The Committee set up to decide on data protection in India has come up with new amendments to be made. The Justice B.N. Srikrishna Committee on data protection in our country has given some suggestions to make amendments to various laws which includes Aadhaar Act to provide for the imposition of penalties on data fiduciaries. Along with that, it has suggested compensations to data principals in case of violations of the data protection law.
The report, comprising of 213 page report and prepared by a 10 member committee set up last year under the chairmanship of the retired Supreme Court judge was submitted to Law and Electronics Minister Ravishankar Prasad who made it clear that the government will go through the draft bill and take stakeholder comments before getting Cabinet approval for finalizing the legislation.
Justice Srikrishna said data privacy is a burning issue and there are three parts to the triangle. “The citizen’s rights have to be protected, the responsibilities of the states have to be defined but the data protection can’t beat the cost of trade and industry.”
The report comes at a time when there have been several controversies relating to alleged leakage of biometric details of Aadhaar card holders and the ongoing Supreme Court hearing in the case related to data protection.
Under the report, there are penalties for violations, criminal proceedings, setting up a data authority, provision of withdrawal of consent and concept of consent fatigue.
Under its recommendations, the committee was informed that the data protection law will set up Data Protection Authority (DPA), which is an independent regulatory body completely responsible for the enforcement and implementation of the law. Broadly seen, the law will perform the functions of monitoring and enforcement, legal affairs, policy and standard setting, research and awareness and inquiry, grievance handling and adjudication.
The draft bill has given some suggestions that penalties to be imposed on data fiduciaries and compensations may be awarded for violating any of the data protection law.
“The penalties imposed would be an amount up to the fixed upper limit or a percentage of the total worldwide turnover of the proceeding financial year, whichever is higher. Offenses created under the law should be limited to any intentional or reckless behavior, or to damage caused with the knowledge to the data principals in question.”
Under the law’s jurisdiction, processing of personal data if it is used, shared, disclosed, collected or otherwise processed in India.
You May Also Read: Following Maratha Footsteps, Dhangar Leader Warns Of Protests If ST Status Not Given