What does the white paper include?

The white paper includes crisp summaries and analysis of key issues in the bill, including:

• Powers of the government: The government should have absolute power over the DPA and be able to exempt any government body under certain limitations. What are those limitations
• Data Localization: All sensitive personal data must be stored in India and can be transferred outside only under specific circumstances. What are those circumstances?
• Data Protection Officers: Data Fiduciaries will have to hire Data Protection Officers (DPO), who will be held responsible for compliance with the Bill. What are the responsibilities of the DPO?
• Data Protection Authority: A Data protection authority (DPA) will look into data breaches and ensure compliance with the provisions of the bill. What powers does the DPA have?
• Children’s Data: Data fiduciaries can process a child’s personal data only after they fulfill certain conditions. What are those conditions?
• Data Fiduciaries: Data fiduciaries will have to fulfill a list of obligations and adhere to limitations around processing personal data, or face penalties. What are the obligations, and how will they be penalized?
• Non-personal data: Non-personal data is now included under the ambit of the Data Protection Bill 2021. How does the bill propose to regulate it?
• Data Breaches: When data breaches occur, the DPA will be empowered to direct fiduciaries on remedial measures. What protocols does the bill set around data breaches?
• Rights of individuals: Individuals have been given control over their data in various ways, including the right to be forgotten. What rights will individuals have?