Applications for the LAMP Fellowship 2025-26 will open soon. Sign up here to be notified when the dates are announced.
The Arms (Amendment) Bill, 2019 was introduced in Lok Sabha recently and is scheduled to be passed in this Winter Session. The Bill amends the Arms Act, 1959 which deals with the regulation of arms in India. The Act defines arms to include firearms, swords, and anti-aircraft missiles. The Statement of Objects and Reasons of the Bill noted that law enforcement agencies have indicated a growing connection between the possession of illegal firearms and criminal activities. In this context, the Bill seeks to reduce the number of firearms allowed per person, and increases punishments for certain offences under the Act. The Bill also introduces new categories of offences. In this post, we explain key provisions of the Bill.
How many firearms are allowed per person?
The Arms Act, 1959 allows a person to have three licenced firearms. The Bill proposes to reduce this to one firearm per person. This would also include any firearms that may have been given as inheritance or as an heirloom. Excess firearms must be deposited at the nearest police station or licensed arms dealer within one year of the passing of the Bill. The Bill also extends the duration of a licence from three years to five years.
Note that in 2017, 63,219 firearms were seized from across India under the Arms Act, 1959. Out of these, only 3,525 (5.5%) were licenced firearms. Further, 36,292 cases involving firearms were registered under the Act in 2017, of which only 419 (1.1%) cases involved licenced firearms. [1] This trend persisted even at the level of specific crimes, where only 8.5% of the murders committed using firearms involved licenced firearms. [2]
What changes are being made to existing offences?
Presently, the Act bans manufacture, sale, use, transfer, conversion, testing or proofing of firearms without license. The Bill additionally prohibits obtaining or procuring un-licensed firearms, and the conversion of one category of firearms to another without a license. The latter includes any modifications done to enhance the performance of a firearm.
The Bill also proposes increased punishments for several existing offences. For example, the Act specifies the punishment for: (i) dealing in un-licensed firearms, including their manufacture, procurement, sale, transfer, conversion, (ii) the shortening or conversion of a firearm without a licence, and (iii) import or export of banned firearms. The punishment for these offences currently is between three years and seven years, along with a fine. The Bill increases the minimum punishment to seven years and the maximum to life imprisonment.
The Act also punishes dealing in prohibited firearms (such as automatic and semi-automatic assault rifles) without a license, with imprisonment between seven years and life imprisonment, along with fine. The Bill increases the minimum punishment from seven years to 10 years. Additionally, the punishment for cases in which the usage of prohibited arms results in the death of a person has been revised. The punishment has been updated from the existing punishment of death penalty to allow for death penalty or life imprisonment, along with a fine.
Are there any new offences being introduced?
The Bill adds certain news offences. For example, forcefully taking a firearm from police or armed forces has been made a crime under the Bill. The punishment for doing so is imprisonment between 10 years and life imprisonment, along with a fine. Additionally, the Bill punishes the negligent use of firearms, such as celebratory gunfire during weddings or religious ceremonies which endanger human life or personal safety of others. The proposed punishment in this case is imprisonment of up to two years, or a fine of up to one lakh rupees, or both.
The Bill also adds a definition of ‘illicit trafficking’. It is defined to include the trade, acquisition, sale of firearms or ammunitions into or out of India where the firearms are either not marked as per the Act or violate the provisions of the Act. The Bill makes illicit trafficking punishable with imprisonment between 10 years and life, along with a fine.
Does the Bill address issues of organised crime?
The Bill also introduces a definition of ‘organised crime’. ‘Organised crime’ has been defined as continued unlawful activity by a person, either as a member of a syndicate or on its behalf, by using unlawful means, such as violence or coercion, to gain economic or other benefits. An organised crime syndicate refers to two or more persons committing organised crime.
The Bill introduces harsher punishments for members of an organised crime syndicate. For example, for the possession of an unlicensed firearm, the minimum term for an individual would be seven years, extendable to life imprisonment and liable to a fine. However, the possession of unlicensed firearms by a member of a syndicate will be punishable with imprisonment between 10 years and life, along with a fine. This increased punishment also applies to non-members contravening provisions of the Act on behalf of a syndicate.
[1] Crime in India 2017, National Crime Records Bureau, October 21, 2019, http://ncrb.gov.in/StatPublications/CII/CII2017/pdfs/CII2017-Full.pdf.
[2] Crime in India 2016, National Crime Records Bureau, October 10, 2017, http://ncrb.gov.in/StatPublications/CII/CII2016/pdfs/NEWPDFs/Crime%20in%20India%20-%202016%20Complete%20PDF%20291117.pdf.
Recently, the Personal Data Protection Bill, 2019 was introduced in Parliament. The Bill has been referred to a Joint Parliamentary Committee for detailed examination, and the report is expected by the Budget Session, 2020. The Bill seeks to provide for protection of personal data of individuals, create a framework for processing such personal data, and establishes a Data Protection Authority for the purpose. In this blog, we provide a background to the 2019 Bill, and explain some of its key provisions.
