The Departmentally Related Standing Committee on Information Technology has invited comments on the subject of "Isssues related to Paid News". Comments/Suggestions/Opinion/Views to be sent to: Additional Director (IT) Lok Sabha Secretariat, Room No. 156, Parliament House Annexe, New Delhi 110 001 Comments can also be sent by fax or e mail: Fax: 011 -2301 0756 | E mail: comit at sansad dot nic dot in Last date for sending in comments is: January 1, 2011
The Personal Data Protection Bill, 2019 was recently introduced in Parliament. The Bill has been referred to a Joint Parliamentary Committee for detailed examination, and the Committee is expected to submit its report by the last week of Budget Session, 2020. The Bill seeks to provide for the protection of personal data of individuals (known as data principals), and creates a framework for processing such personal data by other entities (known as data fiduciaries). It provides the data principal with certain rights with respect to their data, such as seeking correction, completion or transfer of their data to other fiduciaries. Similarly, it sets out certain obligations, and other transparency and accountability measures to be undertaken by the data fiduciary, such as instituting grievance redressal mechanisms to address complaints of individuals. Processing of personal data is exempted from the provisions of the Bill in certain cases, such as security of state, public order, or for prevention, investigation, or prosecution of any offence. The Bill also establishes a Data Protection Authority to ensure compliance with the provisions of the Bill and provide for further regulations.
As per the Statement of Objects and Reasons of the 2019 Bill, the provisions of the Bill are based on the recommendations of the report of the Expert Committee (Chair: Justice B. N. Srikrishna) which examined issues related to protection of personal data and proposed a Draft Personal Data Protection Bill, 2018.
In a previous blog, we provided a brief background to the 2019 Bill, explained why a Bill was brought for personal data protection and what are some of the key provisions of the Bill. In this blog, we look at how the 2019 Bill differs from the 2018 Draft Bill.
Table 1: Comparison of the provisions of the 2018 Draft Bill with the 2019 Bill
Provision |
Draft Personal Data Protection Bill, 2018 |
Personal Data Protection Bill, 2019 |
Definition of personal data |
|
|
Sensitive personal data |
|
|
Rights of individual (data principal) |
|
|
Non-consensual processing of personal data |
|
|
Social media intermediaries |
|
|
Exemptions for the government for processing of personal data |
|
|
Exemptions for manual processing by small entities |
|
|
Transfer of personal data outside country |
|
|
Composition of Data Protection Authority of India |
|
|
Offences and penalties |
|
|
Non-personal and anonymised personal data |
|
|
Sources: The Draft Personal Data Protection Bill, 2018; The Personal Data Protection Bill, 2019; PRS.