The Personal Data Protection Bill, 2019 was introduced in Lok Sabha by the Former Minister of Electronics and Information Technology Ravi Shankar Prasad in 2019. The Bill seeks to provide for the protection of the personal data of individuals and establishes a Data Protection Authority for the same.
The Bill regulates the processing of personal data by: government, (ii) Indian companies, and (iii) foreign companies dealing with the personal data of Indian citizens. Personal data is information about an individual’s qualities, traits, or attributes of identification that can be used to identify them. The Bill categorizes certain personal data as sensitive personal data.
Financial data, biometric data, caste, religion or political opinions, or any other category of data established by the government in collaboration with the Authority and the relevant sectoral regulator are all included in this.
Rights of the individual: Certain Individual rights are outlined in the bill. These rights include:
(i) obtain confirmation from the fiduciary that their personal data has been processed
(ii) correction of incomplete, inaccurate, or out-of-date personal data
(iii) limit continued disclosure of personal data by a fiduciary if that is no longer necessary or consent is withdrawn.
Grounds for processing personal data
The Bill permits the processing of data only if consent is provided by an individual. Personal data can, however, be processed without consent in certain instances. These include if the state requires it for the individual to receive benefits, (ii) judicial proceedings, and (iii) responding to a medical emergency.
Data Protection Authority
The Bill establishes a Data Protection Authority that has the authority to: defend individual interests, (ii) prohibit misuse of personal data, and (iii) ensure compliance with the Bill. It shall be chaired by a chairperson and comprise six members having at least ten years of experience in data security and information technology.
Transfer of data outside India: Sensitive personal data may be sent outside of India for processing if the individual has given their consent and certain additional conditions have been met. Such sensitive personal data, on the other hand, should continue to be stored in India. Certain personal data that the government has designated as important personal data can only be processed in India.
Sharing of non-personal data with the government: For better targeting of services, the central government may direct data fiduciaries to provide any: (i) non-personal data and (ii) anonymized personal data
Joint Committee on the Personal Data Protection Bill, 2019
In 2020, The Personal Data Protection Bill, 2019 as introduced in Lok Sabha was referred to a Joint Parliamentary Committee of both the Houses, under the Chairperson of Meenakshi Lekhi for examination and Report. Now, P.P. Chaudhary has been appointed as the chairperson of the JCP.
Joint committee on Data Protection Bill gets extension to submit the report
Today, during the monsoon session of the parliament, the Joint Committee on the Personal Data Protection Bill, 2019 has been given further time till the first week of the Winter Session of Parliament, 2021 to present its report.
Data Protection Bill: Joint Committee on the Personal #DataProtection Bill, 2019 has been given further time till the first week of the Winter Session of Parliament, 2021 to present its report.
— Prasar Bharati News Services पी.बी.एन.एस. (@PBNS_India) July 23, 2021