Personal Data Protection Bill : Challenges
India’s Personal Data Protection Bill seeks to protect the privacy of individuals relating to their personal data, but its design is not based on delivering the promise. It rightly requires the handlers of the data to obtain the individual’s consent but it gives wide powers to the Government to dilute its provisions. The bill tabled in Parliament in December has now been referred to a joint committee which is expected to present the report at the Budget session.
Recently, WhatsApp highlighted that the fact the several Indian Journalists and activists were being spied by an Israeli company which is known to work for government agencies across the world. It has raised concerns over the government’s promise to deliver on promise. Earlier, Google alerted its users, around 500 in India, regarding government backed phishing attacks against them.
Justice BN Srikrishna, whose committee report forms the basis of the bill, himself raised a red flag in reaction to removal of safeguards for Government agencies to monitor personal data. The committee
Spoke about the dangers of privacy from state and non-state actors and called for exemptions to be used in ‘limited circumstances’. It also recommended the Government to have an oversight of intelligence gathering activities resulting in non-consensual processing of data.
Another concern, lies in the constitution of the Data Protection Authority of India, wherein a chairperson and six whole time members will be filled by Government nominees. It completely disregards the fact that government agencies are also regulated under the act and are collectors & processors of data themselves.
The sweeping powers in the Bill disregard the aspect of privacy , which is intrinsic to life and liberty. The current bill does not recognise it as a basic right.