Skip to main content

Personal Data Protection Bill 2018- A Concise Perusal

Amidst fears with regard to handling of sensitive data and information and several allegations being levelled against the government of enabling the creation of a surveillance state and also with regard to the alleged leak of private information of plethora of people on the social networking site Facebook, a committee headed by retired Justice BN Srikrishna was constituted and given the task of carving out a solid foundation or a digital framework for proper handling and processing of personal and sensitive data and after a long and tedious deliberation it submitted its draft of the “Personal Data Protection Bill, 2018” on July 27, 2018 to the Government. 

Various Entities:
The Bill has recognised several entities Data Principal (whose data is processed), Data Processor/Data Fiduciaries (who processes the data), a central regulating authority called the Data Protection Authority of India (DPAI) whereby term “Processing” includes collecting, recording, adapting, indexing and disclosing personal data. DPAI is the central authority which is concerned with proper implementation of the provisions of bill.

Consent- Core Principle:
Bill serves to give “consent” as the predominant factor to determine the course of processing of sensitive information and explicitly mentions that consent of Data Principal should be extracted from him before his personal data may be handled and consent must be “specific”, “clear”, “informed” and “capable of being withdrawn” and must be fully “aware of the consequences” that may follow.

Vulnerable Sections- High Standard of Consent Required:
Strong protection becomes all the more necessary in cases involving vulnerable sections of society such as children and bill has been successful in catering to this need and has laid down above par protective shield explicitly to prevent violation of children and the untoward use of their personal data. 

Rights of Data Principal:
The rights given to the Data Principal form the backbone of bill. They are:-
1. “Right to be forgotten” which enables a Data Principle to get his old, irrelevant data removed from the public domain, however the term is very broad and has always been a subject of controversy whenever the time comes for its practical implementation. 
2. The “Right to Portability” enables a Data Principal to freely mobilise their data across service providers and such other Data Fiduciaries. 
3. The “Right to Correction” which gives them the right to correct and update the information and it becomes the duty of the Data Fiduciary to make the necessary changes. 
4. The “Right to Confirmation and Access” gives Data Principal the right to access and know for what purpose their information is being processed.

Data Protection Authority of India (DPAI) and Data Fiduciaries:
Dynamic outlook of the bill is evident from the creation of Data Protection Authority of India (DPAI) which will keep on with the work of categorisation and segmentation of the data as “Personal Data” which will then naturally heed to the provisions of the bill. However, the bill classifies Data Fiduciaries into “Significant” and “Insignificant” ones, which creates a lacuna as the bill delves the accountability only on “Significant” Data Fiduciaries and this provides for a safe escape for the ones who have not been tagged as “Significant”. Thus, not laying accountability for all data fiduciaries might lead to a weak control environment. 

Transnational Migration of Data:
To clear the fog of ambiguity, the bill has explicitly dealt with the issue of Transnational Migration of data in which it has stated the procedure for transnational mobilisation of data. However, the bill serves to put a restraint on Data Fiduciaries with regard to transferring “critical” and “sensitive” data and information and has delegated the authority to Data Protection Authority of India (DPAI) for labelling a data and information, as one which is “critical” and “sensitive”. 

Penalties:
The bill also entails severe penalties for the ones who act in contravention to its provisions and states that fines, as high as 5 Crores may be imposed upon the defaulters and these type of penalties present a very robust stature of the bill. It also provides that penalty up to 1 Crore may be imposed if any provision is violated and no specific punishment is prescribed for it. 

All in all it may be said that this bill is central to the evolution of data protection law in India and will hopefully help in steering the development and refinement of this branch of law in a positive direction.

Written By : Rahil Setia (2nd Year)

Disclaimer : The views expressed in this article are views of the author and do not reflect the views of the Blog.

Comments

Popular posts from this blog

INTRA INSTITUTE MOOT COURT COMPETITION 2018

For students of law, mooting is perhaps the most important skill one must hone. To facilitate the students in getting optimum mooting experience, the Army Institute of Law holds the Intra-Institute Moot Court Competition annually.  The final round of the Intra-Institute Moot Court Competition 2018 was held on the 12th of April 2018. The competition was conducted over 2 preliminary rounds held on 10th and 11th of April 2018 and semi-final and final round held on the 12th. The competition saw 16 teams fighting out the Proposition prepared by Mr. Anil Malhotra, senior advocate. The preliminary and semi-final rounds were presided by faculty members of the institute. Gracing the bench for the final round were Justice Dipak Sibal, Judge, Punjab & Haryana High Court, Prof. Dr. Rattan Singh, Director Panjab University and Mr. Anil Malhotra, Senior Advocate, Punjab & Haryana High Court. Reaching the finals were Team 1 comprising Shweta Nair and Akanksha ...

ON REVAMPING THE INDIAN POLICE

It is the inbred duty of the state to provide for a non-partisan and efficient police authority that will facilitate in shielding the interests of the people. ‘Police’ being a state subject under the Constitution of India, the onus falls upon the state government to provide for a streamlined police force. Quite a few years have passed since the prominent judgement of the Supreme Court in the case of Prakash Singh v. Union of India [1] on police reforms exhorting the central and the state government to modify the police system making it more people centric than ruler centric but the ground reality seems to be unvaried. During our colonial time people had a fear of Police owing to the fact that the very fabrication of colonial police is based on wariness, and the image associated with it was robust but now that fabrication needs to be reviewed. Prime Minister Narendra Modi while addressing the 49th Annual Conference of Director General of Police and heads of all Central police o...

Guest Lecture: The Role of Road Safety in Nation Building

On 21st November, 2019 our esteemed guest Mr. Harman Singh Sidhu, Chairman, ArriveSafe NGO at sector 21, Chandigarh, delivered a lecture on the topic of ' The Role of Road Safety in Nation Building' . He shared his views with the aim to make students aware of road safety and also to make them acquaint with the latest Motor Vehicle Amendment Act, 2019. It was an informative lecture as it enlightened the students with higher penalties of Motor Vehicle Act.