The bill was tabled in the Lok Sabha on August 3 by the Minister for Electronics and Information Technology Ashwini Vaishnaw
The Union Cabinet approved the DPDP Bill, 2023 in July, which was soon after cleared by a standing committee
The bill, first introduced in November 2022, has narrowed the scope by considering only personal and digital data in India (and concerning Indians)
Inc42 Daily Brief
Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy
The Lok Sabha passed the much-awaited Digital Personal Data Protection (DPDP) Bill, 2023, on Monday (August 7). The bill was tabled in the Lok Sabha on August 3 by Minister for Electronics and Information Technology Ashwini Vaishnaw.
A draft version of the bill was first released by the Ministry of Electronics and Information Technology (MeitY) in November 2022. After several rounds of consultations, where various types of stakeholders were invited to give their feedback on the draft legislation, the much-awaited bill was finally introduced.
The Union Cabinet approved the DPDP Bill, 2023 in July. Soon thereafter, the Standing Committee for Information Technology and Communication also approved the bill.
The previous iteration of the bill was withdrawn by the government in August 2022 after a parliamentary panel submitted more than 80 amendments to the draft.
Commenting on the bill, Manish Sehgal, partner, risk advisory at Deloitte India, said, “Data protection bill, once enacted, will enhance the privacy cognisance of Indian citizens by empowering them with their privacy rights through transformative accountability measures to be adopted by enterprises.”
An Overview Of The Bill
The Digital Personal Data Protection Bill, 2023, has narrowed the scope of the earlier bill pulled back in August 2022, by considering only personal and digital data in India (and concerning Indians).
The Bill has also proposed the concept of data fiduciary and mandated new changes, including the right of a user to give, manage and withdraw consent for sharing information. The new data privacy law will also significantly increase the accountability of startup businesses when managing sensitive data. In case of non-compliance with the provisions of the Bill, a penalty of up to INR 500 Cr may be imposed.
The bill has also suggested that it will allow for cross-border storage and transfer of data to “certain notified countries and territories.” The DPDP Bill, 2023, has also provided some exemptions to cross-border data transfer, including arbitrations, government interests, research purposes and more. Further, the central government will also establish the Data Protection Board of India to adjudicate non-compliance with the provisions of the DPDP Bill.
However, the opposition has expressed concerns about some of the provisions in the bill and has been demanding that it be sent to a parliamentary panel.
{{#name}}{{name}}{{/name}}{{^name}}-{{/name}}
{{#description}}{{description}}...{{/description}}{{^description}}-{{/description}}
.svg){kind=logo}
Note: We at Inc42 take our ethics very seriously. More information about it can be found here.