Follow Us:
Tuesday, January 28, 2020

Aspects of data Bill differ from report of IT Ministry panel

The report states that India should maintain free flow of data, that sectoral entities are more appropriate regulators than an overarching authority, and that focus should be placed on implementation and enforcement instead of over-regulation.

Written by Karishma Mehrotra | New Delhi | Published: December 6, 2019 4:30:42 am
Personal Data Protection Bill, data protection bill, personal data protection bill cleared, what is data protection Bill, data security, IT Ministry, indian express The IT Ministry constituted four committees in February 2018 to research and propose AI frameworks, which were released on the ministry website on Wednesday.

A report from the IT Ministry’s Artificial Intelligence (AI) Committee tasked with recommending policy frameworks on “cyber security, safety, legal and ethical issues”, released the day the Cabinet approved the ministry’s Personal Data Protection Bill, contradicts foundational aspects of the Bill.

The report states that India should maintain free flow of data, that sectoral entities are more appropriate regulators than an overarching authority, and that focus should be placed on implementation and enforcement instead of over-regulation.

The IT Ministry constituted four committees in February 2018 to research and propose AI frameworks, which were released on the ministry website on Wednesday.

Answering a question in the Rajya Sabha on Thursday, IT Minister Ravi Shankar Prasad said the government had received the draft reports from the four committees and published them.

The above mentioned report states: “India has been one of the biggest beneficiaries of the global data flows being the world’s largest sourcing destination for the IT- BPM (Business Process Management) services… Limitations on the free and open flow of data can seriously hinder the ability of an economy to remain competitive in the modern globalised world. Therefore, in order to preserve the development taking place on AI technologies in India, it is vital the free flow of data and information be maintained in India.”

The Bill cleared by the Cabinet restricts sensitive personal data (such as financial and health data) and critical personal data (that the government defines from time to time) from being stored abroad. Sensitive personal data can only be processed (analysed) abroad with government approval, while critical data cannot be taken abroad at all.

While the report states that “oversight would be best provided via existing sector-specific entities” rather than “appointing an overarching entity”, the Bill calls for creation of a Data Protection Authority tasked with audits, assessments and oversight.

The report also states that “over-regulating data collection… could negatively impact the development of AI in the space”. It says: “Legislation alone is not enough unless supported by an adequate implementation ecosystem including an effective grievance redressal system and user awareness. Instead of a prescriptive approach which is weakly enforced, the framework should aim for a light touch outlook which is strongly enforced…”

The Bill placed before the Cabinet differs from a draft Bill by the Justice B N Srikrishna committee in that the panel had called for a copy or mirror of all personal data to be stored in the country. Personal data is any data from which an individual can be identified. Now, the Bill retains the localisation mandates for personal data that is also sensitive and critical data, not for all personal data.

For all the latest India News, download Indian Express App

0 Comment(s) *
* The moderation of comments is automated and not cleared manually by indianexpress.com.
Advertisement
Advertisement
Advertisement
Advertisement