Personal Data Protection Bill 2018: Industry experts hail recommendations, privacy advocates see red

We have not treated data as a matter of property. It is a matter of my trust in somebody I have entrusted to and he is answerable to it. I am the principal of my data that someone else is processing it so I should have the upper hand: Justice Srikrishna on #DataProtection Report pic.twitter.com/HO7wLZCIMA

— RSPrasad Office (@OfficeOfRSP) July 27, 2018

Reacting to the developments, while data protection advocates slammed the draft bill and said that it should not be allowed to pass in the Parliament, numerous industry experts welcomed the recommendations.

Also Read | Personal Data Protection Bill 2018 draft submitted by Justice Srikrishna Committee: Here is what it says

Vidur Gupta, partner, EY India said the data protection report will be a key step towards building the important base of ‘trusted’ digital India. “The proposed introduction of a Digital Protection Authority(DPA) as an independent regulatory body with wider powers would be quite beneficial in the enforcement of the data protection law,” he said.

PwC India’s Siddharth Vishwanath, hailing the draft, said,“The draft is on expected lines. It clearly addresses key tenants like individual rights over their data, data protection, breach notification. What is positive is that the penalties are structured in a manner to create adequate deterrence. It will clearly drive the industry to create a safer ecosystem in the data economy.”

Prashant Gupta, Partner, Grant Thornton India LLP said that the new recommendations are likely to cause a paradigm shift to bolster the Indian economy. “It is a bold step taken by the Government in the area of security and privacy. The committee’s recommendations may have a significant impact on the functioning of businesses and government bodies on the processing of personal data (PII) of individuals. As highlighted in the report, exemplary powers for Centre around PII of foreign nationals will also define the future business growth for different sectors in India,” Gupta added.

Pointing out loopholes in the draft, Amba Kak of Mozilla Corporation said, “This bill provides a strong foundation of protection for Indians’ privacy, but it is not without loopholes – in particular, the requirement to store a copy of all personal data within India, creating broad permissions for government use of data, and the independence of the regulator’s adjudicatory authority. We welcome the Government’s commitment to a public consultation process, which we hope will rectify the cracks in this foundation.”

Meanwhile, Nikhil Pawa, co-founder of savetheinternet.in and internet freedom in a sharp criticism said that the bill needs fixing. Pawa said, “All your data is expected to be mirrored in India. There doesn’t seem to be any surveillance reform in the bill. So, basically settings the stage for mass surveillance. That’s my initial reading.”

This is a weak data protection bill and it should NOT be allowed to be passed in Parliament. Justice Srikrishna has disappointed.

Above all, users are not being given ownership of their own data. @trai did better.

Users aren't being given right to erasure, only non disclosure

— Nikhil Pahwa (@nixxin) July 27, 2018