Data protection bill: Parliamentary panel’s proposals could hit India’s tech leadership aspirations, says Internet body

BL Mumbai Bureau | Updated on: Feb 24, 2022

Internet security and data protection concept, blockchain. | Photo Credit: anyaberkut

Expresses concern over proposed age restriction of 18 years on certain services

The Internet and Mobile Association of India (IAMAI) on Thursday issued a statement calling out the recent Joint Parliamentary Committee’s (JPC) report on the Personal Data Protection Bill 2019. The industry body said the recommendations of the committee are out of sync with the ground reality, with India keen to take a leadership position in the world of technology.

IAMAI has been in talks with the government, and has raised a few critical issues.

To impact tech industry segments

The JPC report was submitted to Parliament on December 16, 2021. The association is of the view that the recommendations are likely to negatively impact a cross-section of tech industry segments such as large tech companies, tech services companies. as well as digital start-ups, who form the backbone of India’s tech leadership aspirations. 

On setting stringent data localisation rules, IAMAI said, “Placing restrictions on cross-border flows may lead to higher business failure rates, create barriers on the growth of start-ups, increase the cost of compliance for companies and slow down socioeconomic benefits reaped from the digital economy. It will also inevitably have a negative impact on the ability of Indian consumers to access a truly global internet.”

Additionally, the suggested retrospectively applicable requirement to bring back data taken abroad poses significant operational and technical challenges, especially since relevant businesses would be subject to policies which were not enforced at the time of data collection.

Changes recommended by the JPC also expands the scope of the bill to include non-personal data along with personal data. However, the recommendation fails to illustrate what different value propositions these two offer. IAMAI calls this premature as the expert committee report on non-personal data is yet to be finalised.

Social media concerns

IAMAI is concerned about the proposed imposition of age restrictions of 18 years on certain services. “Such a bar will exclude an important demographic from the digital ecosystem and will contradict most data regimes, which create enabling provisions for youth aged between 13 and 18 years. The government should bring in a graded and proportionate risk-based approach for children’s age of consent, depending on the kind and nature of services provided,” it said.

Counting social media as publishers instead of intermediaries restricts free speech, according to IAMAI.

“Social media intermediaries continue to have safe harbour provisions and are not regulated as publishers, based on their ‘ability’ to control content, given that this ability stems from a legal obligation. Such a provision may have drastic impacts on the use of social platforms, free speech and creativity.”

Transparency requirements

IAMAI said, “The Government should also review the ‘transparency’ requirement suggested by the JPC. It is very broad and may encroach upon the data fiduciaries’ intellectual property rights. It may be harmful to data fiduciaries if they are mandated to publicly disclose their algorithms and other proprietary information, without adequate safeguards.”

“The association is of the view that the JPC recommendations have collectively fundamentally altered the structure of the bill from a personal data protection bill to a generic data protection bill. This, in itself, calls for wider stakeholder consultations and impact assessment reports before these recommendations are hardcoded into law.”

Published on February 24, 2022
This article is closed for comments.
Please Email the Editor

You May Also Like

Recommended for you