Moneycontrol

Budget 2023Budget 2023

PARTNERS

  • Tata AIA Life Insurance
  • Hafele
  • Motilal Oswal
  • SMC Global Securities Limited
  • SBI Life
  • DSP Mutual Fund
Upcoming Event : LeapToUnicorn - mentoring, networking and fundraising for startups. Register now
you are here: HomeNewsTechnology

Data protection thorny issue not just for tech, but other industries as well

The proposed Bill will impact not just technology companies, but everyone from your local "kirana" store to the hotel you check into when you're on a holiday. The criminal liability prescribed in the Bill, as well as lack of clarity on certain provisions have been flagged by different industries.

October 01, 2018 / 05:45 PM IST

India's data protection Bill has been in the eye of a storm ever since it was submitted to the government by a Committee headed by Justice Srikrishna.

Apart from the issues associated with the requirement for data localisation, which is likely to increase the costs and  the burden of compliance on small and large firms, there are other issues that have been flagged by different industries.

While a large part of the focus has been on technology firms, in its current form however, the Bill will be applicable to a host of other industries from finance to aviation, manufacturing to healthcare.

"The law may be targeted towards big tech (companies), but even if you are a small "kirana" (grocery) store guy using a computer to store your customer’s number, the same law will be applicable to him," said Pratibha Jain, partner at law firm Nishith Desai Associates.


The Bill allows a person to withdraw consent for processing any of their personal data collected by a person or entity who will decide how personal data collected will be processed or acted upon.

"In lending, for example, the Bill allows for a customer to give partial consent. Suppose a customer is sharing eight information items for lending. Now if they want to withdraw consent for one or two of these permissions, it may not be possible to provide credit. Does that constitute denial of service?" asked Alok Mittal, Managing Director, Indifi Technologies Private Limited, a platform for enabling debt financing for small businesses.



Mittal also said criminal liability was an issue  and that the Bill leaves a lot of room for interpretation.


Similarly, hotels, airlines, retail and other industries that offer loyalty programmes would find it tough to comply with the requirements of compliance.


Besides, seeking consent every time personal data is processed would hinder the customer experience.


"The law should allow for some sort of breather or a waiver during the initial transition period," suggested Singh.