BENGALURU: Data privacy experts and other stakeholders expect the government to consult them before drafting the new framework for Personal Data Protection (PDP) Bill.
The Centre on Wednesday withdrew the PDP Bill, 2019, after the Joint Parliamentary Committee (JPC) had recommended 81 amendments to it and also made 12 recommendations.
“Data is the bedrock for Digital India and the new framework for Personal Data Protection can build on the learnings from global implementation of data privacy laws and stakeholder feedback on the earlier bill,” said IT industry body Nasscom.
The key imperatives will be to operationalise the fundamental right to privacy and enable data protection in a manner that grows trust in data-driven businesses and allows data-led services to grow in a safe and trusted manner, it added.
The bill, which had sought to regulate individuals’ personal data, also proposed a single law to deal with personal as well as non-personal data. Many industry stakeholders, especially tech companies, were disappointed with the PDP Bill.
The Information Technology Industry Council (ITI) said it is looking forward to the government implementing a robust stakeholder consultation. Kumar Deep, ITI’s Country Manager for India, said, “In March 2022, ITI outlined concerns with the PDP bill that would have unintentionally limited the ease of doing business in India.” Harshil Doshi, Director of Sales (India and SAARC), Securonix, said the PDP Bill was way too complicated to be implemented in a robust fashion.
“The complex provisions around the vague definition of privacy data, exemption of central agencies and stringent clauses around storing all data within the boundaries of our country could have led to some key cloud providers taking a tough decision on their current and future investments in India,” he said.
He added that India needed a clear Bill, which has provisions to protect sensitive PII (personally identifiable information), PHI (protected health information) and other confidential data. The government should consult the cyber security industry and other stakeholders to draft a comprehensive but clear and crisp bill, which can be implemented smoothly, he said.