PDP Bill Allows Tech Giants To Store Non-Personal Data Globally

PDP Bill Allows Tech Giants To Store Non-Personal Data Globally

SUMMARY

Government has mandated that personal data be stored within Indian territory

PDP Bill also mandates penalties for violations of norms and incidents of data theft and illegal processing

The bill will be taken to Parliament for approval soon

Amid the ongoing concerns of privacy breaches and data theft, the government is now planning to allow internet giants to store and process Indian users’ non-personal data on international servers.

According to a TOI report, non-personal data from users based on transactions which could include things like what they order, where they transact online and which payment method they used can be stored and processed on international servers under the Personal Data Protection Bill (PDP) which has received the cabinet approval. The bill will be taken to Parliament for approval soon.

While the original draft of the bill proposed these internet companies such as Google, Facebook, Amazon, among others, to store a copy of this information in India, the new draft has come up with no such provisions.

Although the proposed bill lays out no such data localisation provisions for non-personal data, it does mandate that companies store sensitive personal data within the boundaries of India. Personal data refers to any data of a natural person which allows any third-party to directly or indirectly identify them, to store in the country. Sensitive personal data includes financial data such as UPI ID, card details, biometric data, positive additions such as religious and political beliefs, caste, intersex/transgender status, and official government identifiers like PAN, Aadhaar as well as the actual name, phone number and email address.

The government has also made it mandatory for companies to store critical data locally, which the government may update from time to time and might include information related to national security, military and other sensitive topics.

Data Protection Authority

The PDP Bill also proposes the establishment of a Data Protection Authority to monitor violations of norms and keeping an eye on incidents of data theft, privacy breaches, among others.

The bill also mandates various penalties for violations of norms and incidents of data theft and illegal processing. For violation of certain proposed norms, the bill mandates a penalty of INR 5 Cr or 2% of global turnover, whichever is higher, while for data leakage or illegal processing, it stipulates the highest penalty of INR 15 Cr or 4% of the turnover.

Moreover, for serious incidents of data breaches or privacy violations, the bill even proposes arrest and jail terms for senior officials from the top management of the violating company which might extend up to three years.

The media report added that the government might have allowed international companies to process non-personal data of Indian users’ on their global servers to prevent a backlash against Indian IT companies doing outsourcing business abroad. It could have also seen the merits of the arguments posed by tech companies in this regard during the feedback phase.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

PDP Bill Allows Tech Giants To Store Non-Personal Data Globally-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

PDP Bill Allows Tech Giants To Store Non-Personal Data Globally-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

PDP Bill Allows Tech Giants To Store Non-Personal Data Globally-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

PDP Bill Allows Tech Giants To Store Non-Personal Data Globally-Inc42 Media
PDP Bill Allows Tech Giants To Store Non-Personal Data Globally-Inc42 Media
You’re in Good company