Editorial of the Day: The Dangers in the Digital Personal Data Protection Bill (The Hindu)

Context: The article is discussing the introduction of the Digital Personal Data Protection (DPDP) Bill in the Indian Parliament. The bill aims to address issues related to the protection of personal data in the digital realm and has raised concerns among the Opposition members and concerned citizens due to the lack of transparency in its drafting process. Furthermore, in November 2022, the Ministry of Electronics and Information Technology (MeitY) publicly circulated a draft of the DPDP Bill for consultation. However, the draft was criticized for its problems, and there were concerns that MeitY primarily consulted industry and big tech companies, rather than considering suggestions from campaigns and concerned citizens who may be impacted by the law. This has led to apprehensions that the final law might empower the executive to draft rules and notifications that could restrict citizens’ right to seek personal information. In summary, the article is discussing the controversies and concerns surrounding the Digital Personal Data Protection (DPDP) Bill in India, particularly regarding its lack of transparency, potential impacts on citizens’ rights, and the involvement of industry and big tech companies in its drafting process.

Background

About the Digital Data Protection Bill

• The Bill seeks to establish a comprehensive legal framework governing digital personal data protection in India.
• It aims to provide for processing of digital personal data in a manner that recognizes both the right of individuals to protect their personal data and the need to process it for lawful purposes.

Understanding the Data Protection Bill

Decoding the Editorial

Data Protection Bill amending the RTI:

• The Data Protection Bill of 2022 includes a provision that seeks to amend the Right to Information (RTI) Act in India.
• The RTI Act has been essential in empowering Indian citizens by providing them access to information since its enactment in 2005.
• The author argues that this access to information is crucial for holding governments accountable in a democracy and is especially beneficial for the poor and marginalised sections of society.
• The author also mentions specific instances where the disclosure of personal data has been deemed necessary for public scrutiny and transparency.
  • For example, the Supreme Court of India has ruled that citizens have the right to know the names of wilful defaulters and details of Non-Performing Assets (NPAs) of public sector banks.
• Additionally, democracies routinely disclose voters’ lists with personal data to prevent electoral fraud.
• Furthermore, the use of the RTI Act has shown that access to relevant and granular information is essential for citizens, especially those who rely on government schemes and welfare programs.
  • For instance, in the case of the Public Distribution System (PDS), putting details of ration card holders and records of ration shops in the public domain enables social audits and public scrutiny to ensure the proper functioning of the system.

Threat to transparency, accountability:

• Proposed Amendment to the RTI Act:
  • The DPDP Bill of 2022 includes proposals to amend Section 8(1)(j) of the Right to Information (RTI) Act.
  • The RTI Act currently provides exemptions to the disclosure of personal information if it has no relationship to public activity or public interest, or if its disclosure would cause an unwarranted invasion of privacy, provided there is no larger public interest that justifies disclosure.
  • However, the DPDP Bill seeks to expand the scope of this exemption and exempt all personal information from disclosure.
  • This is viewed as a threat to transparency and accountability in the country.
• Discretionary Powers of the Government:
  • The DPDP Bill 2022 is seen as giving wide discretionary powers to the government, particularly the executive, in drafting rules and issuing notifications on a vast range of issues related to data protection.
  • The concern is that this may lead to the government arbitrarily exempting certain entities, including government bodies like the Unique Identification Authority of India (UIDAI) and its cronies, from the provisions of the law.
  • Such exemptions could result in violations of citizens’ privacy.
  • On the other hand, non-governmental organizations, research organizations, associations of persons, and opposition parties that are not included in the government’s exemptions would have to comply with stringent data fiduciary obligations.
• Objective of Data Protection Law:
  • The primary objective of any data protection law is to prevent the misuse of personal data, including for financial fraud.
  • However, in order to achieve this objective, it is crucial that the government’s discretionary powers are limited, and the law ensures transparency, accountability, and protection of citizens’ privacy.

Lack of Autonomy:

• Lack of Autonomy in Oversight Body:
  • The article highlights concerns about the lack of autonomy of the Data Protection Board, which is responsible for enforcing the provisions of the Data Personal Data Protection (DPDP) Bill.
  • The board’s composition, strength, and the process of selecting and removing its chairperson and members are all determined by the central government.
  • This lack of independence raises fears that the board could be under the direct control of the government.
• Potential Misuse of the Data Protection Board:
  • With the board being entirely government-controlled and having the power to impose significant fines (up to ₹500 crore), there are apprehensions that it could be misused by the executive to target political opposition and individuals critical of government policies.
  • This situation is likened to a “caged parrot,” where the board may not act independently and may serve the government’s interests rather than genuinely protecting citizens’ data and privacy rights.
• Urgent Need for Addressing Concerns:
  • The article emphasizes the urgency of addressing the mentioned concerns before the DPDP Bill is enacted into law.
  • The lack of debate or discussion in Parliament raises concerns that citizens may end up with a law that empowers the central government and compromises their democratic right to seek information and hold those in power accountable.

Sharing is caring!