The Indian government has withdrawn its long-awaited personal data protection bill, which has drawn scrutiny from several privacy advocates and tech giants who fear the legislation could limit how they manage sensitive information while giving the government access to it broad powers.
The move came as a surprise, as lawmakers recently said the bill, unveiled in 2019, could see “dawn” soon. India’s junior IT minister Rajeev said New Delhi had received dozens of amendments and recommendations from a parliamentary panel, including lawmakers from Prime Minister Narendra Modi’s ruling party, “identifying many relevant but beyond Issues with the Scope of Modern Digital Privacy Laws” Chandrasekhar.
He added that the government would now develop a “comprehensive legal framework” and introduce a new bill.
The Personal Data Protection Act aims to empower Indian citizens with rights related to their data. India, the world’s second-largest internet market, has seen an explosion in personal data over the past decade as hundreds of citizens go online for the first time and start using numerous apps. But there has been uncertainty about how much power individuals, private companies and government agencies have over it.
“The Personal Data Protection Bill 2019 has been considered in detail by a joint parliamentary committee, with 81 amendments and 12 recommendations on a comprehensive legal framework for the digital ecosystem. Taking into account the JCP report, a comprehensive law is being developed Framework. Therefore, in this case, it is recommended to withdraw. Personal Data Protection Act 2019 and propose a new bill that complies with the comprehensive legal framework,” India’s IT minister Ashwini Vaishnaw said in a written statement on Wednesday.
The bill has drawn criticism from many industry stakeholders. The Internet Freedom Foundation, a New Delhi-based privacy advocacy group, said the bill “provides substantial exemptions for government departments, prioritizes the interests of large corporations, and does not adequately respect your fundamental right to privacy.”
Meta, Google and Amazon are some of those companies expressed concern Regarding some of the recommendations made by the Joint Parliamentary Committee on the proposed Bill.
The bill also stipulates that companies can only store certain categories of “sensitive” and “critical” data in India, including financial, health and biometric information.
“Given all the work in it, I hope the bill doesn’t become complete rubbish. From a privacy protection standpoint, removing the bill altogether would create some kind of uncertainty. No one wants that,” said the report, covering policy and media. MediaNama editor Nikhil Pahwa said in a series of posts on Twitter.
“The new bill should be submitted for public consultation. The government should recognise that civil society and wider industry engagement can help improve laws and regulations. The JPC does not involve many key civil society stakeholders. The government has taken IT Rule 2021 and the CERT direction on It’s a mess. Regulations have to be reasonable or it will damage India’s digital future.”