Data Privacy Legislation in India, New Developments

August 22, 2022 | 4 minutes read
Data Privacy Legislation in India, New Developments

On Wednesday, August 4, 2022, the Indian government announced that they were withdrawing the Personal Data Protection Bill, 2019, despite the fact that many government officials within the nation had anticipated the law being passed after it was first introduced several years ago in 2019. The reasons for this withdrawal have to do with a larger conversation that is being had in the country of India as it pertains to personal data privacy protection, particularly as it relates to major technology companies and social media platforms such as Meta, Twitter, and Google, among others. With this being the case, the Indian government has raised issues with the manner in which these companies had been interacting with the general public within their country.

Twitter in India

For reference, Twitter announced that they were suing the Indian government in July of 2022 in response to numerous bans that the said government had imposed against the social media platform in the past 2 years. To this point, while the Personal Data Protection Bill was intended to regulate the ways in which tech companies could collect, process, retain, transfer, and disclose the personal information of Indian citizens, there are several other laws that have also been enacted in India on a similar basis. For instance, the Indian government also passed a new set of IT rules in August of 2021, which essentially mandated that major companies that had a significant online presence within the country appoint officials that could serve to address concerns that the government had directly.

Likewise, prior to the passage of India’s new IT rules in August of 2021, the national government had also ordered Twitter to block as many as 500 accounts belonging to Indian residents in February of the same year, as government officials within the country felt that Twitter was being used to stir up political tensions within the nation. While this small exchange only involved a sliver of India’s estimated Twitter population of 75 million users, the underlying issues that prompted such actions in the first place directly impacted the Indian government’s decision to withdraw the proposed Personal Data Protection Bill, 2019 several weeks ago.

Government surveillance vs. privacy

On the other side of the spectrum, in addition to regulating the data collection practices of major tech and social media companies, India’s proposed Personal Data Protection Bill, 2019 also granted the Indian government several exemptions from the law. More specifically, “Manish Tewari, an opposition politician from the Indian National Congress party, said the bill created “two parallel universes — one for the private sector, where it would apply with full rigor, and one for the government, where it is riddled with exemptions.” To this end, many privacy advocates, both inside and outside of the country of India, feared that the enactment of this bill would effectively allow the Indian government to censor free speech, while simultaneously retaining the personal data of Indian citizens at their sole discretion.

The Indian government’s response

In terms of the line of reasoning that the Indian government relied upon when making the decision to withdraw the Personal Data Protection Bill, 2019, it has been reported that government officials felt as though the law had essentially become too complicated and convoluted, as 81 amendments had been proposed to a bill that only contained 99 sections. In addition to this, there are also government officials within the country that felt as though the scope and applicability of the law were limited, as many of said officials contended that data processing should take place locally in India, as opposed to in another country. What’s more, there were also concerns about the ways in which the law would have affected the ability of Indian citizens to utilize their credit and debit cards, as “the country’s central bank last year ordered all companies to purge debit and credit card details beginning in 2022 to protect customers from being charged against their will.”

The withdrawal of India’s Personal Data Protection Bill, 2019 was an intriguing development on a number of different levels, as it is very rare to see a major nation such as India effectively nix a law that has gained so much traction in recent years, especially at it concerns data collection and processing regulations. Subsequently, the myriad of factors that have influenced the enactment of data protection legislation within India has proven too volatile to overcome in the short term, as the Indian government will likely spend the next few years deliberating on which provisions of the law should be added, changed, amended, etc. Nonetheless, the goal of any personal protection law should be to safeguard the personal data of everyday citizens, irrespective of any political agendas or financial interests that may be present.

Related Reads

Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy
September 06, 2023 | 4 minutes read
Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy

Body-worn cameras are an essential piece of equipment for law enforcement officers and the redaction of faces from BWC footage is necessary to protect the privacy of individuals.

Learn More »
Sensitive Information, Protected: Patient Privacy, HIPAA, And You
August 30, 2023 | 4 minutes read
Sensitive Information, Protected: Patient Privacy, HIPAA, And You

HIPAA compliance ensures patient privacy. Often making the consequences of non-compliance severe, so how do you avoid that?

Learn More »
Protecting Privacy in the Healthcare Field: PII, PHI & PCI
July 12, 2023 | 5 minutes read
Protecting Privacy in the Healthcare Field: PII, PHI & PCI

Healthcare professionals handle a wide range of sensitive data that is crucial for delivering quality care. But protecting that data is getting harder.

Learn More »
FISA Section 702, Is The US Government Monitoring You?
June 26, 2023 | 6 minutes read
FISA Section 702, Is The US Government Monitoring You?

Is there a give-and-take relationship that must be accepted when it comes to keeping the country safe? Should U.S. persons be okay with the incidental collection of their conversations in the name of national security under FISA Section 702? Even when it violates their constitutional rights? Well, that’s up to Congress to decide.

Learn More »
The Gap You Won’t Want to Close: Air-Gapped Systems
June 05, 2023 | 6 minutes read
The Gap You Won’t Want to Close: Air-Gapped Systems

An air-gapped system is a computer, or network that is physically isolated from any external connections and networks which includes the Internet. It operates in total isolation with neither wired nor wireless connections to other devices.

Learn More »
Using Redaction for Privacy Maintenance as An Investigator
May 31, 2023 | 5 minutes read
Using Redaction for Privacy Maintenance as An Investigator

These oaths emphasize upholding the law, serving the public, and protecting the rights of individuals. One of these many rights is privacy. An investigator must adhere to the legal and ethical guidelines within the jurisdiction and perform their investigation within those specifically set boundaries.

Learn More »