Skip to main content

Personal Data Protection Bill 2018- A Concise Perusal

Amidst fears with regard to handling of sensitive data and information and several allegations being levelled against the government of enabling the creation of a surveillance state and also with regard to the alleged leak of private information of plethora of people on the social networking site Facebook, a committee headed by retired Justice BN Srikrishna was constituted and given the task of carving out a solid foundation or a digital framework for proper handling and processing of personal and sensitive data and after a long and tedious deliberation it submitted its draft of the “Personal Data Protection Bill, 2018” on July 27, 2018 to the Government. 

Various Entities:
The Bill has recognised several entities Data Principal (whose data is processed), Data Processor/Data Fiduciaries (who processes the data), a central regulating authority called the Data Protection Authority of India (DPAI) whereby term “Processing” includes collecting, recording, adapting, indexing and disclosing personal data. DPAI is the central authority which is concerned with proper implementation of the provisions of bill.

Consent- Core Principle:
Bill serves to give “consent” as the predominant factor to determine the course of processing of sensitive information and explicitly mentions that consent of Data Principal should be extracted from him before his personal data may be handled and consent must be “specific”, “clear”, “informed” and “capable of being withdrawn” and must be fully “aware of the consequences” that may follow.

Vulnerable Sections- High Standard of Consent Required:
Strong protection becomes all the more necessary in cases involving vulnerable sections of society such as children and bill has been successful in catering to this need and has laid down above par protective shield explicitly to prevent violation of children and the untoward use of their personal data. 

Rights of Data Principal:
The rights given to the Data Principal form the backbone of bill. They are:-
1. “Right to be forgotten” which enables a Data Principle to get his old, irrelevant data removed from the public domain, however the term is very broad and has always been a subject of controversy whenever the time comes for its practical implementation. 
2. The “Right to Portability” enables a Data Principal to freely mobilise their data across service providers and such other Data Fiduciaries. 
3. The “Right to Correction” which gives them the right to correct and update the information and it becomes the duty of the Data Fiduciary to make the necessary changes. 
4. The “Right to Confirmation and Access” gives Data Principal the right to access and know for what purpose their information is being processed.

Data Protection Authority of India (DPAI) and Data Fiduciaries:
Dynamic outlook of the bill is evident from the creation of Data Protection Authority of India (DPAI) which will keep on with the work of categorisation and segmentation of the data as “Personal Data” which will then naturally heed to the provisions of the bill. However, the bill classifies Data Fiduciaries into “Significant” and “Insignificant” ones, which creates a lacuna as the bill delves the accountability only on “Significant” Data Fiduciaries and this provides for a safe escape for the ones who have not been tagged as “Significant”. Thus, not laying accountability for all data fiduciaries might lead to a weak control environment. 

Transnational Migration of Data:
To clear the fog of ambiguity, the bill has explicitly dealt with the issue of Transnational Migration of data in which it has stated the procedure for transnational mobilisation of data. However, the bill serves to put a restraint on Data Fiduciaries with regard to transferring “critical” and “sensitive” data and information and has delegated the authority to Data Protection Authority of India (DPAI) for labelling a data and information, as one which is “critical” and “sensitive”. 

Penalties:
The bill also entails severe penalties for the ones who act in contravention to its provisions and states that fines, as high as 5 Crores may be imposed upon the defaulters and these type of penalties present a very robust stature of the bill. It also provides that penalty up to 1 Crore may be imposed if any provision is violated and no specific punishment is prescribed for it. 

All in all it may be said that this bill is central to the evolution of data protection law in India and will hopefully help in steering the development and refinement of this branch of law in a positive direction.

Written By : Rahil Setia (2nd Year)

Disclaimer : The views expressed in this article are views of the author and do not reflect the views of the Blog.

Comments

Popular posts from this blog

National Seminar 2019

Army Institute of Law organised its annual national seminar on 12th October, 2019. The theme for this years seminar was "Dynamics of Gender Equations in the 21st Century: Socio-Legal perspectives." The Chief Guest for the seminar was Hon'ble Mr. Justice Rajeev Bhalla, Former Judge, Punjab and Haryana High Court, and the Keynote Speaker was Advocate Palika Monga Deputy Advocate General, Punjab and Haryana High Court, Chandigarh. Several delegates presented their research papers and valuable insights on distinct areas of Gender Equations throughout the course of the event, in the various technical sessions. Behind the curtains were Mrs. Amrita rathi - the faculty coordinator, Mr. Omvir and Mr. Yuvraj - the student coordinators, faculty members, students volunteers and the management and technical staff who put in tireless efforts for pulling off a successful seminar.

Guest Lecture: The Role of Road Safety in Nation Building

On 21st November, 2019 our esteemed guest Mr. Harman Singh Sidhu, Chairman, ArriveSafe NGO at sector 21, Chandigarh, delivered a lecture on the topic of ' The Role of Road Safety in Nation Building' . He shared his views with the aim to make students aware of road safety and also to make them acquaint with the latest Motor Vehicle Amendment Act, 2019. It was an informative lecture as it enlightened the students with higher penalties of Motor Vehicle Act.

Novices Moot Court Competition

Novices Moot Court Competition is an annual event of the Army Institute of Law, Mohali, in which students who join the course of B.A.L.L.B. are introduced to the activity of mooting. Moot is the mock activity on how the legal proceedings take place in the courts. Novices is a beginners's guide for the First year's students to make them learn formal legal writing and drafting, to develop good and effective oratory skills and to work as a team in coordination with each other. This year the Competition was held from 19th to 22nd August, 2019. The rounds were nail biting as rigorous questioning was done by the judges. With the end of the final round, the following came out to be the winners - Category Teams Cash Prizes Winners TC 12 - Khushi Singh (1901) & V Prisha (1914) Rs. 2800 Runners-up TC 19 – Rajat Sharma (1965) & Akash A M (1944) Rs. 2200 Best Student