Ad: India’s Data Protection Bill is here, and your business needs to adapt. K&S Digiprotect, with its team of data protection experts, offers compliance services tailored to help you adapt to the new regulations, safeguard your data and build trust with your customers. Contact us now!
India’s IT Minister Ashwini Vaishnav and IT Minister of State Rajeev Chandrasekhar have both staunchly defended the Digital Personal Data Protection Bill, 2023 from criticism that the bill gives the government broad exemptions, arguing that the exemptions are reasonable and limited.
In an interview with MoneyControl, Rajeev Chandrasekhar said:
“There is nothing unfettered about government access to data. Exceptions are only in cases of national security and emergencies like pandemic, earthquake. You don’t expect law enforcement agency to knock on the door of terrorist for consent. […] Privacy in our scheme of things is not absolute. There are always reasonable restrictions in privacy as there are in freedom of expression.”
Meanwhile, Ashwini Vaishnav told the EconomicTimes that:
“The exemptions for the government are exactly within the framework of the Constitution of India. If you look at the GDPR (General Data Protection Rules of the European Union), there are 16 exemptions for things like economic or financial interest of the Union, monetary, budgetary and taxation matters, public health and social security matters.
If you count and compare them to the exemptions we have (in the DPDP Bill), they are very few and precise, which is absolutely in line with the Constitution. So, there is no question of excessive exemptions for the government.”
These are nothing but straw man arguments from the Ministers because they’ve chosen to avoid the actual concerns raised and have instead defended against lesser important, but tangentially relevant concerns.
To illustrate this:
In their defences, both the Ministers are referring to the exemptions granted to the government and law enforcement agencies under section 7 [legitimate uses] and 17 (1) [exemption for certain use cases including law enforcement] of the DPDP Bill. Giving the benefit of the doubt to the Ministers, it could be argued that the exemptions under these two sections are indeed reasonable.
But the Ministers dodge the concerns raised around exemptions allowed under section 17(2), which is where the real concerns lie and which is why many stakeholders have criticised the bill. Essentially, section 17 (2) allows the government to issue a notification and exempt any of its agencies from all provisions of the bill for a wide range of reasons including one as broad as “maintenance of public order.”
The Ministers also haven’t addressed concerns with section 17(4), which allows the government to store personal data for an unlimited period of time regardless of whether the purpose for which data was collected has been served or not.
Additionally, section 36 allows the government to direct any company to furnish such information as the government may call for, which is another power that is being criticised that the Ministers don’t address.
To sum it up: the Ministers don’t address the concerns with sections 17(2), 17(4), and 36 of the DPDP Bill and are instead focusing on the other narrower exemptions to the government under sections 7 and 17(1) and arguing that these exemptions are reasonable.
STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!
- Summary: India’s Digital Personal Data Protection (DPDP) Bill, 2023
- India’s Digital Personal Data Protection Bill, 2023 Gives The Government Powers To Exempt Itself From The Bill, Block Content, And More
- Deep Dive: How The Data Protection Bill Enables Govt Surveillance And Misuse Of Personal Data
- Fifteen Major Concerns With India’s Digital Personal Data Protection Bill, 2023