Centre withdraws Personal Data Protection Bill 2019

The Centre withdrew the Personal Data Protection Bill, 2019, on August 3 and will introduce a new Bill.

The reason for withdrawal stated by Ashwini Vaishnaw – The Ministry of Electronics and Information Technology Minister to the members of the Joint Parliamentary committee was that 81 amendments were suggested and 12 recommendations were made towards an exhaustive legal framework.

A comprehensive legal framework is being developed in light of the JCP report. As a result, in the circumstances, it is proposed to withdraw ‘The Personal Data Protection Bill, 2019 and present a new bill that is consistent with the overall legal framework.

Meity MoS Rajeev Chandrasekhar tweeted that the JCP report detected relevant issues but it was beyond the extent of modern privacy law. Privacy is a basic right of the citizens of India, and a trillion-dollar digital economy necessitates global standard cyber laws.

In 2018, an expert committee led by Justice BN Srikrishna drafted the Personal Data Protection Bill for the first time. The Centre introduced a Bill draught in the Lok Sabha in 2019, which was referred to the Joint Parliamentary Committee in December of that year. After six extensions, the report of the committee was tabled in Parliament in December 2021.

The most recent version of the bill covered both personal and non-personal data, which would be handled by a Data Protection Authority.

Many criticized the move to include non-personal data in Bill’s previous mandate, which was limited to personal data.

The Bill also merged issues by bringing in social media and non-personal data under its scope while simultaneously exempting the government from the Act’s purview, a move that drew an objection from seven ministers.

Privacy experts criticized the bill for favoring the government over protecting privacy, which the Supreme Court declared to be a fundamental right in 2017.

Amar Patnaik –  JPC committee member and Rajya Sabha MP who filed a dissent note, told Moneycontrol that he supports the withdrawal of the Bill in its current form and hopes that the revised bill takes their concerns into account.

According to Prasanth Sugathan, legal director at SFLC.in, the plan is unclear because the bill has been in the works for five years, but because the process is being restarted, it needs to be expedited. This should not, however, come at the expense of thorough consultations with all stakeholders. With the new economy already at a crossroads, we urgently require a legal framework for data protection.

According to Kazim Rizvi, Founding Director of The Dialogue, the withdrawal appears as an indication that the government has listened to concerns, and withdrawing the bill allows the development of comprehensive legislation that considers consumer rights as well as business interests.

This is also an excellent opportunity to investigate key issues such as the absence of independence of data protection authority, cross-border data restrictions, and state exemption. The new framework should encourage growth and innovation, assist the startup ecosystem, and facilitate ease of doing business while ascertaining citizens’ data rights are at the heart of the legislation, he said.