Former Supreme Court judge-led panel suggests specialised agency to prevent data theft
A Bill drafted by a committee headed by former Supreme Court judge BN Srikrishna provides for the formation of a Data Protection Authority of India to protect citizens’ data and privacy — a growing concern in an increasingly digitising economy.
The 10-member experts’ panel was set up in July 2017 to come up with an overarching report on data privacy and also recommend legal provisions.
The draft Personal Data Protection Bill, 2018 — part of the report submitted to law and information technology minister Ravi Shankar Prasad — says that the authority will protect “data principals, prevent any misuse of personal data, ensure compliance with the provisions of this Act, and promote awareness of data protection”.
In essence, the authority will function as India’s privacy regulator. “Data principal,” in the bill, denotes a person whose data is being referred to.
In a digital economy abounding with platforms such as Facebook, Google and widening use of the internet, privacy and security of people’s data have become a key public concern and a defining public policy debate.
Individual privacy is a “guaranteed fundamental right”, the Supreme Court ruled in August in a landmark verdict. A nine-judge bench said right to privacy was at par with right to life and liberty, and that the verdict will protect citizens’ personal freedom from intrusions.
The Data Protection Authority will be empowered to take “prompt and appropriate action” in response to any reported matter of data security breach in accordance with the provisions of the bill. Calling it a “monumental work”, Prasad said the IT ministry will examine the report. He said due processes will be taken up to bring a data protection bill before Parliament soon.
The Bill also provides for an appellate tribunal. Any person with a complaint of data breach can appeal to the tribunal whose verdict will have the effect of a decree. Any person who has “suffered harm” from any entity, including the state, handling his or her data shall have the right to seek compensation.
“This is a critical milestone to ensure citizens’ data are protected and fundamental for citizens’ empowerment. The idea is to have a free and fair data economy. Many African countries don’t have privacy laws. So this law can be a reference point for the global south,” said Arghya Sengupta of the Vidhi Centre for Legal Policy, a legal policy advisory group. Sengupta is a member of the Srikrishna committee.
Alleged instances of leakage of data related to Aadhaar, the 12- digit unique biometric ID every Indian is required to possess, have recently made headlines. Aadhaar regulator Unique Identification Authority of India (UIDAI) has, however, denied any breach.
A key function of the authority is to determine the “circumstances” when a “data protection imp- act assessment may be required”. The authority can initiate a sort of risk assessment. It can review technological exercises by a company or entity which may carry a risk of breaching data privacy.
According to section 33 of the proposed Act, such “circumstances” may include any processing involving “new technologies or large scale profiling or use of sensitive personal data such as genetic data or biometric data”.
A data fiduciary, which the bill defines as any person, the government or a company that processes people’s data, must undertake a “data protection impact assessment” before carrying out a task that may violate privacy, according to the bill’s provisions.
The authority will have a chairperson and six wholetime members. They will be appointed by the government based on the recommendation of a selection committee.
Enter your email to get our daily newsletter in your inbox
- The Congress said the violence during the tractor parade in Delhi was a concerted conspiracy, aided and abetted by the government to malign the entire farmers’ movement against the three farm laws
- On a two day visit to his constituency, he will kick-start the party’s election campaign in Kerala and meet many local leaders.
- The Odisha Vigiance Department which had accused teh IFS officer of amassing disproportionate assets worth ₹9.35 crore had claimed that it was the biggest case of disproportionate assets in its history.
- Here are today’s top news, analysis, and opinion. Know all about the latest news and other news updates from Hindustan Times.
- "We have never said that the doors for dialogue are closed. Have you heard? Whenever talks are held, we will let you know," Prakash Javadekar said. The government has so far held 11 rounds of talks with the farmers who have been protesting since November 26 last year.
- Police said the accused had an altercation with the victim earlier in the day and then barged into his room in the evening and thrashed him with a cricket bat.
- The delivery of vaccines made by the Serum Institute of India will fulfil Prime Minister Narendra Modi’s commitment to his Sri Lankan counterpart Mahinda Rajapaksa during their virtual summit last September for all possible support to minimise the health and economic impacts of the pandemic.
- The Dhannipur project includes a mosque, hospital, museum, library, community kitchen, Indo-Islamic Cultural Research Centre and a publication house.