What is personal data and data protection?
Data can be broadly classified into two types: personal and non-personal data. Personal data pertains to characteristics, traits or attributes of identity, which can be used to identify an individual. Non-personal data includes aggregated data through which individuals cannot be identified. For example, while an individual’s own location would constitute personal data; information derived from multiple drivers’ location, which is often used to analyse traffic flow, is non-personal data. Data protection refers to policies and procedures seeking to minimise intrusion into the privacy of an individual caused by collection and usage of their personal data.
Why was a Bill brought for personal data protection?
In August 2017, the Supreme Court held that privacy is a fundamental right, flowing from the right to life and personal liberty under Article 21 of the Constitution. The Court also observed that privacy of personal data and facts is an essential aspect of the right to privacy. In July 2017, a Committee of Experts, chaired by Justice B. N. Srikrishna, was set up to examine various issues related to data protection in India. The Committee submitted its report, along with a Draft Personal Data Protection Bill, 2018 to the Ministry of Electronics and Information Technology in July 2018. The Statement of Objects and Reasons of the Personal Data Protection Bill, 2019 states that the Bill is based on the recommendations of the report of the Expert Committee and the suggestions received from various stakeholders.
How is personal data regulated currently?
Currently, the usage and transfer of personal data of citizens is regulated by the Information Technology (IT) Rules, 2011, under the IT Act, 2000. The rules hold the companies using the data liable for compensating the individual, in case of any negligence in maintaining security standards while dealing with the data. The Expert Committee in its report, held that while the IT rules were a novel attempt at data protection at the time they were introduced, the pace of development of digital economy has shown its shortcomings.3 For instance, (i) the definition of sensitive personal data under the rules is narrow, and (ii) some of the provisions can be overridden by a contract. Further, the IT Act applies only to companies, not to the government.
What does the Personal Data Protection Bill provide?
The Bill regulates personal data related to individuals, and the processing, collection and storage of such data. Under the Bill, a data principal is an individual whose personal data is being processed. The entity or individual who decides the means and purposes of data processing is known as data fiduciary. The Bill governs the processing of personal data by both government and companies incorporated in India. It also governs foreign companies, if they deal with personal data of individuals in India.
Will individuals have rights over their data?
The Bill provides the data principal with certain rights with respect to their personal data. These include seeking confirmation on whether their personal data has been processed, seeking correction, completion or erasure of their data, seeking transfer of data to other fiduciaries, and restricting continuing disclosure of their personal data, if it is no longer necessary or if consent is withdrawn. Any processing of personal data can be done only on the basis of consent given by data principal.
Are there any restrictions on processing of an individual’s data?
The Bill also provides for certain obligations of data fiduciaries with respect to processing of personal data. Such processing should be subject to certain purpose, collection and storage limitations. For instance, personal data can be processed only for specific, clear and lawful purpose. Additionally, all data fiduciaries must undertake certain transparency and accountability measures such as implementing security safeguards and instituting grievance redressal mechanisms to address complaints of individuals. Certain fiduciaries would be notified as significant data fiduciaries (based on certain criteria such as volume of data processed and turnover of fiduciary). These fiduciaries must undertake additional accountability measures such as conducting a data protection impact assessment before conducting any processing of large scale sensitive personal data (includes financial data, biometric data, caste, religious or political beliefs).
What is the grievance redressal mechanism if the above restrictions are not followed?
To ensure compliance with the provisions of the Bill, and provide for further regulations with respect to processing of personal data of individuals, the Bill sets up a Data Protection Authority. The Authority will be comprised of members with expertise in fields such as data protection and information technology. Any individual, who is not satisfied with the grievance redressal by the data fiduciary can file a complaint to the Authority. Orders of the Authority can be appealed to an Appellate Tribunal. Appeals from the Tribunal will go to the Supreme Court.
Are there any exemptions to these safeguards for processing of personal data?
Processing of personal data is exempt from the provisions of the Bill in some cases. For example, the central government can exempt any of its agencies in the interest of security of state, public order, sovereignty and integrity of India, and friendly relations with foreign states. Processing of personal data is also exempted from provisions of the Bill for certain other purposes such as prevention, investigation, or prosecution of any offence, or research and journalistic purposes. Further, personal data of individuals can be processed without their consent in certain circumstances such as: (i) if required by the State for providing benefits to the individual, (ii) legal proceedings, (iii) to respond to a medical emergency.
Is the Bill different from the draft Bill suggested by the Expert Committee?
The Bill has made several changes from the draft Bill. For instance, the Bill has added a new class of significant data fiduciaries, as social media intermediaries. These will include intermediaries (with users above a notified threshold) which enable online interaction between users. Further, the Bill has expanded the scope of exemptions for the government, and additionally provided that the government may direct data fiduciaries to provide it with any non-personal or anonymised data for better targeting of services.
In a follow-up blog, we will provide a detailed comparison of the key provisions of this Bill with the Draft Personal Data Protection Bill 2018, released by the Justice B. N. Srikrishna Committee.
