New Delhi: CUTS International, policy advisory NGO says certain key terms in in the Data Protection Bill are not properly defined and it may lead to ambiguity among consumers and service providers
It has said certain key terms such as "personal data", "sensitive personal data", "critical personal data" and "harm" are not adequately defined in the Data Protection Bill which can lead to ambiguity among consumers and service providers (data fiduciaries) alike.
The Bill covers mechanisms for the protection of personal data and proposes a data protection authority (DPA) of India. It has also sought public consultations over the Bill.
JPC panel will issue an advertisement inviting the general public and the stakeholders to send in their suggestions and given four weeks to respond.
According to the NGO, the bill goes beyond its objective of 'personal data protection' and runs the risks of regulatory overlaps. It empowers the government to gain access to non-personal data and anonymised personal data.
CUTS recommends setting up a neutral selection committee comprising members from the judiciary, civil society organisations and subject experts. The Bill should reinstate powers given to the government to the DPA, and updating to go on with cost effective analysis while exercising the same.
