Srikrishna panel report: What 213-page draft bill says on protection and storage of sensitive, personal data

By: | Published: July 28, 2018 9:56 AM

Justice Srikrishna panel on Friday submitted the draft report in protection and storage of local and personal data.

Srikrishna panel, ravi shankar prasadUnion law minister Ravi Shankar Prasad accepts a report on ‘Data Protection Framework’ from retired justice BN Srikrishna in New Delhi on Friday.

Justice Srikrishna panel on Friday submitted the draft report in protection and storage of local and personal data. The 213-page draft bill advocated the idea of ‘explicit’ consent for sensitive data. The committee has listed 13 types of information that could be termed sensitive personal data. “Sensitive personal data may be processed on the basis of explicit consent,” the panel headed by Justice BN Srikrishna said in the report titled ‘The Personal Data Protection Bill, 2018’. Privacy is a burning issue now and all efforts must be made in this direction to protect data, Justice Srikrishna said while handing the report to IT Minister Ravi Shankar Prasad.

Justice Srikrishna committee report also emphasises the law’s jurisdiction on companies that have a “significant economic presence in India” or those who carry out business in the country. The report adds that all the personal data processed by the Indian companies even if the processing is carried out abroad and the personal data processed by foreign companies in India must be protected. If foreign websites access India data in a way that is “neither large-scale nor capable of causing significant harm”, the Indian law should not apply, the report says.

“It may be argued that seeking such consent may be unimplementable. We do not see why this must be the case — if an individual can be targeted precisely for the purpose of showing her an advertisement or a particular communication, surely, she can be targeted for seeking consent before such action. The final call on how the consent should be obtained should be left to the determination of the DPA (data protection authority),” the committee said.

The report has listed 13 pieces of information that could be considered as Sensitive Personal Data:

  1. passwords
  2. financial data
  3. health data
  4. official identifier
  5. sex life
  6. sexual orientation
  7. biometric data
  8. genetic data
  9. transgender status
  10. intersex status
  11. caste or tribe
  12. religious or political belief or affiliation
  13. any other category of data specified by the Authority under section 22

Get live Stock Prices from BSE and NSE and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Switch to Hindi Edition