Recently the report of the Joint Parliamentary Committee (JPC) on Personal Data Protection Bill, 2019 (PDP) has been released.
The Personal Data Protection Bill, 2019 PDP Bill was first proposed in the year 2019 and was sent to the JPC for examination.
JPC is considering the report since the year 2019 and the tenure of JPC has been extended several times to submit its report in this regard.
Key recommendations of JPC –
- Legally, the PDP Bill should be renamed as the Data Protection Bill.
- Single DPA should be established for personal and non-personal data.
- The government should ensure a mirror copy of sensitive and personal data with foreign entities. Additionally, cross-border data flow must be restricted in certain circumstances.
- All social media platforms (that do not act as intermediaries) should be treated as publishers. Also, they should be held responsible for the content they host.
- In case of a data leak, the company must inform the DPA within 72 hours of the breach.
- Heads of government departments should not be held directly responsible for data breaches.
- Data trustees dealing specifically with children’s data must register themselves with the DPA.
Source – The Hindu