The Personal Data Protection Bill, 2019 could play a big role in providing robust protections to users and their personal data. Discuss (200 Words)
Refer - The Hindu
Enrich the answer from other sources, if the question demands.
IAS Parliament 4 years
KEY POINTS
· The recent alleged data breach at MobiKwik could stand to be India’s biggest breach with the data of 9.9 crore users at risk.
· Robust data protection regimes are necessary to prevent such events and protect users’ interests.
No effective protection
· Collection and process users’ personal data in India is mainly governed by the Information Technology Act, 2000, and various other sectoral regulations.
· While entities must employ technical measures to protect personal data, they have weaker obligations to respect users’ preferences in how personal data can be processed.
· The data protection provisions under the IT Act also do not apply to government agencies.
The upcoming regime
· The Bill seeks to apply the data protection regime to both government and private entities across all sectors.
· The Bill seeks to emphasise data security and data privacy.
· While entities will have to maintain security safeguards to protect personal data, they will also have to fulfill a set of data protection obligations.
· The Bill seeks to create an independent and powerful regulator known as the Data Protection Authority (DPA).
· The DPA will monitor and regulate data processing activities to ensure their compliance with the regime.
· The Bill seeks to give users a set of rights over their personal data and means to exercise those rights. For instance, a user will be able to obtain information about the different kinds of personal data.
· The Bill threatens legal consequences for users who withdraw their consent for a data processing activity. In practice, this could discourage users from withdrawing consent for processing activities they want to opt out of.
