Approved by the Cabinet in 2019, the Personal Data Protection Bill intends to regulate the collection, movement and processing of data that is personal, or which can help identify an individual.
At the meeting of the joint parliamentary committee to examine the data protection Bill, law firm Luthra and Luthra on Monday argued that broad definitions widen the scope of the Bill, limiting the freedom of business tasks, it is learnt.
Another presentation from the Foundation of Data Protection Professionals in India is learnt to have stated that the Bill yielded to the pressure of the industry and can lead to abuse of powers by the government.
Representatives from Luthra and Luthra, it is learnt, recommended narrowing down the definitions of harm and sensitive personal data. Citing an example, it is learnt to have argued that without sufficient guidelines, denial of credit or loan to an applicant based on credit scoring may be considered a ‘harm’ under the Bill.
The law firm, it is learnt, also raised concerns regarding the definition of sensitive personal data, stating that words such as “behavioural characteristics” and “facial images” could put actions such as targeted advertisements and CCTV footage under the gamut of the Bill, leading to increase in compliance burdens.
The Foundation of Data Protection Professionals in India is learnt to have stated in its presentation that the government has yielded to the pressure of the industry in dropping restrictions for transfer of personal data outside.
It is also learnt to have expressed concerns about the independence of the Data Protection Authority, pointing out that it would be appointed by a committee of Cabinet Secretary and Ministry Secretaries and not the Chief Justice.
On Tuesday, the Associated Chambers of Commerce and Industry of India (ASSOCHAM) is to make a presentation before the committee