i
Extensive deliberations are on over various aspects and suggestions related to the draft Data Protection Bill, and the government hopes to resolve certain complex issues soon and get Parliament's approval on the legislation latest by the monsoon session, according to Union IT Minister Ashwini Vaishnaw.
He said there is no plan to scrap the current draft data protection legislation that has undergone detailed consultation and parliamentary panel deliberations.
The Data Protection Bill seeks to provide for the protection of the personal data of individuals and establish a Data Protection Authority for the same. It proposes to put restrictions on the use of personal data without the explicit consent of citizens. On December 16, 2021, the Joint Committee on Personal Data Protection Bill, 2019, tabled its report in both the Houses of Parliament, giving its views on various provisions.
Mr. Vaishnaw said that "the consultations which happened were very comprehensive and the report which has come out is again very comprehensive report. It definitely is a complex subject...which has matters that need to be resolved." The Minister said he was hopeful those aspects and points will be resolved "soon".
"I think we should be able to resolve them very soon and bring it...our target was actually this Budget session itself. But, definitely, by the monsoon session, we should be able to do that," he said.
On whether the government is hopeful of getting Parliament's approval on the draft Bill latest by the monsoon session, the minister said, "Yes, that is the target".
The Bill proposes to specify the flow and usage of personal data, protect the rights of individuals whose personal data are processed, as it works out the framework for the cross-border transfer, accountability of entities processing data, and moots remedies for unauthorised and harmful processing.
It also seeks to provide the government with powers to give exemptions to its probe agencies from the provisions of the Act, a move that has been strongly opposed by the opposition MPs who had filed their dissent notes.
In December, a parliamentary panel recommended tougher norms to regulate social media platforms by holding them accountable for the content they host and said that the Centre must ensure data localisation norms are duly followed by all local and foreign entities, with the establishment of Data Protection Authority.
The panel also recommended widening the scope of proposed data protection legislation to include both personal and non-personal data with "a single administration and regulatory body", and sought greater accountability for social media platforms by treating them as 'publishers'.
The committee, however, did not recommend any major dilution of the contentious exemption clause, which gives powers to the government to keep any of its agencies outside the purview of the data protection legislation.
To a specific question on the issues that need to be ironed out, Mr. Vaishnaw said some of the stakeholders had expressed concerns over implementation structure, in the context of the fast-changing digital landscape.
Some tweaking, on the draft legislation, will be needed to make sure that the implementation is smooth, he informed.
"The points which have been flagged by the committee, should we put it in this Bill, include it in this Bill or should we think at a separate, totally new legislation for many other things which are happening. These are some issues which need to be resolved," he said.
The legislation will define the course of the country's digital ambitions and, hence, it will be deliberated at length.
With the USD 200-billion IT industry, employing millions of people, the government will take all measures to ensure that there is no adverse impact of the legislation, on any sector, he assured.
"We will proceed carefully. I do not think we should rush it, at all," Mr. Vaishnaw said.
Facebook-parent Meta in its recent regulatory filing to US SEC had said, "Some countries, such as India, are considering or have passed legislation implementing data protection requirements or requiring local storage and processing of data or similar requirements that could increase the cost and complexity of delivering our services." Mr. Vaishnaw added that some companies have expressed concerns over a new set of compliances, as per reports.
"What is important is that compliance mechanism should be as digital as you can make it, then the friction is reduced. The objective should be met, friction should not be there. That is the work we are trying to accomplish, and it is a complex task," he said.
On the exemption clause, Mr. Vaishnaw asserted that, globally, the exemptions to the Government are "far far more".
Citing the EU General Data Protection Regulation (GDPR) provisions that list out nine such areas, Mr. Vaishnaw said that in comparison, India's legislation, which is in the works, only mentions four areas of exemption.
"There are other geographies where data protection bill has given a complete exemption to the government...no reasons required. We have given reasons which are required as per the Constitution. It is a very fair construct," Vaishnaw argued.
To then say that it amounts to not making government accountable "is an unfair and uninformed way of looking at it", he said.