• Legis Scriptor

Personal Data Protection Bill, 2019

Authored By- Pallavi Barwar

Keywords: Personal data, Committee, Users, Internet

Abstract These days, there have been a wide number of internet users across the world and it’s obvious because in today’s modernizing era this has become a necessity without which the work lacks its effectiveness. After this, the threat of stealing personal data has also increased. There are many ongoing disputes at national as well as at the international level. Therefore, to avoid this type of situation in India government of India has introduced the Personal Data Protection Bill, 2019. The bill assures to secure the personal information of the user within the country and prevent the privacy threat. The bill has its origin from the Justice BN Sri Krishna committee and has many salient features advantages and lacunastoo. Introduction The protection of personal data of internet users has become the issue of global concern. Cybercrimes like phishing, identity theft, online harassment, cyber stalking have increased many folds. India, being the second-largest internet using country of the world has no legislation or laws to secure the personal data of the users. Therefore considering the need for an hour the parliament of India has approved the Personal Data Protection Bill, 2019 which aims at protecting the personal data and exempting other users to use the data without the composers' consent. The bill has its origin from the draft proposed by Justice BN Srikrishna committee on data protection on July 28. In one year the draft has undergone certain changes followed by many criticisms, but finally, with the report of the joint selection committee and approval by the parliament Personal Data Protection Bill, 2019 came into force in 2019. Important terms 1. Data Principle: when the data of an individual's data is stored and processed. 2. Data Fiduciary: when the data is collected and used for providing services to the other users. 3. Data localization: when the data is stored within the borders of the country. Salient features 1. According to the new bill, the consent of the composer is required before accessing its personal information or data. 2. It prevents the unlawful activities and also detects any kind of frauds related to medical emergencies, ethical hackings, banking services of an individual. 3. The bill allows the individual the right to transfer his/her data to another personal 4. The Bill proposes "Purpose limitation" and "Collection limitation" clause, which limits the collection of data to what is needed for "clear, specific, and lawful" purposes.[1] 5. According to the new bill, each organization is supposed to appoint a Data Protection Officer in its office who will regulate the entire search activities, grievances, auditing, maintaining personal records, and many more. 6. If any user or organization violates the laws proposed this bill than some penalties are imposed over them like a penalty of Rs 5 crores or 2% of the turnover or 15 cores. This depends on the amount of violation done. How the Personal data protection bill, 2019 is different from the draft proposed by BN Srikrishna committee? · Localisation: most of the Indian data is stored by the foreign companies but the bill proposed that this copy of this data should be stored in India, which was opposed by many foreign companies. But the bill has changed this view as now the consent of an individual is a must to transfer his data to companiesabroad. · Information: the bill mentioned that if any non-personal data is required by the government then the fiduciaries have to give this data to the government whereas the proposed draft had no suchclause.

· Social media companies: the draft proposed that the companies should deem their significant data whereas the bill said that the companies should form their software for verification of the users. · Besides this, there is also one similarity that draft also requires a copy of data to be stored in India and the bill also mentioned the same point that a copy of the personal data will be saved in India before sending it to abroad. Advantages and lacunas Now a copy of data is stored in India then it will help the legal agencies to use the data for investigations. The personal data of individuals can't move to any other place and can't be accessed by any other individual without the mutual consent of the owner. There is a control on social media platforms and it has become easy to prevent the spread of fake news. Strong data protection legislation will also help to enforce data sovereignty.[2] There is nothing that is completely perfect; there is always some lacking in everything. The proposed bills also have some lacunas like: firstly, sending the individuals data to the foreign companies will demotivate and will lead to the backfire on the ideas of start-ups planned by the young adults. Secondly, storing the data in the physical location in the country might note that safe because there is a high risk of leaking of data by any means. Thirdly, there can be interference of the state in the personal data of individuals. There are many other disadvantages but the positive aspects have covered much of its lacunas. Exclusion There are certain exemptions of the Personal data protection bill, 2019: · The bills give the central government the powers to exempt any agency whether government or private to access the personal information of the individuals if it feels like this is a threat to the nation's security and integrity.

· If the personal data is required for collecting any statics, research, developments then the government has full right to restrict the authorities to use personal data for their projects.

· Commercial activities are not allowed to take personal data.


The personal data protection bill will lead to the fall in the number of problems or the cases registered related to data theft or security. The ultimate motivation of this data was the global data protection bill and justice K.S Puttuswamy's judgment on right on privacy and Justice BN Srikrishna committee. The bills were the first step of the country to establish laws for the protection of individual data and have also provided the Indian agencies a chance to store the country's information within the country that too with individuals consent. The will provide a chance to enhance the nation's technological agencies to start-up or multiply their scope.

[1] “The Issues, Debate around Data Protection Bill.”Drishti, The Indian Express, 7 Dec. 2019, [2]ibid