After 5 years of work, govt retracts data protection bill
The government on Wednesday sprung a surprise as it spiked the much-debated, and contentious Data Protection Bill from Parliament, promising to introduce a new legislation “very soon but without any dilution to broader privacy aspects of the original bill and without any compromise to the Right to Privacy” as provided by the Supreme Court in its historic judgment given in August 2017.
The original Bill, which was the culmination of a work that began around five years back after the formation of the Justice Srikrishna Committee, had been introduced in Lok Sabha in December 2019 following which it was referred to the Joint Committee of Parliament (JCP) which took nearly two years to submit its recommendations and present a draft bill towards the end of last year.
However, the government felt that detailed amendments suggested by the JCP warranted a fresh Bill, instead of doing a heavy patchwork on the existing one. Speaking to TOI, telecom minister Ashwini Vaishnaw said that a draft of the proposed new Bill had been finalised which would soon be made public for consultations.
“The Personal Data Protection Bill has been withdrawn because the JCP recommended 81 amendments in a bill of 99 sections. Above that, it made 12 major recommendations. Therefore, the bill has been withdrawn and a new bill will be presented for public consultation,” Vaishnaw said.
“… let me be clear that any new framework that we suggest will be in sync with the fundamental principles of privacy, and the Supreme Court's judgment,” he added.
The minister said the government had decided to initiate the move with a progressive mindset, denying speculation that there was pressure to dilute certain provisions that were impacting global social media giants or other stakeholders. “There has been no lobbying… We simply wanted to put in place a complete, comprehensive framework.”
The existing bill had been criticised by top internet giants such as Americans Meta (that runs Facebook, Instagram and WhatsApp), Google and Amazon who objected to provisions that mandated local storage of data as well as processing of certain sensitive information only within India.
Also, the Bill had been criticised for recommending that independent directors and non-executive directors on the board of a top social media, internet or electronics hardware company should face legal and criminal proceedings for wilful offences around data violations and in cases of complicity or negligence. Companies had objected to the element of criminality being added to any proposed data law.
Apart from internet companies, the Bill had also seen objections from privacy advocates as it proposed overriding powers to central law enforcement agencies under certain conditions to freely obtain data.
Also, many objected to elements of non-personal data being handled under the data law focused on individual privacy.
Minister of state for IT Rajeev Chandrasekhar said the government wanted a fresh data law that was singularly focused on user privacy, while other aspects related to the sector would be tackled under different – but connected – legislations such as the (still under-preparation) IT law and the National Data Governance Framework Policy.
Speaking specifically on the issue of withdrawal of the data protection bill, Chandrasekhar said it was done “after considerable deliberation and examination which merited the need for a comprehensive, redrawing of the laws and rules, taking into account some of the JCP's comments and the emerging challenges and opportunities.”
“We will come back to Parliament very quickly after following the process of consultation," Chandrasekhar said.
Lawyer and activist Apar Gupta said the withdrawal of the Bill “without a confirmed timeline” on introduction of a fresh one “is a matter of grave concern”.
Start the conversation