After two years of deliberations, the joint parliamentary panel on the Data Protection Bill has adopted its report. The committee was formed in December 2019 and was allowed five extensions. Several members of the committee filed dissent notes. With the adoption of this report, India could soon have a personal data privacy law as parliament is likely to take this up in the upcoming winter session which starts next week.
Members of the Congress, the BJD and the TMC on Monday gave dissent notes to the Joint Committee of Parliament on the Personal Data Protection Bill after the panel adopted its report at its meeting here. Congress leader Jairam Ramesh said he was compelled to submit a detailed dissent note on the Bill as his suggestions have not been accepted and he was unable to convince members of the panel. From the TMC, MPs Derek O' Brien and Mahua Moitra submitted a dissent note, alleging the Bill lacks adequate safeguards to protect the right to privacy of data principles.
Other Congress MPs who have submitted dissent notes are Manish Tewari, Gaurav Gogoi and Vivek Tankha. BJD's Amar Patnaik also submitted a dissent note on the Bill. The Personal Data Protection Bill, 2019, was referred to the Joint Committee of Parliament (JCP) for scrutiny before it is taken up by Parliament for consideration and passage. The report on the Bill was delayed by the panel as its former chairperson Meenakshi Lekhi was elevated to the position of a minister and a new chairperson of the committee was appointed.
Speaking to CNBC-TV18 Manish Tewari, JPC Member of Personal Data Protection Bill, said, “We will have to await the report being formally tabled in the house as and when it is done in the winter session. So therefore, I would not be at liberty to discuss the proceedings, or what the draft report as adopted by the joint committee of Parliament and data protection is. But I would apprise you with what my fundamental concern, which has been articulated in my dissent note is, and that fundamental concern is that if you were to rewind to the beginning, this entire debate on data privacy was sparked off by the Supreme Court 9 judge judgment in the Puttaswamy case, where the Court unanimously said that the right to privacy is a fundamental right, in terms of Article 21 of the Constitution. Subsequently, in the second Aadhaar judgment, which was a five-judge bench judgement, the court opined on the need or the desirability of having a data protection law.”
“Subsequently, the government set up the Srikrishna Committee, the committee submitted its report, it also submitted a model Bill and that became the basis on the Data Protection Bill or the personal data protection Bill, which came before Parliament in 2019 and subsequently got referred to a joint committee of Parliament.”
Tewari added, “The joint committee deliberated on it for long years, deliberations were held in an extremely cordial and a friendly environment. However, there were fundamental problems with the design of the Bill itself. The authors of the Bill distinguished as they were, conceived this Bill with a free Puttaswamy mindset. So therefore, the essence of that passed legislation on privacy never got really reflected in the design of the bBill. So therefore, the Bill as it stood, or as a stance, splits the world into two universes. A private universe where the rigours of the Bill will apply in full force if it is passed by Parliament in its current form, and a government universe which is riddled with exemptions and exceptions and breakout clauses.”
He added, “So essentially, in my humble opinion as a lawyer and as a person who's litigated for three decades, I fundamentally think that the right to privacy or a fundamental right is first enforceable against the state. So therefore, if you have legislation, which essentially exempts government or has the ability to exempt government or lock stock and barrel, I don't think that would meet the test of constitutionality. That is the fundamental objection.”
On Section 35 and Section 12, Rama Vedashree, CEO of Data Security Council of India, said, “The first disclaimer, I have no visibility to the report that has been adopted by the new JPC and I have had an opportunity to quickly scan the dissent notes on Twitter by both the parliamentarians. So some of the fundamental principles of what we expect the Bill to be, I don't think they change at all. It is completely corroborates my stand in the Justice Srikrishna Committee and the report and also the evidence I had an opportunity to submit to the JPC chaired by Miss Lekhi. I think the Bill should definitely take care of two aspects - one, to make sure that privacy as a fundamental right is guaranteed to every citizen and resident in India and I do hope that all provisions of the Bill or the revised Bill, if that gets tabled in Parliament will meet this expectation.”
“Second, I think, as we grow the digital economy, the trust expectations of consumers and global customers that we service as IT industry providers in and from India, I think, this comprehensive data protection legislation and its enforcement through an independent autonomous DPA hopefully, should also ensure that. I think, it should meet these twin goals of guaranteeing and enforcing privacy as a fundamental right.”
She added, “I would be little surprised if there are blanket exemptions to any entity, private or public or government, which is processing personal and sensitive data. I think, any blanket exemptions in comprehensive privacy legislation, which is getting tabled in 2021 at the beginning of a new decade now would be counterproductive to enforcing privacy in this country.”
Watch accompanying video for more.
-With PTI inputs