5 challenges for joint committee on Personal Data Protection Bill
The Joint Parliamentary Committee on the Personal Data Protection Bill, 2019 will be meeting on Wednesday and Thursday to finalise its long-pending report. This will be the first meeting under the leadership of PP Chaudhary.
The committee was formed in 2019 to deliberate on the nuances of the data protection legislation.Five members, including chairperson Meenakshi Lekhi, were inducted into the Council of Ministers in July this year. Following this, PP Chaudhary took over.
Here are some key considerations for the committee while formulating the data protection legislation:
Limitations to govt control and access of public data
While some national security concerns may require the state to access and maintain records of public data, it is important that the Bill does not make the citizens’ right to privacy secondary to the nation’s security interests. A deliberate elevation of the nation’s security over the right to privacy will vest power with the government to collect and use public data as it deems fit.
Effective limitations on giant firms
The Cambridge Analytica data breach row saw the Central Bureau of Investigation file a case against the British data analytics firm for allegedly accessing and misusing the personal data of 562,000 Indian Facebook users in 2018. The firm allegedly used the data to influence elections in India. Thus, ensuring effective regulations on data mining strategies of giant corporations must be a key focus of the legislation.
Centrality to citizens’ right to privacy
Any legislation on data privacy and protection must be premised on the Supreme Court’s 2017 judgement regarding right to privacy. In August 2017, a nine-judge Constitution Bench of the apex court ruled that right to privacy is “intrinsic to life and liberty” and thus, is inherently protected under the various fundamental freedoms enshrined in the Indian Constitution. The government should strike a balance between personal data protection and the nation’s national security interests.
Preventing cyber attacks and surveillance
India reported 1.16 million cyber security cases in 2020, that’s 3 times more than those of 2019, as per government data presented in Parliament. Recently, allegations over the usage of Pegasus spyware for surveillance by several governments have also surfaced. In India, it is unclear whether the spyware was deployed by the Centre or if it was used by a secondary entity. The Bill must take into consideration data security and privacy risks posed by such modern surveillance technologies.
Focus on proactive implementation
The committee must identify potential challenges in the implementation of the legislation, and incorporate specific strategies to target the same.