In an era of technological advancement, where the growth of the digital economy has meant the use of data as a critical means of communication, the Personal Data Protection Bill is proposed to ensure the informational privacy of individuals, and ensuring empowerment, progress and innovation
Well, according to parliamentary procedure, the Bill could also have been referred to the departmental committee, which in this case, would be the parlimentary standing committee on information technology, headed by Congress leader Shashi Tharoor.
However, it didn’t happen that way and Tharoor objected to the proposal of sending the Bill to the JSC and also wrote to Lok Sabha Speaker Om Birla to register "strong concerns" with Prasad's proposal. He said the Committee on IT has a mandate and a parliamentary responsibility to examine all matters related to information technology, electronics, telecommunications, postal services, and allied services.
As a matter of fact, the draft was not circulated well in advance of its presentation in Parliament and comments and submissions made during the drafting process were not made public.
Besides, the government has taken extraordinary measures to reduce public scrutiny, and even Parliamentary examination of the Personal Data Protection Bill. This lack of scrutiny makes it more likely that multiple areas of concern will not be addressed. Some of them include:
The independence of the proposed Data Protection Authority (DPA), which has been weakened as all members must be from the executive arm of government. This contrasts with the Srikrishna Committee’s suggestion that the DPA induct individuals with executive, judicial, and external expertise.
Besides, if social media platforms are forced to provide processes for “voluntary” user-verification, this would chill freedom of expression, and impinge on the privacy of those who chose to be verified.
Any user who does not submit “voluntary” verification and remains anonymous could also be specifically targeted by government agencies. Moreover, it would increase the risk of profiling, and data breaches as more data would flow to social media platforms.
The mandate for enforced transfer of “non-personal” data to government could also lead to abuse and misuse.
This means even anonymised information about e-commerce sales patterns can, for example, be used to infer personal details like caste, religion, medical conditions, sexuality, reading habits and so on.
Tying non-personal data to personal data, such as electoral rolls, income tax records, mobile call and internet-usage patterns and social media usage is possible since government has access to such data and a free hand with surveillance.
Critics argue that it is a pity that India’s first privacy legislation has so many holes.
However, looking at the positive front, the bill ensures...
To know more, listen to the podcast