Digital Personal Data Protection Bill 2022
Recently the Ministry of Electronics and Information Technology (MeitY) has released the draft Digital Personal Data Protection Bill, 2022.
Earlier also the Central Government had issued a draft of the Data Protection Bill, but the Government had withdrawn it.
Salient Features of the New Bill
- The scope of data protection is limited to the protection of personal data. Non-personal data is excluded from protection.
- Personal data is any data about an individual from which his identity or affiliation with that data can be revealed.
- It is proposed to set up a Data Protection Board to ensure compliance with the provisions of the Bill.
- Concessions have been given on cross border data flow.
- The Central Government will issue a list of areas outside the territory of India where the data of Indians can be transferred.
- Non-compliance with the provisions or data breach can attract a fine of up to Rs 500 crore.
- The Central Government may, in the interest of national security, exempt government agencies from complying with the provisions of this Bill.
- A provision has been made for Consent Managers in the Bill. Any person (Data Principal) can provide, manage, review or refuse consent to the data fiduciary through a consent manager.
Why is the Bill needed?
- The number of users is increasing, as well as the protection of their privacy needs to be kept in mind. It is noteworthy that the Supreme Court has considered ‘protection of privacy’ as a fundamental right under Article 21.
- It is also necessary to ensure digital sovereignty. Digital sovereignty refers to the right of a state to govern its networks to serve national interests.
- Allowing data storage abroad could help India conclude ongoing free-trade agreement negotiations with other countries.
Source – The Hindu