RTI activists contend that the law will dilute the Right to Information Act
The highly crucial Digital Personal Data Protection Bill is likely to be tabled in Parliament in the upcoming Monsoon Session, starting July 20, after it was approved by the Union Cabinet on Wednesday. While this will signal a landmark move, six years after the Supreme Court held privacy to be a fundamental right, there are concerns about some provisions of the Bill.
Tabled first in 2019, and followed up with multiple revisions, the bill seeks to provide an overarching framework of technology regulations, as it includes the Digital India Bill, which is expected to replace the IT Act, 2000, the Indian Telecommunication Bill and a policy for non-personal data governance. It seeks to safeguard and govern personal data use by setting out the duties and obligations of users, along with their rights.
While the Bill, once passed, will play a significant role in India’s trade negotiations with other countries, RTI activists contend that the law will dilute the Right to Information Act, as it provides for exemptions to the Central governments and its agencies on the grounds of national security and maintaining public order. Decreased transparency is a very possible outcome.
Another concern is the Central government’s control over the appointment of members to the Data Protection Board which will deal with grievances and settle disputes between two parties. The chief executive to the board will be appointed by the Centre, raising concerns over diluted accountability of government functionaries and unfair practices.
That said, the aim of the law is to take Big Tech to task over data misuse, besides strengthening provisions to prevent data breaches and accidental disclosures. This comes against a backdrop of alleged social media role in “toolkit” promotion during the farmer protests that enveloped the nation in the recent past. Social media also played a purported role during the Delhi riots of 2020.
While governmental influence is feared, creating a regulator can be seen as a positive step towards preventing data theft and limiting interference by unscrupulous, vested interests. Extensive consultations over the Bill by the government also indicate that many concerns around grounds of processing and data interception may have been addressed.