The world is changing rapidly since the beginning of the century. Globalization, innovation and demographic change have affected our ability to think, understand and make decisions. Today, the Internet is not just being seen as a tool of entertainment but it is fast affecting our work and life. The 21st century is considered to be an era of technology and modernity, today global discussion is also focused on data and related issues. In such a situation, experts are assuming that if India wants to play an important role in shaping the digital landscape of the 21st century, then it has to create a legal framework regarding data and its security, because data security is the only one for empowerment, progress and innovation. Is the key.
- It is to be noted that the Union Cabinet chaired by Prime Minister Modi has approved the Personal Data Protection (PDP) Bill, 2019 and with this the first step towards data security in India has started. The bill is expected to be presented to Parliament this winter session.
Data and its importance
- In common parlance, the term data is often used for messages, social media posts, online transfers, and search history.
- Technically, data is defined as a set of information that a computer can easily read.
- It may be noted that this information can be in documents, images, audio clips, software programs or any other format.
- Any data at its most elementary level is a group of 1’s and 0’s, known as binary data, for example 011010101010.
- Today, this store of personal information has become an important source of profit and various companies are storing and using it to make their users’ experience enjoyable.
- Governments and political parties also use the information store to gain benefits in policy making and elections. In this perspective, the importance of data increases further.
- However, it is also very risky because the information we provide creates a virtual identity that can also be used to harm us.
Current data collection rules
- Currently, India does not have any specific laws to prevent the use and misuse of personal information. However, India does have some relevant laws in this context, including the Information Technology Act, 2000 and the Indian Contract Act, 1872.
- The Information Technology Act, 2000 provides for payment of compensation and punishment in case of mis-disclosure and misuse of personal data.
- It is known that Justice B.C. N. A high-level committee under the chairmanship of Sri Krishna had prepared a draft on data protection in the year 2018, but due to inter-ministerial negotiations, the resolution could not be passed by Parliament at that time.
Data protection draft of Shri Krishna Committee
- In July 2017, Justice B.R. recommended a framework to secure personal data in the digital world. N. A 10-member committee was set up under the chairmanship of Sri Krishna.
- Under this draft, attempts were made to regulate or regularize the processing of people’s personal data by data fiduciaries (entities that collect and control data).
- Many rights were given to citizens regarding their data in the draft such as amending the data or acquiring the data stored near the Fiduciary etc.
- Under the draft, it was provided that every data fiduciary would have to keep a ‘copy copy’ of all personal and sensitive data in a server located in India.
- Also, the draft also provided for the creation of a Data Protection Authority (DPA) to formulate and monitor specific rules for all data fiduciaries of different sectors.
Data Protection (PDP) Bill, 2019
- The data protection bill approved by the Union Cabinet is different from the version prepared by the Sri Krishna Committee on three points.
- The draft prepared by the committee provided that all fiduciaries must store a copy of all personal data in India. It is known that this provision was heavily criticized by foreign technology companies. This condition has been abolished under the new bill, only personal consent is required only for data transfer abroad.
- However, like the draft, the bill also provides that sensitive personal data should be stored only in India.
- Also it can be processed abroad only after following certain conditions, including the approval of the Data Protection Agency (DPA).
- According to the bill, it has been made mandatory for fiduciaries to provide non-personal data to the government as required. Significantly, the draft prepared by the committee does not apply to such data.
- The bill makes it mandatory for social media companies to develop their own User Verification Mechanism while there was no such provision in the previous draft.
Data localization issue
- Data localization means that information or information related to Indian citizens will be processed and stored in India itself. No company can carry data outside India nor can it be used outside the country.
- An important argument in favor of data localization is that storing data at the local level helps law enforcement agencies use the information needed to detect a crime or gather evidence.
- Increasing technology over time will play an important role in eliminating crimes by relevance.
- Significantly, where data is not localized, investigative agencies have to rely on Mutual Legal Assistance Treaties (MLATs) to obtain information, resulting in delays in investigations.
- Apart from this, many experts believe that localization will also increase the ability of the Indian government to tax Internet giants.
- While India and China are in favor of data localization on the one hand, on the other hand, the US government and companies consider uninterrupted data flow to be necessary.
- Currently India’s data economy sector is not very big but India is a fast growing economy, in which more possibilities are being expressed about the future. Therefore, countries that support uninterrupted data flows cannot ignore India.
- Experts believe that if all countries start emphasizing on the protection of data, then it can be very harmful for companies of India, who are aspiring for global expansion.
Data Protection Bill Issues
- Civil society organizations and social workers have criticized the exceptions given to the government in the bill, which they say allows the government to monitor its citizens.
- Many experts are calling the Data Protection Bill a double-edged sword, which talks about protecting the data of Indians, on the other hand, it allows the central government to give concessions to monitor citizens.
- At the same time many experts are also believing that data security cannot be ensured only through data localization.
- The Internet and Mobile Association of India (IAMAI) recently pointed to the ambiguities in the bill, stating that it could create unnecessary problems in the future.
According to statistics, there are about 500 million active web users in India’s over 1 billion population and India’s online market is the largest market after China. In such a situation it becomes imperative that efforts be made to regulate the online market. It is worth noting that the government is trying to address the issue of data security and its protection through the recent Data Protection Bill, although it cannot be denied that there are some shortcomings in the recent bill. It is necessary to seriously consider these shortcomings and to explore suitable alternatives in consultation with all stakeholders.
You May Also Like Latest post india srilanka relations