Advertisement
As per the proposal, hefty penalties on entities found violating the privacy of users will be imposed.
“The Data Protection Bill will be tabled in the current session,” an IT ministry official told PTI.
The draft of Personal Data Protection Bill, 2018 – which is based on the recommendations of the government-constituted high-level panel headed by Justice B N Srikrishna – restricts and imposes conditions on the cross-border transfer of personal data, and suggests setting up of Data Protection Authority of India to prevent any misuse of personal information.
Related Articles
Advertisement
“The personal data protection bill will empower an ordinary person to have command over his data. This will prohibit companies from misusing data of public which often leads to breach of privacy of individuals. An entity will have to explicitly share the purpose for which it will use data. The new rule will enable to individuals to take action against misuse of their personal data,” Indian Infosec Consortium CEO Jiten Jain said.
According to the draft proposal, failure to take prompt action on a data security breach can attract up to Rs 5 crore or 2 per cent of turnover, whichever is higher, as a penalty.
“The Bill provides that right to privacy is a fundamental right and it is necessary to protect personal data as an essential facet of informational privacy,” the draft said.
It allowed processing of personal data only for the purpose it is collected or for compliance of any law, employment and for any function of Parliament or any state legislature.