With about 900 million Internet users, India’s digital penetration is expected to reach its peak by 2025. In the digital penetration scenario, it has become very important that data generated is collected, organized, and processed with high confidentiality in the country itself.
After three years of public deliberations, the Modi government has finally withdrawn the Personal Data Protection Bill 2019 on Wednesday. The Minister of Electronics and Information Technology (MeitY) Ashwini Vaishnaw in a withdrawing statement said, “Considering the report of the Joint Parliamentary Committee, a comprehensive legal framework is being worked upon. Hence, in the circumstances, it is proposed to withdraw the Personal Data Protection Bill, 2019, and present a new bill that fits into the comprehensive legal framework”.
He further informed the parliament that the JPC has proposed 81 amendments and 12 recommendations for the comprehensive legal framework in India’s digital ecosystem.
The Data Protection Bill aimed to ensure the data sovereignty of India
The Personal Data Protection Bill, 2019 aimed to ensure informational privacy as part of the Right to Privacy. As most of the BigTech companies store India’s data abroad, the bill required all fiduciaries to store a copy of all personal data in India.
The bill trifurcated Indian data into three seperate categories. It also mandated big-tech companies to create infrastructure for the storage according to the nature of the data. The trifurcated nature of data is – Personal Data, Sensitive Personal Data, and Critical Personal Data.
Personal data are those which help in identifying individual identities like name and address. Sensitive personal data are inscribed with information related to the finance, health, sexual orientation, biometrics, genetics, caste, religious belief, and others. The critical personal data has not been defined, but the data that has some effect on national security seems to be the critical data.
Further, the bill aimed to create the Data Protection Authority of India, which aimed to be an independent regulator like SEBI and TRAI. The Data Protection Authority had been mandated to prevent any misuse of personal data, ensure compliance with the provisions of the Act, and promote awareness of data protection.
The Personal Data Protection Bill also seeked to establish a data protection fund and an Appellate Tribunal which would hear and dispose the appeals from an order passed by the Authority.
Also read: Amazon’s 100 million customers’ data hacked: What should India learn from it
The scourge of BigTech
Earlier in 2019, Reliance Chairman Mukesh Ambani explained the importance of data sovereignty had said, “in this new world, data is the new oil. And data is a new wealth. India’s data must be controlled and owned by the Indian people and not by corporates, especially global corporations”.
It is imperative to understand that, in a new business model, the data of individuals are being traded in billions of dollars. Data privacy has effectively become a joke.
Most of the BigTech multinational companies like Google, Amazon, Meta, Apple, and Microsoft are from the United States. These companies operate around the globe and store the world’s data in their home country America. The individual data is being processed by these BigTech companies in business, profession, research, education, media, development, science, and other security-related works.
Considering the extensive usage, data has effectively become fuel of the modern world. In every sector, data is the primary source of business planning. If the BigTech companies are allowed to become the sovereign patron of individual data, then they will effectively become the government of the world.
In the fast-developing digital world, India is not in a position to take a step back from globalization and cut its relations with the BigTech companies. So India needs to form a legal framework for keeping the data of its citizens secure and protected, and lead the country toward data-driven innovation and entrepreneurship.
Also read: #UberFilesLeaks: India is ready to end the Big Tech’s dirty trade
The Battle of Data Sovereignty
The key challenge for India would be to form a multi-layered data protection infrastructure to secure its safety. The Personal Data Protection Bill was aimed to provide statutory effectiveness to the intended goal.
However, American BigTech companies are lobbying hard to derail the government’s plan to ensure data protection of Indians. They fear that the data localisation provision would bring their BigBoss behaviour down. It will also be a huge burden on the company’s budget as they would be forced to create data storage infrastructure here in India.
It seems that they have penetrated the Joint Parliamentary Committee and are forcing the government to amend the Personal Data Protection Bill. Like the three farms laws, the government has once again bowed down to foreign pressure.
These successive withdrawals of laws and bills will weaken India’s growth trajectory. The timely implementation of the law is the key to good governance. The government should not be influenced by such pressure and decisions should be taken on the basis of merit.
Without bowing to American BigTech pressure, a new bill should be drafted to assimilate the principles of technologically flexible, holistic application, informed consent, controller accountability, and most importantly structured enforcement mechanism of data protection. A sovereign government must ensure the sovereignty of the Indian data.
Support TFI:
Support us to strengthen the ‘Right’ ideology of cultural nationalism by purchasing the best quality garments from TFI-STORE.COM