The Lok Sabha approved the Digital Personal Data Protection Bill, 2023 on Monday, despite vocal opposition from some political leaders. The bill, introduced by Ashwini Vaishnaw, the Union Minister for Electronics and Information Technology, aims to strike a delicate balance between individuals' right to safeguard their digital personal data and the lawful processing of such data for relevant purposes.
The bill's core objective is to manage the processing of digital personal data in a manner that upholds the rights of individuals to protect their data while addressing the necessity of processing such data for legitimate reasons.
The bill applies to digital personal data processing within India, covering both online and digitized offline data. Furthermore, its scope extends to the processing of personal data outside India, especially when Indian goods or services are offered.
Central to the bill is the requirement for obtaining consent for lawful data processing, with exceptions made for voluntary data sharing and state-related processing. Data fiduciaries are entrusted with the responsibility of ensuring data accuracy, security, and deletion once the data's intended purpose has been fulfilled.
Individuals are granted certain rights under the bill, including the right to access their information, request data correction and erasure, and seek resolution for grievances. However, concerns have emerged about potential violations of the fundamental right to privacy, particularly due to exemptions granted for state-driven data processing under the pretext of national security.
The establishment of the Data Protection Board of India by the Central government is pivotal to ensure compliance with the bill's provisions. This board will be tasked with adjudicating cases of non-compliance and overseeing the implementation of the bill.
Despite the bill's crucial strides toward data protection, some concerns have been raised regarding the regulation of risks stemming from personal data processing. Moreover, the bill's provision permitting the transfer of personal data outside India has raised questions about the thorough evaluation of data protection standards in recipient countries.
An interesting aspect of the bill is its use of she/her pronouns when referring to all genders, marking a notable departure from traditional language conventions. The bill's "Interpretation" provision clarifies that these pronouns are inclusive and not limited by gender.
While the bill's passage is a significant step forward in India's efforts to safeguard digital personal data, ongoing discussions and potential amendments will likely continue as stakeholders assess its impact on individual privacy and data security.
Website designed, developed and maintained by webexy