JPC recommendations ‘out of sync with India taking the leadership position in the Techade’, says IAMAI
JPC recommendations have fundamentally altered the structure of the bill. IAMAI said the proposed law has evolved from a personal data protection bill to a generic data protection bill.
The Bill has been in the limbo for 4.5 years and has proposed sweeping changes in the digital landscape
The Internet and Mobile Association of India (IAMAI) has slammed the recently released Joint Parliamentary Committee’s (JPC) report on the Personal Data Protection Bill, 2019.
Mincing no words, the internet body said that the report was ‘out of sync with India taking the leadership position in the Techade.’
Techade is a term used by the industry body, NASSCOM. It refers to the ten year period (beginning in 2020) which will define the role technology plays in India’s economy.
In a press statement, IAMAI said that the recommendations could negatively impact a cross section of tech industry segments, including home-grown startups.
Slamming the new recommendations, the body said that the new report had fundamentally altered the structure of the Bill. It further added that the new recommendations had morphed the Bill from an earlier personal data protection bill to a generic data protection bill.
The IAMAI also urged the government for wider stakeholder consultations before the amendments are formulated into a law.
Remember, the JPC report was submitted before the Parliament on December 16 last year. The updated version has been 4.5 years in the making and has proposed sweeping changes in the digital landscape.
What Is IAMAI’s Grouse?
The internet body has raised a slew of concerns with the government, including hard data localisation norms, trade secret concerns, treating intermediaries as publishers and age-restrictions on certain products.
Recommended For You:
The updated report has sought stringent data localisation requirements, including tasking the Data Protection Authority (DPA) to consult the Centre on all international sensitive personal data transfers.
IAMAI said that harder data localisation norms could lead to higher compliance costs for companies. It also added that placing restrictions on cross-border data flow could create barriers for the growth of Indian startups and have a ‘negative impact on the ability of Indian consumers to access a truly global internet.’
The internet body also said that the Bill’s diktat to bring back data of Indians taken abroad could pose significant operational and technical challenges.
The Non-Personal Data Angle
IAMAI also panned the JPC recommendations, saying it expands the scope of the Bill to include non-personal and personal data. The report, the body, said fails to differentiate between the two raising concerns about data privacy. Calling the inclusion IAMAI also pointed out that the Expert Committee report on non-personal data is yet to be finalised.
The Bill seeks to regulate non-personal data (NPD) within the scope of a personal data protection framework. It also gives the central government broad powers to access NPD for formulating policies for the digital economy and empowers the DPA to investigate breaches of NPD.
This is in addition to the JPC recommending that the preamble of the 2019 Bill be amended by adding the word ‘digital’ before ‘privacy of individuals,’ limiting the scope of the 2021 Bill to digital privacy and not the holistic data privacy of individuals.
Another point of contention highlighted by IAMAI is regarding the creation of a new framework to monitor, test, and certify hardware and software for computing devices. IAMAI, in a press statement, said that such a move could hamper India’s ability to attract global businesses and investments.
The Row Over Free Speech
IAMAI has also criticised the updated recommendations that seek to treat intermediaries as publishers under certain circumstances. It said that such a provision may have a drastic impact on free speech and creativity, adding that any such move could ‘pose a risk to the digital ecosystem.’
The non-profit has also called on the Centre to review the proposed imposition of age restrictions on certain services. It added that, it could create ‘barriers for a child to attain educational and recreational fulfilment available on the internet.’
It also called on the Centre to reconsider the ‘transparency’ requirements suggested by the JPC in the updated draft. IAMAI said that the regulations under this section were ‘very broad’ and could encroach upon the data fiduciaries’ intellectual property rights.
The IAMAI joins a host of think tanks and social organisations in criticising the updated Bill. The recommendations have far reaching consequences and could prove to be a make or break moment for India. Ultimately, all the sides have to sit down and form a common consensus to deal with this deadlock.