The Delhi Police had recommended “relaxing” liabilities on law enforcement agencies under the Draft Personal Data Protection Bill 2018, a senior Delhi Police official told MediaNama on condition of anonymity. The source said that the liability on them is “not warranted” and “maybe the government will listen”. The official explained that law enforcement agencies examine data from multiple sources for one case; restrictions make it hard for them to carry out investigations. “All the restrictions make it difficult for us to zero in on the person with a specific data request [because we need data on multiple people]”. “Investigations aren’t directed at one thing from the very beginning. We reach the actual culprit after going through so many people and so much information, linking them together, drawing inferences,” said the official.

“Our concern is [that] much liability is put on us to maintain the privacy of various individuals [during the course on an investigation]. And if we are made accountable for that, that’ll put enormous burden on investigation agencies,” the official said. The proposed Personal Data Protection Bill requires entities to obtain consent of individuals before accessing their personal data.

1. Anonymising tools, fake IDs are burdening investigators: “With more and more use of digital devices, this aspect has become even more important. Earlier, if a murder had taken place, we had the fingerprints and some other information and you could directly link it to the person. Now crimes are taking place where a person is using anonymising tools, bogus sites using fake IDs to get internet connection, that puts additional burden on the investigator,” the official said.

2. Varying bandwidth across police: The official explained that different police administrations in the country have different bandwidths. “We at Delhi police have the skill and the resources. But, if we talk about states and districts where we don’t have investigating officers who are skilled, there are administrations in the country which are headed by sub inspectors; and as per the IT Act, investigation of cybercrimes has to be done by an inspector”.

It is worth noting that Home Minister Amit Shah held a meeting with the concerned ministries including the Ministry of Electronics and Information Technology (MeitY) in June this year to discussn provisions under the draft Bill, according to a Business Line report. The report said that the Home Ministry wants that the interest of the law enforcement agencies also be taken care of while ensuring the privacy of citizens.

When Ravi Shankar Prasad was inducted into the Union Cabinet in the second term of PM Modi’s government, he had said that “we will try to quickly get the data protection bill to the Parliament”. He said that the Data Protection Bill was among his key priorities in his second term as the IT minister. But the bill wasn’t introduced in the Parliament’s extended Budget Session. In fact, he informed Rajya Sabha on July 25 that the submissions made to the Justice Srikrishna committee – as part of a public consultation – will not be made public. He said submissions made by any entity are “confidential” and meant for examination by the Committee.