Amend Aadhaar law, provision not enough to protect data privacy, recommends Srikrishna panel

The panel has suggested establishing a Data Protection Authority, an independent regulatory body responsible for the enforcement and implementation of the law

Published: 28th July 2018 02:41 AM  |   Last Updated: 28th July 2018 07:48 AM   |  A+A-

Image of Aadhaar card used for representational purpose only

Express News Service

NEW DELHI: The existing provisions of the Aadhaar Act are not good enough to protect data privacy because they leave scope for misuse of citizens’ details captured in the database, says the draft bill on data protection prepared by the Srikrishna panel. Therefore, the Aadhaar law in its current form must be amended, it adds.

The Justice B N Srikrishna committee report submitted to IT Minister Ravi Shankar Prasad on Friday calls for insertion of Section 8A after Section 8 of the principal Act to ensure no data breach happens during offline verification. The report, which is the result of one year of exhaustive research work, also suggests that the offline verification-seeking entity obtain the consent of an individual before verifying him offline. Plus, the entity shall be bound to ensure all data collected from the individual for offline verification is used only for the specific purpose intended.

Misuse of data will attract penalty up to 5 crore or 2 per cent of the data offender’s total worldwide turnover of the preceding financial year. The panel has suggested establishing a Data Protection Authority, an independent regulatory body responsible for the enforcement and implementation of the law. The proposed body will prevent any misuse of personal data, ensure compliance with the provisions of the Act, and promote awareness of data protection.

The new law will have jurisdiction over the processing of personal data that has taken place in India. The panel said personal data should be processed only for specific and lawful purposes and only those data should be collected which is necessary for such procession. Privacy has become a burning issue and every effort must be made to protect data at any cost, said Justice Srikrishna.

Takeaways

  • The proposed law will have jurisdiction over personal data processed in India

  • Consent should be the lawful basis for processing personal data and consent should be ‘free, informed, specific, and capable of being withdrawn’

  • Data Protection Authority will be set up to enforce the law

  • For data misuse, penalty may extend up to 5 crore or 2% of the offender’s total worldwide turnover of the preceding financial year, whichever is higher

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)
TAGS
Aadhaar

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

facebook twitter whatsapp