Given the recent incidents like Facebook, Cambridge Analytica scandal and Google Plus data leak, draft personal data protection bill sounds a smarter idea
The IT Ministry of India will be going through more than 400 suggestions made by government departments, companies and industry bodies before proposing introduction of draft personal data protection bill in the parliament. Prepared by a panel headed by Justice B N Srikrishna, this draft is aimed towards strengthening the privacy of internet services users in India.
PTI reported that an official, who did not wish to be named, said that the various suggestions received are from ministries, youth affair organisations, institutions working for social justice and corporate affairs.
The IT ministry headed by Mr. Ravi Shankar will be going through the suggestions for the next 1.5 months before introducing the draft in the Parliament.
Highlights of draft personal data protection bill
The draft if passed as a bill, will restrict the cross-border transfer of personal data and will require companies, with Indian users as customers, to set up local data centres within the country. It has also suggested setting up of a government authority with a sole aim of safeguarding and preventing misuse of personal information.
Apart from preventing any misuse of personal information, the draft personal data protection bill also makes a key point in defining obligations of data processors as rights of individuals.
Though it’s up to the IT ministry to include or not include the suggestions received, the draft personal data protection bill has drawn mixed reactions from different companies. While some believe that the bill would strengthen the protection of a user’s personal information, others have made a point that setting up of local data centres will increase the operating costs of MNCs in India.
Points in favour
Given the recent incidents like Facebook, Cambridge Analytica scandal and Google Plus data leak, setting up a Data Protection Authority of India, and the draft personal data protection bill sounds a smarter idea.
It is also worth mentioning that many chat apps and social media apps have their data centres located outside India. Moreover, there is no surety that incidents like the Facebook, Cambridge Analytica scandal will not happen in future. Keeping such instances in mind, it might be better to ask companies handling Indian user’s data to store it locally in the country.
Examples from around the world
Britain’s information regulator had set an example by imposing a fine of 500,000 pounds on Facebook after breaches of its data protection law in the Cambridge Analytica scandal. The social media giant may also face a fine of $1.63 billion from European Union, if the Irish Data Protection Commission opens an investigation and finds Facebook to have breached the General Data Protection Regulation.
Google in December 2013 was fined $ 1.2 million by a Spanish privacy watchdog over breaking Spain’s data protection laws.
The draft personal data protection bill is expected to be presented in the Indian Parliament during the winter session generally scheduled for November and December. IT ministry stopped taking suggestions on the draft bill last Wednesday.