The Personal Data Protection Bill, 2019, was introduced in Parliament in December 2019, and was referred to a 30-member Joint Parliamentary Committee for review. The Bill is the first legislation that focuses on privacy of citizens, and could potentially result in significant overhaul of digital businesses and companies. The Committee is expected to submit its report to the Parliament before the Budget Session concludes on April 3, 2020. Earlier this month, MediaNama held discussions in Delhi and Bangalore on the main aspects and impact of the Bill with a wide set of stakeholders. The discussions were held with support from Facebook, Google, and STAR India in Delhi, and with support from Facebook and Google in Bangalore. The discussions were held under Chatham House Rule, so quotes have not been attributed. Quotes are not verbatim and have been edited for clarity and brevity. Read our full coverage of the discussions here: #NAMA India’s Data Protection Law – January 2020. The following is Part I of our notes from the session on cross border data flows, read Part II here. Data localisation in the 2019 Bill: Not really an improvement The data localisation norms under the current Bill are not an improvement over the Srikrishna Committee's draft bill, said a speaker. Segregation of data by type is very tricky: "The datasets that we work with might be a mix of personal data, sensitive personal data, and maybe even critical personal data. But the data localisation or data mirroring requirement would be applicable to the whole data set, and…
