Senior Congress leader Dr Abhishek Singhvi has criticised the proposed Data Protection Bill 2019 and said that it looks like a "data access act". He further accused the government of providing draconian and blanket powers in the bill to snoop and surveillance on personal data of the citizens on "vague general extremely broad grounds of derogation".
Proposed #Dataprotectionact looking like data access act. Detailed comm report after so much delay departed from by govt in draft bill by providing draconian and blanket powers to snoop and do surveillance on personal data on vague general extremely broad grounds of derogation— Abhishek Singhvi (@DrAMSinghvi) December 11, 2019
The much-talked-about legislation to protect personal data will allow processing of private data without the explicit consent of the owner of the information for credit scores, debt recovery, security, operation of search engines and whistleblowing. The draft Personal Data Protection Bill, 2019, which is likely to be introduced in the Lok Sabha in the next couple of days, bars storing and processing of personal data by entities without the explicit consent of an individual. It, however, provides for exemptions for "reasonable purposes" such as "prevention and detection of any unlawful activity including fraud, whistleblowing, merger and acquisitions, network and information security, credit scoring, recovery of debt, processing of publicly available personal data, and the operation of search engines."
One of the provisions of the draft bill states that the Centre can - in the interest of sovereignty, the security of the state, and public order - "direct that all or any of the provisions of this Act shall not apply to any agency of the Government in respect of processing of such personal data..." The exemptions may face backlash from privacy activists and citizens after the Whatsapp snooping controversy that allegedly took place through an Israel security firm that sells spyware to government agencies globally. The bill provides for a penalty of up to ₹15 crore or 4% of global turnover for companies found violating norms under the Personal Data Protection Bill, while in case of certain minor violations, it proposes a penalty of ₹5 crores or 2% of the global turnover.
(With PTI inputs)