Subhasish Writes: With the exponential proliferation of digital data, its protection and the resultant privacy issues have posed technical, administrative and legal challenges. The Data Security Council of India (DSCI) is the industry body set up for data protection by NASSCOM. It has been actively pursuing this endeavour to make cyberspace safe and has published several documents in this regard.
On 16 October 2012, a Group of Experts headed by Justice A. P. Shah, Former Chief Justice, Delhi High Court submitted a report to the Planning Commission on the subject of data privacy. Its recommendations for the Indian Privacy Act included its objectives, scope, ambit, definitions, international obligations, constitutional basis, exceptions, harmonisation with existing laws, National Privacy Principles and Self Regulating Organisation (SRO) Privacy Standards.
Recognising the importance of data protection and keeping personal data of citizens secure, Ministry of Electronics and Information Technology (MeitY), on 31 July 2017, constituted a Committee of Experts under the Chairmanship of Justice BN Srikrishna, Former Judge, Supreme Court of India and comprising of members from Government, Academia and Industry to study and identify key data protection issues and recommend methods for addressing them. The Committee was also tasked to suggest a draft Data Protection Bill.
Meanwhile, on 09 August 2017, Telecom Regulatory Authority of India (TRAI) released a ‘Consultation Paper on Privacy, Secrecy and Ownership of Data in the Telecom Sector’ and invited comments by 22 September 2017.
On 05 November 2017, 22 eminent citizens wrote a letter to Justice BN Srikrishna requesting him, among other things, to increase the membership of the Committee and to make its proceedings transparent.
The ‘White Paper of the Committee of Experts on a Data Protection Framework for India’ was released on 26 November 2017 with a note to the public to forward all comments and suggestions by 31 January 2018. The document runs into 233 pages and poses 231 questions. The white paper is divided into five parts which have individual chapters. Within each part, the white paper sets out numerous chapters dealing with separate issues. Each of these chapters broadly follows a similar structure. The issue is set out. There is an account of comparative practice from other nations (primarily the EU, Europe, Canada, Australia, and South Africa). The Committee’s tentative view is set out. There are a series of specific questions for the public to respond to. On the basis of the responses received, the Committee will conduct public consultations with citizens and stakeholders to hear all voices that wish and need to be heard on this subject.
References with regard to Data Protection and Privacy include the following:-
- General Data Protection Regulation (GDPR) of the European Union.
- ‘International Principles on the Application of Human Rights to Communications Surveillance’ at https://necessaryandproportionate.org.
- Organisation for Economic Cooperation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data that includes the ‘OECD Privacy Principles’ at http://oecdprivacy.org/.
- Website https://internetfreedom.in/ of the Internet Freedom Foundation.