Wednesday, 17 June 2026

Data Protection Bill, 2019 in Cyber Security

 

Data Protection Bill, 2019 in Cyber Security 

 

Aims: To establish a legal framework for data protection in India, including standards for cross-border data transfers and remedies for unauthorized data processing.

Key features

The bill proposed the creation of a Data Protection Authority (DPA) to oversee data protection, and placed obligations on entities that collect personal data.

These obligations included:

·      Notifying individuals of data collection and obtaining their consent

·      Storing data securely and accurately

·      Using data only for the purposes stated in the notice

·      Deleting data once the purpose is served

·      Providing consumers with the right to access, erase, and port their data

·      Certain categories of data must be stored on servers located in India, although some data can be transferred abroad under conditions.

Right of Individuals:

Ø Right to Access: Users can access personal data held by entities.

Ø Right to Correction: Users can correct inaccurate data.

Ø Right to Data Portability: Transfer data from one service provider to another.

 

 

 

Criticisms

The bill was criticized for its proposed regulation of social media platforms and data localization requirements. Some also raised concerns that the bill would be difficult for businesses to operate under. The revised 2019 Bill was criticized by Justice B. N. Srikrishna also. He said that the government can at any time access private data or government agency data on grounds of sovereignty or public order. This has dangerous implications.

Withdrawal

The bill was withdrawn on August 3, 2022. The government's stated reason for withdrawing the bill was to focus on technology policy in a holistic manner. After receiving various recommendations and critiques, was eventually withdrawn and replaced by a new draft called the Digital Personal Data Protection Bill, 2023, which focuses more on digital personal data and introduces streamlined compliance mechanisms.

Penalties for Non-compliance: Heavy fines up to ₹15 crore (~USD 2 million) or 4% of the entity's global turnover for violations.

 

 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)