You are currently viewing Draft Data Protection Bill allows cross-border data transfer, proposes heavy fines — Details Inside

Draft Data Protection Bill allows cross-border data transfer, proposes heavy fines — Details Inside


New Delhi: Prime Minister Narendra Modi’s government has been tightening regulation for the sector, which executives say has increased the compliance burden for companies, and soured trade ties with the United States. India has defended stricter regulations citing the need to safeguard users’ interests in a country that has more than 760 million internet users. The latest privacy bill, however, relaxed certain stringent norms on cross-border transfers proposed earlier, with the government saying it could specify countries to which entities managing data can transfer personal data of users.

ALSO READ | Hundreds of employees quit Twitter after Elon Musk’s ultimatum, Memefest start

Supratim Chakraborty, a partner specializing in data privacy at law firm Khaitan & Co, said the proposal would bring relief for big technology companies that need to transfer user data abroad where they maintain their servers.

ALSO READ | Elon Musk starts poll asking Twitter users to reinstate Donald Trump or not

“It will be a relief as there will be a certain list of whitelisted countries. So if United States is one of them, it will ease a lot of stress for big companies as they could transfer user data there,” Chakraborty said.

The new bill also proposes financial penalties of up to 2.5 billion rupees ($30 million) if someone is found breaching the provisions of the law.

The federal government would have powers to exempt state agencies from provisions of the bill “in the interests of sovereignty and integrity of India” and to maintain public order, said the draft proposal, which is open for public consultation until Dec. 17.

Indian privacy advocates had said such provisions could allow the government to abuse access. In its statement on Friday, the government said it acknowledged that “national and public interest is at times greater than the interest of an individual”.

India considered global best practices and reviewed data legislation in Singapore, Australia, and European Union, while making the new proposal, it said.

A version of the previous bill had also introduced a provision empowering the government to ask a company to provide anonymised personal data and non-personal data to help target the delivery of government services or formulate policies.

That provision does not exist in the new bill, which Salman Waris, a managing partner at law firm TechLegis said “will be a relief to companies and the wider technology industry that had pushed back against the provision”.


Source link

Leave a Reply