The government is currently preparing to focus to work on IT Act amendment, data protection, the national data governance framework, as well as cybersecurity, in the new legislation.
After removing the bill to protect personal data The government is optimistic that a new bill will be adopted during the budget session of Parliament, the Union Minister for Electronics & Information Technology Ashwini Vaishnaw announced on Wednesday. The government has on Wednesday withdrawn the Personal Data Protection Bill from the Lok Sabha. This bill, the Joint Committee on Personal Data Protection Bill 2019, which was headed by BJP member P P Chaudhary, had submitted its report in Lok Sabha on December 16 2021.
Vaishnaw said to PTI The joint committee produced an excellent report, in which they suggested 81 amendments to the Bill of 99 sections.
“Over and over is the addition of 12 additional important suggestions. With this background there was no other choice to not create a new draft.
“Without violating any of the fundamentals of privacy or this SC judgement…we have come up with a revised draft. We’ve finished the process of Parliament today and will shortly take the new version through an approval procedure. Soon, perhaps before the Budget session, we’ll be able get the law approved,” Vaishnaw said. The Minister of State for Electronics and IT Rajeev Chandrasekhar stated that the government would develop an overall framework that addresses every aspect in the world of digital. It will include special rules for privacy of data and emerging technologies as well as a an overall framework for governance of data.
According to the sources according to sources, the next revision of the Bill together alongside the IT Act modification, the national framework for data governance, etc. will be submitted to Parliament to address the issues related to the IT sector and privacy concerns with data.
Chandrasekhar claimed that the draft of the bill that was presented by the Joint Committee of Parliament (JCP) was broad in scope that needed to be dealt with by various rules, and weren’t specific to data privacy.
“After extensive deliberation and the examination the report, it was concluded that there is an urgent need for a complete revision of the laws and regulations in light of some of the JCP’s suggestions and the upcoming challenges and opportunities that are arising from the present challenges and opportunities will present here,” the minister said.
The bill was removed following Cabinet approval.
Chandrasekhar said that the JCP’s report JCP identified a wide range of challenges and issues which are related to modern issues associated with digital ecosystems.
“Those are clear concerns that are not within the privacy realm and would clearly trigger the need to engage in a dialogue in collaboration with government. We require a more thorough analysis of every aspect of law, jurisprudence regulations, and the frameworks and rules which are essential in the ongoing development of innovation as well as the digital economy,”” the minister stated.
The JCP version of the bill explored several aspects, including important intermediaries on social media as well as personal and non-personal information and hardware that are trusted, that fall under the aegis of various laws and areas of jurisdiction.
“Essentially the final decision of today was to withdraw this law and, in a short time, come back with a set of new laws, however the comprehensive law framework will be put in place to address all concerns,” Chandrasekhar said.
The government is now able to simultaneously tackle IT Act amendment, data protection, a national management framework, cybersecurity, etc. and then table them in Parliament.
“Citizens will have the right fundamental to right to Privacy according to the ruling of the Supreme Court. The revocation of the bill has any effect on the fundamental rights that citizens enjoy,” Chandrasekhar stated.
IT industry participants have been pleased with the move by the government to withdraw the bill on personal data protection and have sought to be part of the process of consultation for the draft bill that is being revised. Industry players were not happy with the bill on data protection that was introduced in the House of Representatives in The Joint Committee on Personal Data Protection Bill.
The Joint Committee on Personal Data Protection Bill 2019 which was headed by BJP member P P Chaudhary had tabled its report in Lok Sabha on December 16 2021. It contained various points in comparison to the draft protection bill (PDP) bill that was drafted by the Ministry of Electronics and IT.
The government on Wednesday retracted the Personal Data Protection Bill from Lok Sabha and said it will soon release an “set of new legislations” which will be a part of the broad legal framework.
The US-based ITI which has members from all IT majors such as Google, Meta, and Amazon applauded the decision of the government to pull the panel’s version of the bill.
ITI was among the international industry groups that had criticized this bill’s joint committee versions. The global industry bodies that opposed the bill included JEITA, TechUK, US India Business Council as well as Business Europe which represent thousands of technology giants and companies such as Google, Amazon, Cisco, Dell, SoftBank and Microsoft.
About a dozen organizations representing industry have written to Union IT and telecom minister Ashwini Vaishnaw that implementation of the proposed Data Protection Bill, as suggested by a panel in Parliament that will seriously harm the business environment in India and decrease the flow of foreign capital into India.
Meta in its regulatory filings from February stated that data protection bills, which are being considered in various countries, including India are in the process of examining or passed legislation to implement the requirements for data protection or that require the local processing and storage of information or similar requirements that may increase the cost and complexity of providing our services.
“New laws or regulations that limit our ability gather and utilize information on minors could result in restrictions on our advertising services as well as our capacity to provide items and products to children within certain areas,” it had said.
Internet Freedom Foundation (IFF) announced that the bill has been pulled following four years of debate.
“We are keeping an eye on these developments, and we hope that the Ministry will take advantage of this occasion to address the various critiques of the bill raised by different parties in the consultation of the process” IFF said.
According to IFF the Data Protection Act 2021, which would provide users with rights regarding their personal data, did not prioritize the individual user, and instead is a benefit to the government and large corporations more than it does for users.
In a document, IFF had said that the bill grants vast exemptions to government departments as well as focuses on the interests of large corporations, and doesn’t properly respect the fundamental rights of people to privacy.
“This decision, when viewed in conjunction with the lack of knowledge about data security in India could be risky at a personal level – when your daily privacy is at risk – but also at a global level due to the fact that it allows for massive surveillance” IFF had alleged.
Cyber security firm Voyager Infosec director Jiten Jain declared that the decision of the government to pull the bill from the statute suggests that it is aware of the concerns voiced by certain segments of the business and civil society organizations.
“We believe that the proposed draft bill to be complete and address any significant concerns expressed by parties.
But, the government must take action quickly to pass the new versions of this bill, as it is not possible for foreign firms to use our citizens’ data,” Jain said.