scorecardresearch
Tuesday, Jan 31, 2023
Advertisement
Premium

Explained: How India’s data protection Bill compares with EU regulation

The JCP recommendations on the Personal Data Protection Bill are in some aspects very similar to global standards such as European Union's General Data Protection Regulation, but differs in aspects such as jail terms. Take a look

India's Joint Committee of Parliament has made 99 recommendations to the Bill.

The JCP recommendations on the Personal Data Protection Bill are in some aspects very similar to global standards such as European Union’s General Data Protection Regulation, but differs in aspects such as jail terms. Take a look:

The similarities between EU’s General Data Protection Regulation and JCP recommendations on Data Protection Bill:

* Consent

EU: Users must have informed consent about the way their data is processed so that they can opt in or out.

Subscriber Only Stories
Delhi Confidential: Attorney, always
Gender gap in undergraduate programmes widens, gains of last few years lo...
Budget signal from states for FM: Capital spending gets boost
In a remote mountain village in Tamil Nadu, doctors are just a click away

India: Processing of data should be done in a fair and transparent manner, while also ensuring privacy

* Breach

EU: Supervisory authority must be notified of a breach within 72 hours of the leak so that users can take steps to protect information

India: Data Protection Authority must be informed within 72 hours; DPA will decide whether users need to be informed and steps to be taken

* Transition period

EU: Two-year transition period for provisions of GDPR to be put in place

Advertisement

India: 24 months overall; 9 months for registration of data fiduciaries, 6 months for DPA to start

* Data fiduciary

EU: Data fiduciary is any natural or legal person, public authority, agency or body that determines purpose and means of data processing

India: Similar suggestions; additionally, NGOs which also process data to be included as fiduciaries

Advertisement

Difference between EU’s regulation and JCP recommendations:

* Anonymous information

EU: Principles of data protection do not apply to anonymous information since it is impossible to tell one from another

India: Non-personal data must come under the ambit of data protection law such as non-personal data

* Punishment

EU: No jail terms. Fines up to 20 million euros, or in the case of an undertaking, up to 4 % of their total global turnover of the preceding fiscal year

India: Jail term of up to 3 years, fine of Rs 2 lakh or both if de-identified data is re-identified by any person.

Advertisement

Newsletter | Click to get the day’s best explainers in your inbox

First published on: 18-12-2021 at 09:14 IST
Next Story

What are whiteheads and how can you keep them at bay? (Special remedies inside)

Latest Comment
Post Comment
Read Comments
Advertisement
Advertisement
Advertisement
Advertisement
close