PERSONAL DATA PROTECTION BILL 2019: AN ANALYSIS

In today’s technology driven world, where every kind of information is accessible on internet and lot of personal information being stored online, there is need for personal data protection so that it is not misused and adds to other cyber crimes. In India where Right to privacy is declared as a fundamental Right in case of Justice K.S. Puttaswamy v Union of India[1] , the Supreme Court highlighted the right to privacy an extended Right to Life under Article 21. Moreover it was also felt that there was a need of legal regime in India for protection of personal data on digital media and for the same government was asked to frame an expert committee. Accordingly a committee of experts was formed on 31st July 2017 under chairmanship of B.N. Sri Krishna who laid down their first report “Personal Data Protection Bill 2018’ on 27th July 2018. However this bill had certain defects such as main regulatory committee under the bill was under control of government that would favour the government agencies in storage of personal information. Thus a revised new bill Personal Data Protection Bill 2019 was laid down before Union Cabinet on 4 Dec 2019. Then the bill was introduced in Lok Sabha on 11th Dec 2019 and on the same day referred to Joint Parliamentary Committee for review. The Joint Parliamentary Committee would submit the report regarding The Personal Data Protection Bill 2019 by the end of monsoon session of Parliament.

This Personal Data Protection Bill 2019 has certain advantages such as this bill provides certain obligations to be followed by both private companies as well as government while processing any personal information, there are rights available to data principal (one whose personal data is being stored and processed on internet) such as right to be forgotten as well as right to access such data and there  are strict penalties if there is violation of any provisions of bill such as the higher of which extends up to INR 150 million or 4% of the total worldwide turnover of the data fiduciary for the previous financial year, depending on the nature of the offence. 

However this bill has certain defects such as there are exemptions allowed to government agencies as well as Right to be forgotten which means the right to remove personal data from the internet has a lengthy procedure that will ultimately defeat the main object of the right. Thus right oriented data protection legislation is need of hour to provide autonomy to data principal but at same time there is need to strike a balance between the autonomy of data principal as well as right to information. With most of companies on a digitization spree, this bill is a valuable step towards a sustainable solution that would help India in strengthening its data in its personal sphere.

Along with the defects it is yet to see whether this bill if turned a law would decrease misuse of personal data on digital media or will just turn out to be list of heavy obligations to be followed by data fiduciaries to stay on internet.



[1] (2017) 10 SCC 1.


Comments

Post a Comment

Popular posts from this blog

Teacher As: Critical Pedagogue

ROLE CONFLICT PROBLEM AMONG WORKING WOMEN

Rights and obligations of Issuer, Participant and Beneficial owner under the Depository Act, 1996