Govt releases white paper on data protection framework
Public comments are welcome till 31 December on the data protection white paper, which is aimed at securing digital transactions and addressing privacy issues
New Delhi: A nuanced approach towards data protection will have to be followed in India, keeping in mind the fact that individual privacy is a fundamental right limited by reasonable restrictions, according to a white paper issued by the government on a data protection framework.
The government has sought public comments till 31 December on the white paper, which is aimed at securing digital transactions and addressing customer and privacy protection issues.
The white paper, drafted by the committee of experts on data protection framework, was released by the ministry of electronics and information technology on Monday.
On 31 July, the government constituted a 10-member committee of experts headed by former Supreme Court justice B.N. Srikrishna to study various issues relating to data protection and make specific suggestions on the principles to be considered for data protection as well as suggest a draft Data Protection bill.
Other members of the committee include telecom secretary Aruna Sundararajan, Unique Identification Authority of India chief executive Ajay Bhushan Pandey, and additional secretary in the information technology ministry Ajay Kumar.
The committee seeks to put the onus on stakeholders and the public through a questionnaire on issues such as collection of personal data, consent of consumers, penalties and compensation, code of conduct and an enforcement model that should be set up.
“The sensitivity of the data could also develop based on its combination with other types of information. For example, an email address taken in isolation, is not sensitive. However, if it is combined with a password, then it could become sensitive as it opens access to many other websites and systems, which may expose the individual to harm such as cyberattacks and phishing frauds,” the white paper said.
It is also possible that personal or even non-personal data, when processed using big data analytics, could be transformed into sensitive personal data. Therefore, there may be a need to create safeguards which will prevent misuse of personal information in these contexts of use, it added.
The white paper also seeks “to designate certain lawful grounds under which data can be processed, even in the absence of consent.”
In some situations, seeking consent prior to a data processing activity would not be possible, or it may defeat the purpose of the processing. For instance, where law enforcement officials need to apprehend a criminal, seeking the consent of the criminal prior to processing would defeat the purpose of the investigation, it said.
“It seems to be an eminently reasonable white paper which raises the right questions. However, it lacks analysis of data protection vis-a-vis Aadhaar,” said Pranesh Prakash, policy director at the Centre for Internet and Society, a Bengaluru-based think tank.
Safeguarding privacy rights needs much more than a data protection law; it needs a larger consultation that includes issues like surveillance as well, added Prakash.
- Bypoll for 1 Lok Sabha, 5 assembly seats tomorrow
- Narendra Modi affirms his govt’s commitment against corruption
- Banking sector in 4 years of Modi govt: Note ban sets off surge in digital transactions
- Ireland votes to liberalize abortion regime in landslide
- Start-ups spared of tax on angel investment above fair valuation
Editor's Picks »
- Motherson Sumi continues to face margin pressure in foreign markets
- What the Warren Buffett indicator tells us about market valuations today
- Jet Airways lands with a thud in Q4 as fuel costs increase
- IBC amendments: Some dilutions, and a lot more speed
- Patanjali’s gambit is paying off in toothpaste wars