Are certain private entities pressurising the government via “empanelled law firms” that’s causing a delay in the Personal Data Bill? Trinamool Congress MP Mahua Moitra asked during Zero Hour in Parliament asked on August 1. Moitra said that there are lawyers within ministries working on the Data Protection Bill, who also happen to have private clients in the field of technology; thus there could a conflict of interest. Calling for more transparency in the drafting process of the bill, she asked as to how we could be assured that the interest of these private clients are not being brought into the legislative draft of the Bill. She urged the government to reveal:

  • GR (government resolution) firms involved in drafting the Bill.
  • Lawyers who are helping with drafting the legislation, along with their private clients in the tech space.

She also said that despite promises made by the government of a comprehensive Data Protection Bill, the Supreme Court’s order to the government following the Aadhaar judgement and the BAC’s decision to discuss the Bill, it “has not come”; “it is a matter of vital public importance,” she added.

So where is the Data Protection Bill?

When Ravi Shankar Prasad was inducted into the Union Cabinet in the second term of PM Modi’s government, he had said that “we will try to quickly get the data protection bill to the Parliament”. He said that the Data Protection Bill was among his key priorities in his second term as the IT minister. But the bill hasn’t been introduced in the Parliament’s ongoing and extended Budget Session, which will end today.

In fact, he informed Rajya Sabha on July 25 that the submissions made to the Justice Srikrishna committee – as part of a public consultation – will not be made public. He said submissions made by any entity are “confidential” and meant for examination by the Committee. However, technocrat and former UIDAI CEO Nandan Nilekani, seems to know about the status of the data protection bill. He said that the bill was in the the “draft mode” and will take a general view that data localisation policy can be managed by individual regulators.