New Delhi: IT industry’s apex body Nasscom on Friday said the Digital Personal Data Protection (DPDP) Bill is a significant leap forward for India to establish a robust framework for personal data protection and build the country as a trusted data destination.
The highly-anticipated bill was introduced in the Lok Sabha by information technology minister Ashwini Vaishnaw on Thursday.
According to Nasscom, ensuring comprehensive data protection is paramount for accelerating India’s digital economy and the bill strikes a harmonious balance between flexibility and data privacy measures. “The Data Protection Bill has been a key ask from the technology industry and Nasscom has been working collaboratively with the government from the start to share insights and analysis on global regulations, the India differentiators and provided detailed submissions through the evolution of this Bill,” Nasscom president Debjani Ghosh said.
Also Read: Govt seeks feedback on Digital Personal Data Protection Bill
The top industry body “appreciates the consultative approach that engaged all relevant stakeholders at each phase in defining the digital data protection bill and is really looking forward to India having its own Data Protection Bill”.
“This is a giant step forward towards establishing India as a trusted innovation partner for the world,” said Ghosh.
The data protection bill specifies norms on management of personal data of residents in India and requires explicit consent from people whose data is collected and used. It also outlines practices for entities that collect personal data, how that data should be stored and processed to ensure there is no breach.
According to the government, the DPDP bill is certainly a legislation that will create a deep-lasting behavioural change and create high penalty punitive consequences for any or all platforms that misuse or exploit the personal data of any Indian citizen.
Digital Personal Data Protection Bill tabled in Parliament
After nearly five years of negotiations involving the government, technology companies and civil society representatives, the Centre on Thursday tabled the Digital Personal Data Protection Bill, 2023, in Parliament, which lays out procedures on how corporations and the government itself can collect and use information and personal data of India’s citizens.
Over these five years, the legislation has undergone multiple iterations – having started out as a draft legislation that espoused the broader tenets of Europe’s privacy protections, which empower citizens to have a greater say in how their online data is used. Midway through the journey, there was an infusion of provisions that diluted some proposals to satisfy companies and promote competition, somewhat on the lines of the US legislation.
The final Bill is a mixed bag. While it has serious provisions for the way private entities can deal with users’ personal data, many of those yardsticks do not apply to the Centre itself, which enjoys wide-ranging exemptions and power over the enforcement process.
