A Report by: Shiwangini Jangra
Data is the new reason for war and fuel to the modern world which plays an active role in Citizens life. This is the subject of unseen war between market players and companies to access the data to gain hegemony and spy over the free will of citizens. Therefore it’s a need of hour to properly protect and process the data in secure hands so that we can secure the user data based on prior information.The New Data Protection Bill has risen up this expectation of citizens by providing a single framework to the user which legislates to secure every aspect of their life. The Government of India has introduced the Personal Data Protection Bill, 2019 in Lok Sabha to discuss the issues and provide single legislation for Data Protection. Later on the bill was withdrawn in August 2022 citing the inadequacy of the provisions in meeting global standards pertaining to Data Privacy and Security. The New Draft has been introduced after modification in provisions.
DATA PROTECTION IN GLOBAL WORLD
According to Survey and Data from the United Nation Conference on Trade and Development, an estimated 137 out of 194 countries have put in place legislation to secure and protect data and Privacy with Africa and Asia showing 61% and 57% adoption respectively. Only 48% least Developed countries have implied Data Protection and Privacy Laws. If we discussed about western world European Union has the Right to Privacy enshrined as a Fundamental Right that seeks to Protect an individual’s right and dignity over the data generated by them. The General data protection regulation there focuses on a comprehensive data protection law for protection of personal data. On the other hand United States of America and China has different approach towards data protection and it’s regulation in Public and Private sector.
SILENT FEATURES OF DATA PROTECTION BILL 2022
- It seeks to regulate and establish a DATA PROTECTION BOARD (DPB) with the purpose to adjudicate on the matter of data protection. It also seeks to establish Data Protection
Officers or Independent Data auditors by companies of large size with the objective to verify the compliance of the law by the institutions concerned.
- The Data Principals (User) will provide additional rights to ask the companies concerned to erase and delete their data.
- This bill laid an additional layer of obligation or duty on the companies concerned to erase or delete their data which will be a prominent step for user related to his right over his privacy and concern to assent according to their will as companies will not be obligated to keep user data that no longer serves a business purpose.
- The additional path-breaking step is that the companies should not process personal data that could harm Minors (Children under 18 years of age) without the consent of their Parents and guardian.
- It also eases compliance for new startups and relaxes the norms related to Cross Border data flow as this was a matter of concern for big tech companies.
- This new bill provides predictability of law and enables the companies to align their policies in consonance with the proposed legislation
- It provides several rights to the user or individual to access to information ( basic information), the Right to Consent before their data is processed and the purpose of collection of that data, Right to Nominate an Individual who will exercise these rights in the event of their death, mental incapacity.
- It imposes financial penalties for DATA FIDUCIARY (data breach or fail to notify user) or FOR DATA PRINCIPAL (if a user submits false document while signing up for an online service which help in transparency and accuracy for both fiduciary and principal.
SIGNIFICANCE OF DATA PROTECTION BILL
This bill offers significant concessions on Cross-Border data flows, offers soft stand on data localization requirements and permits data transfer to select global destinations, it recognize data principal’s right to postmortem privacy(Withdraw Consent)etc.
INDIAN CONTEXT AND WAY FORWARD
In INDIA August. 2017, a nine judge bench of Supreme Court in Justice K.S PUTTSWAMY VS UNION OF INDIA held that Indians have a Constitutionally protected fundamental right to Privacy as an intrinsic part of life and Personal Liberty under Article 21 of Constitution of India. Government of India appointed Justice B. N Krishnan committee for DATA PROTECTION which provide wide range to strengthen privacy Laws in India including restrictions on processing and collection of Data includes Right to be forgotten and Data localization etc. At last we can say that undoubtedly this Bill purposes to specify the flow and Usage of Personal Data, Protect the right of Individual whose personal Data are processed, accountability of entities processing data, and moots remedies for unauthorized and harmful processing etc. crafting such kind of crucial legislation is no mean task. It may require some more trial and error to succeed. It will involve sometime and deliberation to arrive at a comprehensive legal frame work.