As the issue of data protection gains importance in the wake of several cyber-attacks and leakage of citizens’ personal details online, the Ministry of Electronics and Information Technology (MeitY) has started the process of drafting a data protection bill.
The ministry has constituted a committee of ten experts to deliberate on a data protection framework of India.
The committee will be headed by former Supreme Court Judge B N Srikrishna, “to identify key data protection issues in India and recommend methods of addressing them,” MeitY said in a memorandum, a copy of which was seen by Moneycontrol.
Other members of the committee include Aruna Sundararajan, secretary, Department of Telecom, Ajay Bhushan Pandey, the chief executive officer of the Unique Identification Authority of India, Ajay Kumar, additional secretary MeitY, Prof Rajat Moona, director, IIT Raipur, Gulshan Rai, national cybersecurity coordinator, Prof. Rishikesha T Krishnan, director of IIM Indore, Arghya Sengupta, research director at Vidhi Centre for Legal Policy, Rama Vedasree, chief executive of the Data Security Council of India, and a joint secretary of MeitY whose name was not specified.
(Copy of the Memo)
The committee will study various issues relating to data protection in India and make specific suggestions for consideration of the Central Government on principles to be considered for data protection in India and suggest a draft data protection bill, the circular noted.
“MeitY shall in consultation with the Chairperson and members, collect necessary information and provide it to the Committee within 8 weeks of the date of this OM (official memorandum) to enable it to start its deliberations on the subject,” the letter said.
However, it did not specify a time frame in which the report would be submitted, except saying that the committee would try to submit its report “as expeditiously as possible”.While there are provisions relating to data protection in India’s Information Technology Act, the rapidly changing landscape of online businesses and digital financial transactions calls for a more comprehensive overview of the protections associated with personal and third party data use.