Data protection bill to be introduced in Parliament in Monsoon Session

In 2022, the Indian government released the DPDB bill for consultation last week, months after withdrawing the Personal Data Protection Bill 2019, which had been under consideration for years

The long-awaited Digital Personal Data Protection Bill which recently received assent from the Union Cabinet, will be introduced in the Lok Sabha in the upcoming Monsoon Session, a Lok Sabha bulletin showed.

With the increasing incidents of data breaches and cyber attacks on Indian citizens, the DPDP Bill is expected to bring in a sense of accountability in the form of penalties and so on. However, concerns remain among civil society on the sweeping exemptions granted to government bodies from the provisions of the bill.

The bulletin dated July 13 said, "The purpose of the Bill is to provide for the processing of digital personal data in a manner that recognises both the right of individuals to protect their personal data and the need to process personal data for lawful purposes and for matters connected therewith or incidental thereto."

The bulletin said that the bill will be introduced for consideration and even for passing in the lower house.

After the bill gets introduced, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar did not rule out the possibility of it getting referred to a Parliamentary Committee.

Also read: Data protection bill, Digital India Act will cause 'behavioural changes' in platforms: Rajeev Chandrasekhar

"I don't think there is a need for it. (But if) the standing committee or someone wants to take a look at it, the government is fine with it. Our Prime Minister's view on this type of legislation is that it should be as widely consulted as possible... Now, if the Parliament decides that they want to sit down and think about this for a lot longer, that's fine," Chandrasekhar told Moneycontrol in an interview.

Introduced last year, the government is expected to have made considerable changes in the draft bill.

Moneycontrol reported how the government may introduce an appellate body for customers to appeal decisions of the Data Protection Board. This will be a significant change from the draft of the bill that was released in 2022, where only the Data Protection Board (DPB) could conduct proceedings or inquiries and give their decisions while dealing with user complaints related to data breaches and so on.

Earlier, Chandrasekhar also touched upon these changes, especially in clauses such as deemed consent, cross-border data transfer.

"There is no material change in the bill from what was there before. There are some things that you've already read about in terms of blacklisting for cross border, it is now whitelisting... There were some questions of guardrails on deemed consent. There are some changes in the wording of these provisions," Chandrasekhar said.