Industry Talk

Personal Data Protection Bill: Companies to face penalty for violation

On December 4, the Union Cabinet cleared the Personal Data Protection Bill (PDPB), which is due to be placed in the Parliament. It is likely to be introduced for discussion before the on-going winter session of the Parliament.

The bill constitutes three personal information data types, namely, sensitive data consisting of passwords, financial data, official identifier, sexual orientation, religious or caste data; critical data which will be characterized by the government every once in a while, and must be stored and handled only in India; and general data which is non-critical and non-sensitive.

The bill, when implemented, will require many private entities including Indian IT companies to review their policies regarding data protection and processing. The proposed bill applies to both the government and private firms established in India as well as abroad. Non-compliance to the regulation may lead to financial penalties up to ₹15 crore or 4% of their global annual turnover, in case of major violations.

However, the government is likely to give companies up to two years to comply with the regulations in the Data Protection Bill 2019 after it becomes a law

The draft Bill was submitted to the government by a committee led by the retired Supreme Court judge in July 2018. Aruna Sundararajan, one of the members of the Bill’s drafting panel, says, “Once the Bill is passed and notified, it will be implemented in a calibrated manner. The companies will get a lead time, but they will have to get their act together quickly as there is enough precedent set with GDPR.”

However, private companies and start-ups may have to completely renew their systems to meet the proposed regulations. The Bill seeks to give the control of the data in the hands of the people. It means organisations will have to seek the individual’s consent before taking any personal data and will have to notify them about the purpose of its use.

Within a year of its inception, over 200,000 GDPR cases were reported, and a total of 55 million fines were issued, according to the European Data Protection Board (EDPB). Overall, penalties around 38.7 crores were doled out.

The principal focus would be on balancing the need to improve technological progress. This will not only develop individuals’ trust with such enterprises, but will also help India gain and establish better trust on the larger global trade landscape.

Share
Tags: data

Recent Posts

Bengaluru’s Worsening Water Crisis Should be the Wake-Up Call for India and The World

Bengaluru is facing an acute shortage of 500 million litres of water every day, which…

3 days ago

The Aam Admi Party Conundrum: Will Kejriwal Run The Delhi Government From Prison?

Delhi's Chief Minister, Arvind Kejriwal, has been arrested by the Enforcement Directorate (ED) and will…

3 days ago

Planning to vote for Modi This Year? Wait! Give it a Read to Become an Informed Voter First

The Indian growth story has been famously dubbed the 'Amrit Kaal' by leaders and ministers…

1 week ago

Key Takeaways From Kovind Panel’s Report on One Nation One Election

The report highlights a two-step process in conducting nationwide simultaneous elections that needs many constitutional…

2 weeks ago

TEPA: How a $100 Billion Free Trade Agreement with EFTA will Benefit India?

India and the four European Free Trade Association (EFTA) countries—Iceland, Norway, Liechtenstein, and Switzerland—have finally…

2 weeks ago

All about India’s Fifth Generation Indigenous Fighter Jet AMCA

A 15,000 crore project has been cleared by the Cabinet Committee on Security(CCS) to design…

2 weeks ago