Another major bill to discuss

DATA PROTECTION BILL

What happened ? The Personal Data Protection Bill 2019 was tabled in the Indian Parliament by the Ministry of Electronics and Information Technology on 11 December 2019. As of March, 2020 the Bill is being analyzed by a Joint Parliamentary Committee in consultation with experts and stakeholders.

What this bill does ? The Bill seeks to provide for protection of personal data of individuals, and establishes a Data Protection Authority for the same.

What is the need for this bill ? Privacy was held to be a fundamental right under art 21 by Supreme Court in K.S Puttaswamy v. UOI, however the IT laws which protect online data is insufficient, which ultimately result in violation of privacy. To check this menace, the current bill was devised.

Bill is formulated after the suggestions of Justice B.N. Srikrishna Committee
It intends to protect individual rights by regulating the collection, movement, and processing of data that is personal, or which can identify the individual.
The Bill gives the government powers to authorise the transfer of certain types of personal data overseas.
It has also given exceptions allowing government agencies to collect personal data of citizens.

The Bill divides the data into three categories:

1)Personal Data: Data from which an individual can be identified like name, address, etc.

2)Sensitive Personal Data: Personal data like financial, health-related, sexual orientation, biometric, caste, religious belief, etc.;

3)Critical Personal Data: Anything that the government at any time can deem critical, such as military or national security data.

The Bill calls for the creation of an independent regulator Data Protection Authority, which will oversee assessments and audits and definition making.
Each company will have a Data Protection Officer (DPO) who will contact with the Data Protection Authority for auditing, grievance redressal, recording maintenance and more.
The Bill proposes “Purpose limitation” and “Collection limitation” clause, which limit the collection of data to what is needed for “clear, specific, and lawful” purposes.
It also grants individuals the right to data portability and the ability to access and transfer one’s own data. It also grants individuals the right to data portability, and the ability to access and transfer one’s own data.
With intent to decrease anonymity of users and prevent online trolling, The Bill also requires social media companies to develop their own user verification mechanism.
Penalties— Rs 5 crore or 2 percent of worldwide turnover for minor violations and Rs 15 crore or 4 percent of total worldwide turnover for more serious violations.