Winter Session to take up long-awaited data privacy Bill
Deals with handling, processing of consumer data by corporations
The Personal Data Protection Bill has been listed to be tabled in the Winter Session of Parliament which will begin on Monday, a notification on the Lok Sabha website said. The long-awaited Bill deals with handling and processing of consumer data by corporate entities, while introducing restrictions and penalties.
The draft Bill, which was released last year, created a huge controversy, with several global technology companies alleging that the move will curtail their ability of doing business in the country apart from driving cost of operations. The proposals are mostly based on a report submitted by Justice B N Srikrishna in July 2018. The draft Bill has since gone through at least two updates based on inputs received from industry.
While the final contour of the Bill is yet to be known, the draft version, which was made public earlier, said
After ensuring the passage of a record 30 Bills in the first session of the current Lok Sabha, the Narendra Modi government has listed 35 Bills in the Winter Session that begins on Monday. Twenty-seven of these will be new Bills
Citizenship Amendment Bill
Personal Data Protection Bill
Companies Amendment Bill
Insolvency and Bankruptcy Amendment Bill
Mines and Minerals (Development and Regulation) Amendment Bill
Industrial Relations Code Bill
MSME Development
businesses were required to seek explicit consent for the data they collect on consumers. They are also required to mandatorily obtain consent from consumers to use their data sparingly and only for purposes stated, apart from storing ‘sensitive’ consumer data only within Indian borders.
The Bill also proposes a fine of up to ~15 crore or 4 per cent of the firm’s (Amendment) Bill
International Financialservices Centresauthoritybill
Pesticides Management
Multi-state Cooperative Societies laws turnover in the case of a breach, and setting up of a data protection authority, an appellate authority that will decide on such matters.
The proposed law was feared to have far-reaching implications for big tech firms such as Google and Facebook that operate out of India, requiring them to re-tune their businesses. These global technology companies have been arguing that the proposals will shoot up their operating costs and, in some cases, prohibit delivering some internet services.
“The government has conducted two rounds of industry consultations on the draft data privacy Bill, one public and another selective limited consultation with only certain stakeholders. However, till date the final draft has not been put in the public domain and there remains much concern among the multinational corporations and corporate entities with regard to the data localisation requirements,” said Salman Waris, managing partner at New Delhi-based specialist technology law firm Techlegis Advocates & Solicitors.
“If the draft Bill is passed in the present form, it’s going to have far-reaching implications for the corporate sector and adversely affect the ease of doing business and increase overall costs besides introducing a host of regulatory compliance obligations.”
In a recent interview to
Business Standard, Daniel Castro, vice-president of the Washington Dc-based think-tank Information Technology and Innovation Foundation (ITIF), said that policies like data localisation are not a good idea.
“They force companies to start storing data locally within the country which moves away from the most secure servers developed in the most secure operating environment to a domestic implementation that may not be on a par with global security standards,” said Castro, also the director of ITIF’S Center for Data Innovation.