Personal Data Protection Bill passed in Rajya Sabha
The Digital Personal Data Protection Bill (DPDPB), 2023, was presented in the Lok Sabha on Thursday and was passed by the Lower House on Monday.
Digital Personal Data Protection Bill: The Rajya Sabha on Wednesday passed the Personal Data Protection Bill with a voice vote after the Opposition walked out of the House over the Manipur issue.
The Digital Personal Data Protection Bill (DPDPB), 2023, was presented in the Lok Sabha on Thursday. While the Opposition demanded referring it to a standing committee for further review, a voice vote led to the bill being accepted for consideration. The bill was passed by the Lok Sabha on Monday (August 7).
The bill will set out requirements for private firms which have been collecting data online, with exceptions for government as well as law enforcement agencies.
Personal data protection bill 2023: What will change for a normal user? Experts explain.
The bill comes six years after the Supreme Court declared that the 'Right to Privacy' was a fundamental right. It consists of provisions that will curb the misuse of personal information of users by online platforms.
Union Minister of Electronics and Information Technology Ashwini Vaishnaw said, "Today the Digital Personal Data Protection Bill was passed in the Rajya Sabha. It is a landmark bill in PM Modi's vision of Digital India."
Vaishnaw, speaking in the Lok Sabha, said the bill laid down several obligations on private as well as government entities regarding collection and processing of every citizen's data.
While moving the bill for consideration, Vaishnaw said in Rajya Sabha, “It would have been good had the opposition discussed the bill today (in the House). But no opposition leader or member is concerned over the rights of the citizens.”
Vaishnaw added that the bill had been brought in the House after significant public consultation.
The bill envisions the governance of digital personal data by providing a legislative framework that highlights the rights and duties of the ‘Digital Nagarik’ and the obligations of the business.
Explained: Digital Personal Data Protection Bill
It is based on similar underlying principles which are the basis of personal data protection laws in other jurisdictions including the General Data Protection Regulation (GDPR). These include lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality and accountability. Fundamentally, the bill is based on sound principles and envisions to safeguard data privacy without overburdening business.
However, the Bill amends the Right to Information Act, of 2005 (RTI) and will remove the public interest exemptions on disclosing any personal information. The RTI Act currently allows all public authorities to disclose personal information, including officials’ salaries, only when it is in the public interest. The Bill would remove such caveats and will completely disallow disclosing any personal information.
The bill was released last year on November 18 for public consultation. Since then, the bill has received 20,000 comments from experts and industry stakeholders. Interestingly, as per officials there has not been much change between the proposed draft that was circulated for public consultation and the final Bill which was tabled in the Parliament.