Mint Explainer: Concerns around Digital Personal Data Protection law
India will soon have its first law on protection of personal data belonging to users, treatments and processing of the data by entities, including the government, and a legislative framework aimed at making platforms, big and small, accountable for using the data which has to be used for the purpose it is taken. Yet, legal experts, Parliament members and policy consultants have flagged several concerns that the Digital Personal Data Protection (DPDP) Bill does not address.
Mint takes a look at some of the key concerns regarding the proposed law. Privacy experts and policy consultants said that one key aspect about the DPDP Bill lies in its positioning as a regulation that enables data processing, rather than enabling data privacy while imposing specific restrictions on what kind of data processing can be allowed.
Prateek Waghre, policy director at non-profit organization, Internet Freedom Foundation of India (IFF), said that a key concern is that the Bill is designed to enable processing of personal data, while laying down a few restrictions around how personal data flow is to be restricted. Some Parliament members have also flagged that the data privacy is missing from the intent of the bill and rather talks of data processing.
Lawyers say that the DPDP Bill’s provision to enable government agencies to ask companies to produce user data as required is extremely broad-brushed since it can allow government bodies to seek any personal data under mentioned clauses such as electoral procedures, or the protection of sovereignty of the State. This also does not offer any of the “significant" data fiduciaries with any appeal procedure that they may seek, in answer to the government’s demand for any user data at any point in
. Read more on livemint.com
