Data Protection Bill 2022

The Ministry of Electronics and Information Technology (“MEITY”) has released a draft of the Digital Personal Data Protection Bill, 2022 (“The Bill”) for public consultations along with an explanatory note for each provision and the underlying principles that guide the drafting[1]. The public consultations are open till December 17, 2022[2].  This is Part II of our analysis on the Bill.  Click here to read Part I of this postContinue Reading The Digital Personal Data Protection Bill, 2022 – Part II

Personal Data Protection Bill 2019 - Analysis

A draft of the Personal Data Protection Bill, 2019 (“Bill”) has been introduced before the Lok Sabha on December 11, 2019.

The Bill is based, in large part, on the proposed draft of the Personal Data Protection Bill, 2018 (“Draft Bill”) which was attached to the report submitted to the Government by the Committee of Experts constituted under the Chairmanship of Justice Srikrishna (Retd.) (for details see our analysis[1] of the Draft Bill and its comparison with the European Union’s General Data Protection Regulation[2] (“GDPR”)[3] ).

That being said, the Bill also includes several modifications and changes in scope and intent.
Continue Reading The Personal Data Protection Bill, 2019: An Analysis

data privacy protection bill India

We are moving towards a data centric world, and “data is the new oil”[1]. And few would disagree that a key debate today in finance is ‘trust and privacy vs. using data for business growth’. As modern day businesses look to adapt themselves to generate revenue from customer related data, regulators across the world are grappling with the formulation of effective laws to regulate the data-driven economy. Given the relative novelty of the concept, regulators are reflecting on fundamental questions such as the right to privacy, property rights over data and the right to use the collected data.

In India, the Reserve Bank of India (“RBI”) has been fairly forward looking, by passing various regulations and constituting a host of committees to address issues ranging from cyber security to customers data protection norms.[2] In almost all its regulations, RBI has adopted a data privacy framework similar to the one advocated by the Justice BN Srikrishna Committee in its Personal Data Protection Bill, 2018 (“DP Bill”) – an amalgamated framework consisting of consent-and-notice and the vesting of certain rights with the originators of such information.[3] Undoubtedly, the DP Bill will have an impact on the manner in which data is collected, processed and shared by the financial industry. With this as the background, the authors seek to analyse the impact of the DP Bill on businesses engaged in the financial sector.
Continue Reading In the throes of Data Protection (and the associated woes) lies the business of trust