Scribd
Upload
43 views

Data Protection Bill

The document discusses India's Personal Data Protection Bill which seeks to regulate how personal data is collected and processed. It classifies personal data into critical, sensitive and general categories and outlines rights for individuals like the right to be forgotten. It also discusses the role of the proposed Data Protection Authority and concerns around exemptions given to the government.

Uploaded by

harshvardhankamble18
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
43 views

Data Protection Bill

The document discusses India's Personal Data Protection Bill which seeks to regulate how personal data is collected and processed. It classifies personal data into critical, sensitive and general categories and outlines rights for individuals like the right to be forgotten. It also discusses the role of the proposed Data Protection Authority and concerns around exemptions given to the government.

Uploaded by

harshvardhankamble18
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Data Protection Bill

insightsonindia.com/2019/12/07/data-protection-bill

December 7,
2019

GS Paper 2:

Topics Covered:

1. Government policies and interventions for development in various sectors and


issues arising out of their design and implementation.

What to study?

For Prelims: Key features of the bill.

For Mains: Concerns and issues.

Context: Cleared by the Cabinet, the Personal Data Protection Bill is due to be placed in
Parliament.

The Bill has three key aspects that were not previously included in a draft version,
prepared by a committee headed by retired Justice B N Srikrishna.

How does the bill seek to regulate data?

The bill constitutes 3 personal information types:

1. Critical
2. Sensitive
3. General

Sensitive data constitutes or is related to passwords, financial data, health data, official
identifier, sexual orientation, religious or caste data, biometric data and genetic data. It
may be processed outside India with the explicit consent of the user.

Critical data will be characterised by the government every once in a while, and must be
stored and handled only in India.

General data: Any data that is non-critical and non-sensitive is categorised as general
data with no limitation on where it is stored or managed.

Other Key provisions:

1/3
Data principal: As per the bill, it is the individual whose data is being stored and
processed.

Exemptions: The government is qualified to order any data fiduciary to acquire personal
and non-personal/anonymised data for the sake of research and for national security
and criminal investigations.

Social media companies, which are deemed significant data fiduciaries based on factors
such as volume and sensitivity of data as well as their turnover, should develop their own
user verification mechanism.

An independent regulator Data Protection Agency (DPA) will oversee assessments and
audits and definition making.

Each company will have a Data Protection Officer (DPO) who will liaison with the DPA for
auditing, grievance redressal, recording maintenance and more.

The bill also grants individuals the right to data portability, and the ability to access and
transfer one’s own data.

The right to be forgotten: this right allows an individual to remove consent for data
collection and disclosure.

Why does data protection matter?

With a population of over a billion, there are about 500 million active web users and
India’s online market is second only to China.

Large collection of information about individuals and their online habits has become an
important source of profits. It is also a potential avenue for invasion of privacy because
it can reveal extremely personal aspects. Companies, governments, and political parties
find it valuable because they can use it to find the most convincing ways to advertise to
you online.

Besides, presently, there are no laws on the utilisation of individual information and
forestalling its abuse, even though the Supreme Court maintained the right to privacy
as a fundamental right back directly in 2017.

How is data handled?

Data is collected and handled by entities called data fiduciaries.

While the fiduciary controls how and why data is processed, the processing itself may be
by a third party, the data processor.

The physical attributes of data — where data is stored, where it is sent, where it is
turned into something useful — are called data flows.

2/3
Why there are Concerns over the bill?

The bill is like a two-sided sword. While it protects the personal data of Indians by
empowering them with data principal rights, on the other hand, it gives the central
government with exemptions which are against the principles of processing personal
data.

The government can process even sensitive personal data when needed, without explicit
permission from the data principals.

Sources: the Hindu.

3/3

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy