The Chronicles of Personal Data Privacy Bill - Progressive Principles, Doubtful Enforcement

Data breach, end-to-end encryption, online safety, and web footsteps all are terms used day in and day out and are the most important topics in the global market today. The newspapers and the web have all been holding various opinions on personal data privacy and which data they are continuously discussing. To place it, in the tech-savvy world where everything is possible at the click of a screen, it becomes important to know what is happening to all the information one is giving out.

On social media platforms, everyone is posting pictures, sharing snippets of their lives, and giving out crucial information about life and banking to others. The online transfers and payment method has all the information of credit card stored in the form of an e-economy then how is it possible to stay safe?

Personal Data Privacy Bill

The Personal Data Privacy Bill as the name suggests is an attempt to rule and regulate the storage and use of the information which a person shares or uses online. The bill is aimed to address the growing concern of individuals regarding their personal information being misused or getting into the wrong hands online. The legislation in India created the Data Privacy Bill to regulate the process of collection, storage, and use of information of the individual by the organization or the government when one does an act on the web.

The need for such a law is that the rights and interests of the individual are taken into account since the web is a place open to all. The web is like an iceberg as much of it is visible to a layman’s eyes more than that is hidden and the layman is unaware of it. Therefore, the need for safety comes into being.

The bill’s main aim is to legislate the use of data of any player on the internet and prevent private players with Mens Rea to use them for their illegal activities. Therefore, it provides more power and control to the information owner than the third party or even the government. It creates a safety blanket for information like name, phone number, address, email id, bank details, and others to be safe from the eyes of the society at large and especially from the black looming shadows of anonymity on the internet.

The key ingredients of the Personal Data Privacy Bill of 2022 are that the bill is more legally binding and transparency has been set as the utmost unit. Further fair processing along with limits to data stored by the organization is a key concept incorporated. The accuracy of the information present and the accountability of its use is clearly listed along with the power of consent which the information giver has. Moreover, confidentiality and security, and usage of the least amount of data have both been held and act as the supreme constituent units in the bill itself.

The Progressive Principles

The Personal Data Privacy Bill is a progressive piece of work of legislation since it seeks to give in more control to the individual of the information and even provides the opportunity to decide whether they even wish to save their data on the internet or not.

The clear emphasis of the bill is to maintain the utmost transparency of one’s data in the sector. Along with it the accountability of the companies and government in case of any breach or mishappening is also the pillar that strengthens the bill. The consent of the individual who is providing the information is given a special place in the bill which makes it progressive in its very being.

Overall, the security which was the prime concern of all is given its due position in the bill and the right to access has been guaranteed by the bill. The right to safeguard sensitive information and have protection for the same is also a part of the part which makes it a progressive chronicle. One of the most important and pressing concerns of erasing web activity and the right to be forgotten by the company as a consumer which means the removal of all sensitive information on the individual from the database of the company and the removal of all kinds of virtual footsteps has also been placed under this bill. Adding on or correcting data on oneself in order to have an accurate and up-to-date profile is also taken into account along with the prevention of misuse of such data.

Impact of Technology in the 21st Century

With the coming up of modern technology and the n number of ways one can distort or steal data it is important to prevent stealing and using of data by others. In the technologically advanced twenty-first century not everyone is tech-savvy and major the population in India only knows the basics of using the web. The depths of the web are still under exploration and not everyone can safeguard themselves in times of need from something like anonymity on the internet. One cannot fight what one cannot see.

Therefore, the need for a data privacy bill in India along with the digital privacy law in India arose. The bill proposes the idea of putting a hefty fine on companies if they do not take reasonable and prudent safety measures to prevent a data breach of the personal and sensitive information of the individual. Due to this many companies took it upon themselves to provide the individual with consent as well as provided end-to-end encryption on their sites. If the bill turns into an act then the data related to individual’s health, their biometrics, affiliations and linkages, lifestyle, and financials would be safeguarded and no longer stored and processed by the organization themselves.

Viability of Personal Data Protection Bill in Today’s World

Personal data is sensitive and important to the person and when he/she shares it with another they do so with the faith that the other person or party will also deal with it in a safe manner and kept it secure. But when such data is shared online, it is usually done via a medium, and before the coming up of the act the medium which is the third party was able to utilize and even sell the data as per their own needs and interests. During this, the common folk had no choice but to either find another medium of sharing data or face the consequences if a data breach takes place.

The government also utilized the data as per their needs without asking for consent from the other parties however, with the coming up of the bill the personal data of the individual is subjected to restrictions and cannot be used as per the whims and fancies of the organization.

The present bill is inclined more toward personal data and its protection and security which can be understood by the hefty amounts of penalties imposed in cases of non-compliance by the organizations. Further, the relaxation of the cross-border flowing of data is critically both a matter of concern and one of admiration. The ease of flow helps reinstate the country into big tech countries but with it, the misuse of data overseas is easier and more feasible.

Is the Personal Data Protection Bill a challenge for Lawmakers?

The major challenge for the legislature is the enforcement of the Personal Data Privacy Bill since it is difficult to safeguard the individual on the web. The Internet is a big capsule with a lot of compartments but none are watertight therefore it is hard. The identity of members of the digital platforms is difficult to trace if they are highly equipped or using anonymous identities. In those situations, it takes days on end to get information about the place of the server. The measures are taken to enforce protective principles and the ones providing rights to erase, consent, and access all become secondary in cases where the web is the source.

The issues in the proposed bill range from giving execution the power of delegated legislation to the terminology of deemed consent that has been used in the bill. The composition of the board that the center will constitute for data protection is a major concern amongst bureaucrats and social thinkers. According to the proposed bill the government has been able to restrain a lot of power within its unit which exempts its agencies from all the provisions of the bill.

The need in the bill is for even more clarity and transparency rather than translucency. The exemption which the government has supplied to itself in most of the cases needs to be addressed and sensitive data needs added layers of security. Further finding the root cause of data breach and understanding how one can deal with these issues.

Most importantly the bill that is made and in the stage of implementation to protect privacy and provide safety to individuals is unable to protect the citizen against the discretionary powers of the government in the center which in itself is a major issue of concern.

Conclusion

The food for thought is that it is to date only a bill that is yet to become an act and even if it becomes an act, it will still have ample room for improvement since the world of technology is infinite and we have only begun to explore it. The safety of every person is supreme and the need is to protect them from the clutches of the dark web. The laws need to be strict and the legislation of those should be even stricter.

References

SISA MKTG1, Decoding the Salient Features of India’s Digital Personal Data Protection Bill (PDPB), 2022, SISA (2022), https://www.sisainfosec.com/blogs/decoding-the-salient-features-of-indias-digital-personal-data-protection-bill-2022/#:~:text=The%20DPDP%20Bill%2C%202022%20is
Digital Personal Data Protection Bill 2022, Drishti IAS, https://www.drishtiias.com/daily-updates/daily-news-analysis/digital-personal-data-protection-bill-2022
Digital Personal Data Protection Bill 2022 and its impact on India’s booming data Centre industry, Times of India Blog (2023), https://timesofindia.indiatimes.com/blogs/voices/digital-personal-data-protection-bill-2022-and-its-impact-on-indias-booming-data-centre-industry/.
Sarvesh Mathi, Twelve major concerns with India’s Data Protection Bill, 2022, MediaNama (2022), https://www.medianama.com/2022/11/223-twelve-major-issues-data-protection-bill-2022/.