Issue of privacy and Personal Data Protection Bill 2019

ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 26th June. Click Here for more information.

Synopsis– Present data-based technological development and Personal Data Protection Bill 2019 presents a unique challenge to the privacy of individuals.  

Introduction Personal Data Protection Bill 2019   –

By Puttaswamy v India (2017) case, privacy was established as a fundamental right. In other cases, MP Sharma v. Satish Chandra (1954) and Kharak Singh v. Uttar Pradesh (1962), as well, Privacy rights were upheld by SC.  

However, the development of global technology and implementation of the Aadhaar biometric programme in India have diluted the effect of these rulings. Now there is an urgent need to take a new look at the legal position of privacy in India. 

As depicted by Aadhaar based technology and global social media platforms, data has become a new oil i.e., it has become a tool for economic and political gain. It created a stream of data protection legislations, globally. India is also trying to join the league by Personal Data Protection Bill 2019 (DPB).   

In India, the Personal Data Protection Bill 2019 (DPB) is currently under consideration by a parliamentary committee. There are various issues in this bill that go against the privacy rights of individuals. 

Commercial and Political consequences of the Data Protection Bill (DPB): 

Data Collection related issues  

  • First- Bill will negatively impact the emerging technologies market of India dealing in creation, use, and sale of data that is valued at $1 trillion by 2025.  
  • Second- The bill requires digital firms who want to operate in India to obtain permission from users before collecting their data.  
  • Third– Bill also declares that users who provide data are, in effect, the owners of their own data and may control its usage or request firms to delete it.  
      • European internet-users are able to exercise a “right to be forgotten” and have evidence of their online presence removed. 
  • Fourth– The bill allows the government to use “critical” or “sensitive” personal data, related to information such as religion, to protect national interest. 
  • Fifth– Open-ended access to government could lead to misuse of data. Mr. B N Srikrishna, the chairmen of the drafting committee of the original bill, warned that government-access exemptions risk creating an “Orwellian state”.

Issues related to Establishment of Data Protection Authority (DPA)  

  • Bill aims to establish a Data Protection Authority (DPA), which will be charged with managing data collected by the Aadhaar programme. 
      • Authority will consist of chairperson and six committee members,  
      • Members will be appointed by the central government on the recommendation of a selection committee.
      • Members will be selected from senior civil servants, including the Cabinet Secretary. 
  • The government’s power to appoint and remove members at its discretion provides it an ability to influence the independence of agency.
  • Unlike similar institutions, such as the Reserve Bank of India or the Securities and Exchange Board, the DPA will not have an independent expert or member of the judiciary on its governing committee.
  • The UIDAI, for its part, has a chairperson appointed by the central government and reporting directly to the Centre.

Issues related to government use of data for surveillance

There are instances that suggest, India is acquiring some features of a surveillance state

  • As stated by the Union Home minister recently, police used facial recognition technology to identify people after the anti-CAA protests and the Delhi riots. 
  • There is a high possibility that police was matching the video offstage with the database of Election Commission and e-Vahan, a pan-India database of vehicle registration.

Issue related to safety of data 

There are instances of controversy where government has shown casual approach towards data safety and privacy of its citizens:  

  • First, Safety concerns were raised during aadhaar data collection, which stores biometric data in the form of iris and fingerprints which is a violation of right to privacy.  
  • Second instance was of Aarogya Setu contact-tracing app which was allegedly not able to protect the data provided by citizens.  

Way Forward 

  • The Data Protection Bill is a unique opportunity for India, a country with some 740 million internet users.  It would be a standard setter for privacy of individuals. 
  • Inclusive debate needs to take place in the Joint Parliament Committee and then in Parliament to examine the Data Protection Bill and promote transparency.
Print Friendly and PDF