Data today is of the greatest essence in terms of business development, economical balance and to some extent political stability as well. Many researchers and think tank reports have suggested that “Data is the new Oil” indicating to every one of us, the value that this piece of asset has gained is irreplaceable. Now anything with a very high value needs advanced security methods to ensure prevention of theft and improper disclosure of it. In India, amidst the rising number of internet and social media users, the much-awaited Data Protection Bill was introduced in the parliament in December 2019.
India’s digital economy is expected to reach 1 trillion USD by 2022. India currently follows the General Data Protection Regulation guidelines (GDPR) introduced by the European Union. Currently under the IT act, no jail time is taken into consideration while prosecution due to improper disclosure of personal information, monetary damages done to the accused are extremely low. Due to the dynamic nature of this sector, Government has introduced the bill based on the GDPR guidelines.
Now the Data Protection Bill provides a lot of security and sustainability for the individual by specifying the flow and usage of personal data. It will also require many companies to change their respective business models, practices and principles due to added operational costs and complexity. It also imposes no locational storage/preferential access to data for protecting national interests and restricting the cross-border transfer of personal data. The current bill contains a specific code of conduct which has an airtight nature leaving no room for a getaway with a total fine of 5 crore rupees or 2% of the company. (whichever is the highest)
Accompanied by the wide array of solutions that this bill introduces, it also has certain loopholes that needs to be looked after. Primarily, section 28 of the Data protection Bill ensures the security of information and authentication of records of the individuals contradicting the decision that all the data collected by UIDAI under Aadhar linkage would be shared to the Income Tax and under respective authorities. Guidelines regarding data protection have been laid out by the concerned field experts instead of a joint panel of technical and subject-matter experts. Another worrying thing to consider in the Data Protection Bill is that there will be no jail time with the accused being to face only monetary damages. Possibly, the most disturbing things about the bill is the declaration of Data to be a national asset and its security and well-being, being entrusted in the Government, thereby increasing the possibility of converting the country into a surveillance state.
In order to counter these loopholes and problems, the bill is currently being analysed by a Joint Parliamentary Committee with suggestions and consultations from field area experts.
All these factors are extremely critical and thus require evaluation by lawmakers and field
area experts. Globally, the demand for data is on the rise, and securing the data of the largest democracy in the world is a challenge that needs to be endured by all of us.