pri­vacy, says the draft Per­sonal Data Pro­tec­tion bill, 2018, sub­mit­ted to the govern­ment by a high-level ex­pert group headed by for­mer Supreme Court judge B.N. Srikr­ishna on Fri­day, 27 July.

The much-awaited bill, drafted to es­tab­lish a con­sent frame­work, in­clud­ing pro­vi­sions for with­drawal of con­sent and penalty to be im­posed for its vi­o­la­tion, was sub­mit­ted to in­for­ma­tion tech­nol­ogy (IT) min­is­ter Ravi Shankar Prasad for the govern­ment’s re­view and has been made pub­lic.

Prasad said the govern­ment will go through the draft bill and ap­ply its mind, con­sult stake­hold­ers along with tak­ing Cab­i­net ap­proval be­fore fi­nal­iz­ing leg­is­la­tion. “The en­tire Par­lia­men­tary process will be fol­lowed,” he said with­out set­ting a time­line for it. The re­port was ear­lier ex­pected to be sub­mit­ted by May.

The bill metic­u­lously deals with is­sues such as col­lec­tion and pro­cess­ing of per­sonal data, con­sent of in­di­vid­u­als, penal­ties and com­pen­sa­tion, code of con­duct and an

Data Pro­tec­tion Author­ity of In­dia (DPA), an in­de­pen­dent reg­u­la­tory body re­spon­si­ble for the en­force­ment and ef­fec­tive im­ple­men­ta­tion of the law, will be es­tab­lished

An ap­pel­late tri­bunal to be es­tab­lished or grant pow­ers to an ex­ist­ing ap­pel­late tri­bunal to hear and dis­pose of any ap­peal against an or­der of the DPA

The Aad­haar Act needs to be amended to bol­ster data pro­tec­tion, and the com­mit­tee has sug­gested some amend­ments

The law will cover pro­cess­ing of per­sonal data by both pub­lic and pri­vate en­ti­ties en­force­ment model.

It pro­poses set­ting up of a Data Pro­tec­tion Author­ity of In­dia (DPA), an in­de­pen­dent reg­u­la­tory body re­spon­si­ble for the en­force­ment and ef­fec­tive im­ple­men­ta­tion of the

The panel has iden­ti­fied 50 statutes and reg­u­la­tions, which have po­ten­tial over­lap with the data pro­tec­tion frame­work law, con­sist­ing of a chair­per­son and six whole-time mem­bers. In case of any ap­peal against an or­der of the DPA, an ap­pel­late tri­bunal should be es­tab­lished or an ex­ist­ing ap­pel­late tri­bunal should be granted pow­ers to hear and dis­pose of any ap­peal, said the ex­pert panel in its re­port.

“Data pro­tec­tion law will be an over-arch­ing law that will be ap­pli­ca­ble to all the en­ti­ties,” said Srikr­ishna.

The 10-mem­ber com­mit­tee con­sti­tuted by the govern­ment in July last year to study var­i­ous is­sues re­lat­ing to data pro­tec­tion has iden­ti­fied a list of 50 statutes and reg­u­la­tions which have a po­ten­tial over­lap with the data pro­tec­tion frame­work.

“Con­cerned min­istries may take note of this and en­sure ap­pro­pri­ate con­sul­ta­tion to make com­ple­men­tary amend­ments where nec­es­sary,” said the com­mit­tee in its re­port. It has also sug­gested amend­ments to the Aad­haar Act to strengthen data pro­tec­tion.

How­ever, Srikr­ishna said mat­ters re­lated to Aad­haar are still un­der con­sid­er­a­tion of the Supreme Court and ad­vised peo­ple to wait for the judg­ment.

Ac­cord­ing to the draft bill, per­sonal data col­lected, used, shared, dis­closed or oth­er­wise pro­cessed by com­pa­nies in­cor­po­rated un­der In­dian law will be cov­ered, ir­re­spec­tive of where it is ac­tu­ally pro­cessed in In­dia.

This lo­cal­iza­tion of per­sonal data is likely be­come a trade bar­rier in key mar­kets, said a state­ment from soft­ware in­dus­try lobby Nass­com Data Se­cu­rity Coun­cil of In­dia (DSCI).

“Start-ups from In­dia that are go­ing global may not be able to lever­age global cloud plat­forms and will face sim­i­lar bar­ri­ers as they ex­pand in new mar­kets,” it added.

The com­mit­tee which also in­cludes tele­com sec­re­tary Aruna Sun­darara­jan, Unique Iden­ti­fi­ca­tion Author­ity of In­dia chief ex­ec­u­tive Ajay Bhushan Pandey and Na­tional Cy­ber Se­cu­rity co­or­di­na­tor Gul­shan Rai, drafted a white pa­per on data pro­tec­tion frame­work which was put up for pub­lic con­sul­ta­tion by the min­istry of elec­tron­ics and in­for­ma­tion tech­nol­ogy on 27 Novem­ber.

The draft bill is largely based on the white pa­per which was mod­i­fied after pub­lic com­ments and con­sul­ta­tion with the stake­hold­ers.

Jus­tice B.N. Srikr­ishna SARVESH KU­MAR SHARMA/MINT

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.