Data Protection Bill: Opposition MPs Raise Concern Over Revised Data Bill, Propose 40 Changes

Several members of the parliamentary group raised concerns about the Digital Data Protection Project (DPDP). check2022, and discussed about 40 amendments, ET has learned.

Some concerns raised opposition party deputies Standing Committee on Information Technology (IT) includes excessive centralization of power, lack of independence of the Data Protection Board, general exemptions for some data fiduciaries, and untested exemptions granted to the government in the bill.

Members also raised concerns about the lack of attention to protecting children’s data and the impact on the Right to Know Act (RTI).

Karti P ChidambaramMP (Congress), Jawahar Sircar MP (Congress Trinamoole), and John Brittas MP (CPI-M) told ET that they plan to raise these issues at the next committee meeting.

“We may have over 40 proposals for the bill in its current form,” Brittas told ET.

According to him, one of his main concerns was the lack of independence of the Data Protection Board in the current structure of the project.

Discover stories that interest you


He added that around the time the bill was put up for public comment, there had only been one preliminary meeting with the information technology secretary. Supreme Courtwhich protects privacy as a fundamental right under the constitution, and that is a major concern, Brittas said.

The date bill is expected to be submitted to Parliament in the second half of the budget session. At present, there is no clarity regarding the timing of its introduction, deputies said.

Sircar told ET he had several concerns about the Data Protection Board and the conditional consent clause.

“The government has uncontrolled and unbridled powers over the Data Protection Board. Under the conditional consent clause, the data trustee has access to the personal data of patients (who are being treated in healthcare facilities) and allows them to be shared with anyone. Another issue is the bill’s impact on the Right to Information Act as it proposes to amend it,” Sircar said.

The bill proposes to remove from the Right to Information Act 2005 a clause that allows government agencies to deny access to information if it violates an individual’s privacy, but allows disclosure of information if there is an overriding public interest. The bill intends to remove this provision, which allows disclosure of information of public interest. Following the amendments to the Right to Information Act, it will be said that any personal information will not be disclosed.

Chidambaram told ET that parliamentary procedure requires that, once introduced in the House, the speaker or chairman can recommend a bill for consideration by a standing committee.

“Because the bill was never submitted to Parliament, it was never submitted to the standing committee for discussion. Whatever discussions took place, they were preliminary and took place when the bill was submitted for public discussion,” he said.

“I expressed concern about the excessive centralization of power to the government, the lack of independence of the Data Protection Board, general exemptions for some data fiduciaries, unverified exemptions for the government, and the lack of attention to protecting children’s data,” Chidambaram said.

According to him, the government exempts itself and its agencies from complying with the provisions of the bill for reasons of national security. “It’s disturbing,” he added.

Regional languages

In a letter to Union Information Technology Minister Ashwini Vaishnav on Monday, Chidambaram sought to broaden the scope of consultations on the bill as well as the Digital India Bill, as well as consultations with stakeholders in different states and ensure that the discussion is also conducted in regional languages. . .

The last day the public could submit feedback on the date of the draft bill was January 2.

Independence of the Data Protection Board of India

According to the bill, the head of the executive, entrusted with the administration of the affairs of the council, should be a person who can be appointed by the central government, and the terms and conditions of her service can be determined by the central government. Experts say this could limit board independence.

The functions of the Council include determining cases of non-compliance with the provisions of the Law and imposing fines.

Any order of the Council is appealed to the High Court.

“Several areas of the bill are left open to the discretion of the executive branch. There should be provisions on what the Data Protection Board should be like, who should be on the board, what the conditions are and how they are accountable. This should be made clear to the people and should not be left to the discretion of the government,” Brittas said.

The executive does not play a dominant role in major data protection laws around the world, he said.

The Central Government may, by notice, exclude the application of the provisions of the Act, the processing of personal data by the State in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign countries, maintaining public order. or preventing incitement to any recognized offense.

“National security and national interests are not the monopoly of the government alone. National security should not be a ploy to defeat the purpose of the bill,” Brittas said.

The center was empowered to notify entities that collect users’ personal data of exemptions from certain provisions, and stated that these exemptions would have an expiration date.

“But we were not told the duration of this expiration clause,” Chidambaram said.