0

0

0

0

0

0

0

0

0

This article is more than 2 year old.

How India's data protection bill compares with California's

Mini

The Personal Data Protection Bill, 2019, which was tabled in the Lok Sabha on December 11, is currently being scrutinised by a joint parliamentary committee (JPC). Some serious concerns have been raised about the powers that it gives the government over the data of Indian citizens.

How India's data protection bill compares with California's
The Personal Data Protection Bill, 2019, which was tabled in the Lok Sabha on December 11, is currently being scrutinised by a joint parliamentary committee (JPC). Some serious concerns have been raised about the powers that it gives the government over the data of Indian citizens.
The most contentious part of the bill states: “All or any of the provisions of this Act shall not apply to any agency of the government in respect of processing of such personal data.”
It effectively gives the government a free hand over user data with hardly any checks and balances in place to protect users from any possible misuse of their private information.
Justice BN Srikrishna, the original architect of the first draft bill, has been unstinting in his criticism of the powers the bill in its current form gives to the government. “The government can at any time access private data or government agency data on grounds of sovereignty or public order. This has dangerous implications,” he told the Economic Times. “It will weaken the bill and turn India into an Orwellian State,” he added.
How does it compare to other data protection bills
Compared to the European Union’s General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), the Personal Data Protection Bill, 2019 appears to have some obvious flaws, with the sweeping government power being the most prominent one.
The Personal Data Protection Bill, 2019 has huge fines that go up to Rs 15 crore of 4 percent of an organization’s total global turnover. Further, violations can also lead to jail term. However, GDPR doesn’t have the provision for jailing offenders although it levies heavy fines.
Protections on data usage
Alastair Mactaggart, the architect of the CCPA wrote in the law’s proposal: “What this new law comes down to is giving consumers the right to take back control over their information from thousands of giant corporations. This is about power: the more a company knows about you, the more power it has to shape your daily life. That power is exercised on the spectrum ranging from the benign, such as showing you a shoe ad, to the consequential, like selecting your job, your housing, or helping to shape what candidate you support in an election.”
The CCPA essentially gives users control over their data. Websites can no longer hoard user data and sell it for profit. The law necessitated organisations to rewrite their software to comply with the new regulations. Notably, Microsoft dedicated 300 engineers full-time for 18 months to upgrade its systems and bring them in compliance with the new law.
The Indian law gives users the right to access a copy of their data, the right to deletion as well as the right to correction which is absent in the CCPA.
next story