SUMMARY
Digital intermediaries will have to go for deep behavioural changes post the implementation of the Digital Personal Data Data Protection Bill: Rajeev Chandrasekhar
The Bill will act as a kinetic enabler for protecting personal data and also accelerate data-led innovation and startup ecosystem, the MoS said
Over 200 industry stakeholders participated in the public consultation on the Bill, including representatives of law firms, think tanks, consumers and citizen rights groups
The digital intermediaries will have to go for deep behavioural changes post the implementation of the Digital Personal Data Protection Bill, Minister of State Electronics & Information Technology Rajeev Chandrasekhar said during public consultation with industry stakeholders over the Bill.
“Post the bill, the intermediaries will have to go for deep behavioural changes — it will no longer be business as usual for them,” the minister said.
Chandrasekhar said that the Bill will act as a kinetic enabler for protecting personal data and also accelerate data-led innovation and the startup ecosystem in the country.
The government’s vision is to build a modern framework which prevents misuse of personal data and is at the same time not compliance-heavy.
The Bill is open for public consultation till January 2, 2023. A total of over 200 industry stakeholders, including representatives of law firms, think tanks, consumers and citizen rights groups, attended the meeting.
This was the first meeting held by the Centre to confer about the Bill after the release of the draft Digital Personal Data Protection Bill (2022) on November 18.
In the meeting, industry stakeholders made various recommendations regarding different clauses of the Bill, including penalising data fiduciaries, getting parental consent for children, and cross-border data flows, among others.
The minister also gave a clarification on the consent clause regarding the Indian government’s access to the data.
The meeting was moderated by Amit Agarwal, additional secretary in the Ministry of Electronics and Information Technology (MeitY), and Rakesh Maheshwari, senior director in the ministry.
The Bill aims to regulate use of personal data and has left out non-personal data.
It proposes to levy a penalty of up to INR 500 Cr for violation of provisions of the legislation. The Bill has also laid out data localisation and storage norms and prohibits companies from storing data in specified countries and locations. The list of these countries will be updated from time-to-time by the government.
It must be noted that industry bodies Asia Asia Internet Coalition (AIC) and The Software Alliance (BSA) have sought a slew of revisions in the draft Bill. The two bodies have urged the Centre to alter the definition of a child (in the Bill), by reducing the age to 13 years from 18 years for getting parental consent.
The BSA said that the present age limit of 18 years clashes with other countries’ data protection regulations including GDPR and the US’ Children’s Online Privacy Protection Act. The clause will also prevent teenagers from accessing services and put an additional monetary burden on data fiduciaries to render these services.
The two bodies count big tech companies such as Google, Amazon, Meta, and Microsoft among their members.
