Government Releases Draft of New Data Protection Bill: What You Need To Know The purpose of this Act is to provide for the processing of digital personal data in a manner that recognizes both the right of individuals to protect their personal data and the need to process personal data for lawful purposes
Opinions expressed by Entrepreneur contributors are their own.
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
Three months after the government withdrew the Digital Personal Data Protection Bill, the Centre has now come up with a new draft Bill seeking public views.
"The purpose of this Act is to provide for the processing of digital personal data in a manner that recognizes both the right of individuals to protect their personal data and the need to process personal data for lawful purposes, and for matters connected therewith or incidental thereto," read the draft.
The move is aimed at protecting digital personal data, seeks to allow transfer of data outside India, and provides for penalties regarding data breaches. "Personal data breach means any unauthorized processing of personal data or accidental disclosure, acquisition, sharing, use, alteration, destruction of or loss of access to personal data, that compromises the confidentiality, integrity or availability of personal data," the draft explained.
Announcing the move, Union minister for Railways, Communications, Electronics and Information Technology Ashwini Vaishnaw, tweeted, "Seeking your views on draft Digital Personal Data Protection Bill, 2022."
Seeking your views on draft Digital Personal Data Protection Bill, 2022.
— Ashwini Vaishnaw (@AshwiniVaishnaw) November 18, 2022
Link below: https://t.co/8KfrwBnoF0
The draft mandates penalties of up to INR 500 crore for non-compliance and making of a regulator. "If the Board determines at the conclusion of an inquiry that noncompliance by a person is significant, it may, after giving the person a reasonable opportunity of being heard, impose such a financial penalty as specified in Schedule 1, not exceeding rupees five hundred crore in each instance," the draft added.
Talking about legislation on data governance, Rajeev Chandrasekhar, minister of state for electronics and information technology had earlier said, "On the digital data protection side we will re approach the Parliament for the digital laws that would address the rights of the data principles, obligations and allow for the adjudication of data breaches in smooth and transparent manner."
"In the next two to three months new rules, laws and regulations will be rolled out and it will be subject to intense public consultation and stakeholder consultation. These new sets of laws and rules will be the enabling laws and guidelines for coming decades. If there are any contradictions in the existing legacy laws we will get those amended," Chandrasekhar had said in September, while speaking at the USIBC summit in Delhi.
