wordpress blog stats
Connect with us

Hi, what are you looking for?

Will the Composition of the Data Protection Board of India Impact How it Handles Data Privacy Complaints? #PrivacyNama2023

Currently, the “independent” Board will be staffed by members directly appointed by the Indian govt, out which at least one should be a legal expert. Such a quasi-judicial composition which is also prone to govt influence, raises concerns over the efficacy of adjudication, the speakers argued.

I think there are other problems here that make that entire process [of the Data Protection Board of India’s functioning] pretty problematic,” said Carnegie India’s Anirudh Burman at the “Data Protection Board” session of MediaNama’s PrivacyNama conference last week. “For example, is the DPBI going to sit as a Board for every single matter, or are there going to be individual members of the Board who are going to handle matters separately?”

Among other issues, the session examined how the Data Protection Board of India—the apex data privacy regulator established under the recently passed Digital Personal Data Protection Act—should be best staffed to handle a large volume of privacy complaints.

Currently, the “independent” Board will be staffed by members directly appointed by the Indian government, raising concerns over Executive influence in privacy disputes. The government will notify the number of members, and how they will be appointed, on currently unspecified grounds. At least one of its members should be a legal expert, while the others may have experience in “data governance, administration or implementation of laws related to social or consumer protection, dispute resolution, information and communication technology, digital economy, law, regulation or techno-regulation, or in any other field which in the opinion of the Central Government may be useful to the Board”.

“If you have only individual members who are going to pass orders, shouldn’t every member then be qualified in a certain way so as to be able to pass orders?” Burman continued last Friday. “The point of a board works where the entire board collectively sits in on a decision and passes an order. And [within it] there are some legal members, or some quote-unquote judicial members and some members who are technical experts, right? But, if you’re going to have a system where the chairperson can basically depute [privacy complaints] saying, ‘you take up these categories of matters and I’m going to handle these categories of matters’, then that entire rationale for having that Board breaks down, and that variety in qualifications and expertise breaks down [too].”

Burman was joined by Alok Prasanna Kumar (Vidhi Centre for Legal Policy), Meghna Bal (Esya Centre), and S. Chandrasekhar (K&S Digiprotect). The session was chaired by Arya Tripathy (PSA Legal).

This discussion was organised with support from Meta, PhonePe, Google, and Salesforce, and in partnership with CUTS and the Centre for Communication Governance.

Advertisement. Scroll to continue reading.

The qualification requirements of the Board’s members may not be precise enough: “Speaking a little bit about the composition of the board, and going back to the example of the Copyright Board [established under the Indian Copyright Act, 1957], it basically became defunct because there wasn’t a technical member,” recalled the Esya Centre’s Meghna Bal. “If you ask anyone on paper, an IAS officer, an economist, and a judicial member is kind of an ideal troika in the context of a regulatory body. But over here, given that it [the Data Protection Board] is quasi-judicial and there’s only one legal member, who doesn’t even have to be a judge, that is somewhat questionable.”

Vidhi’s Alok Prasanna Kumar added that the requirement of a ‘legal’ member need not imply that they would be good adjudicators.

“Training in law does not necessarily mean you’re trained in adjudication,” Prasanna Kumar pointed out. “This is something which lawyers have realized when they’ve gotten elevated to the high courts, that simply knowing the law well doesn’t mean they have the temperament, ability, and training on how to decide [matters]. So, nowhere does this [data protection law] say somebody with some experience in adjudication [will be appointed to the Board]…The government thinks somebody who’s been a secretary in the law department is good enough to be a judicial member. That’s not true. There have been some members who have been good judicial members, but you need that training in adjudication. These are complex areas.”

The tenure of Board members may be too short—by the time they gain expertise, their term would be up“They have kept the tenure [for Board members for] only two years,” K&S Digiprotect’s S. Chandrasekhar pointed out. “It’s such a complex topic, a complex subject, that by the time they build their capacity, they would be out and then somebody else would come [in]. So, probably, the tenure should be lengthened. And…they should have a bigger board or maybe some kind of a regional board or some kind of a gradation so that they’ll be able to handle the huge number of penalties [and complaints coming in]. So, going forward, I see a lot of choke points which need to be thought through. Otherwise, there is a possibility of this mechanism having a lot of teething troubles at the initial stages.”

Notably, both the Chairman and the Board’s members are eligible for re-appointment under the data protection law.

STAY ON TOP OF TECH POLICY: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!

Advertisement. Scroll to continue reading.

Read more

Written By

Free Reads


The case dates back to 2019 when Spotify filed a complaint against Apple's anti-steering rules which prevented apps like Spotify from informing their users...


DIP contains information regarding cases detected as misuse of telecom resources and acts as a back-end repository of all requests received on the Sanchar...


Meta's transparency report reveals a sharp rise in GAC orders from India in January 2024, exceeding the overall monthly GAC orders sent in the...

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



NPCI CEO Dilip Asbe recently said that what is not written in regulations is a no-go for fintech entities. But following this advice could...


Notably, Indus Appstore will allow app developers to use third-party billing systems for in-app billing without having to pay any commission to Indus, a...


The existing commission-based model, which companies like Uber and Ola have used for a long time and still stick to, has received criticism from...


Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