Minister of state of electronics and IT (MeitY) Rajeev Chandrasekhar on Saturday said Personal Data Protection (PDP) Bill, 2019, was ‘a few months away’ and that the government was in the process of finalising the ‘dos and don’ts’ for companies.
“If we have to make a choice between doing something quickly versus doing something right, with a few months delay, we will choose the latter. No one should feel that we are not committed to that (PDP) Bill,” Chandrashekar said at The Indian Express’ Idea Exchange.
“It is an important legislation for both the individual citizen of India as well as for the start-up innovation ecosystem and we believe that it should work for both,” the minister asserted.
Distinguishing between privacy and data protection, Chandrasekhar observed the PDP Bill was about how companies collected data, even as privacy remained a fundamental right, with citizens empowered to contest any violation.
“This PDP Bill was not to do anything with privacy. It is for defining the dos and don’ts for companies that collect the data from individuals, how they collect it, how they store it, how they process it. It is not a data privacy bill; it is the data protection bill. The lack of this bill or delay of this bill does not change your fundamental rights,” he said.
Start-ups, Chandrasekhar said, have a crucial role to play in the growth of India’s digital economy.
“The sustainable growth of a digital economy and our leadership of the innovation space in the coming years is as important a goal for us as a country as laying out the dos and don’ts for companies that deal with data with individual consumers. These are not binaries and we will never treat them as binaries,” the minister observed.
The PDP Bill drafted by the Srikrishna Committee was tabled in Parliament in 2019. Subsequently, the Joint Parliamentary Committee submitted its report in November 2021.
Chandrashekhar justified the government being exempted from law on several grounds, including public order and security of the state, saying the government was not ‘monetising’ the data, as the private sector was doing, but was using the data for a different purpose. “There are differing objectives. I believe the two different standards need to be applied,” the minister said. He added that exemptions for governments, in delivering governance and public service, were valid. Clause 35 of the Bill seeks to empower the Union government to exempt any agency of the government from the application of the Act.
The minister asserted that social media platforms must provide information on the first originator of messages, when asked for, saying there were technological solutions to enable this. Or else, they can give up their intermediary status and lose the protection of Section 79 of the IT Act. “…You offer yourself for prosecution if there is anything illegal done on your platform and that will incentivise you to do enough due diligence to make sure there is no illegality on your platform. The second is, you do your due diligence before people sign up for WhatsApp. It is very clear, that you don’t have to tag anybody, you can easily find out who the first originator is with deep packet inspection. But what cannot continue is, you want anonymity, the platform wants intermediary safe haven and you say, by the way if there is an illegality we are not in a position who did it. That’s a bit of a zero sum game that may work in ‘planet la la land’ but not in India,” he said.