By Atanu Biswas
After nearly four years of turmoil and having gone through multiple iterations including a review by a Joint Committee of Parliament (JPC), the government has now withdrawn the Personal Data Protection Bill, 2019. It is considering however, to present a new draft law which is part of the “global legal framework”. The previous bill certainly faced major pushback from a range of stakeholders, including some big tech companies and activists. Some big tech, in particular, questioned the provision of data localization in the bill.
Read also: Towards the century of India
In 2018, a panel headed by retired Supreme Court Justice Justice BN Srikrishna drafted a draft bill. The 2019 bill, however, deviated from the 2018 bill in some aspects. Then, 81 amendments were proposed and 12 recommendations were made. These included expanding the scope of the proposed law to cover discussions of non-personal data.
Data, the anatomically fully functional android from Star Trek, was self-aware, intelligent, sensitive, and fought for his own humanity. The ‘data’ in today’s world is already ‘big’ and constantly expanding – the once-in-a-century pandemic could have dramatically increased our digital dependency, producing more and more data . It is widely believed that the fourth industrial revolution would be driven by data. Therefore, the world has been busy regulating the use, storage and ownership of data. The context of data protection law is quite intriguing.
In 2009, the European Commissioner for Consumer Affairs, Meglena Kuneva, defined personal data as “the new oil of the Internet and the new currency of the digital world”. Then, as data continued to take over every element of our lifestyles, the World Economic Forum (WEF) launched a project called Rethinking Personal Data in 2010, with the aim of deepening the collective understanding of how a principled, collaborative and balanced personal management data ecosystem can evolve. Subsequently, a 2011 WEF report titled Personal Data: The Emergence of a New Asset Class saw personal data as a post-industrial opportunity. “Using a pervasive communications infrastructure, the personal data opportunity will emerge in a world where nearly everyone and everything is connected in real time. This will require a highly reliable, secure, and available infrastructure at the grassroots and robust innovation at the periphery,” the report says in an increasingly complex and complex data domain.
Read also: Valuing freedom: India’s long strides
Attempts to protect data and control its ownership are on the rise all over the world. The European Union developed its General Data Protection Regulation (GDPR) in 2018, the main objective of which is to strengthen the control and rights of individuals over their personal data and to simplify the regulatory environment for international trade. . The UK, in fact, kept the law despite its ending with the EU. GDPR has become a model for countries like Turkey, Japan, Brazil, South Korea, South Africa, and even California in the United States. China’s Personal Information Protection Law came into force in November 2021.
The 2011 WEF report claimed that a massively increased amount of personal data “generates a new wave of opportunities for the creation of economic and societal value”. In fact, in 2020, the Central Committee and the State Council of the Communist Party of China (CPC) added data on land, labor, capital and technology as a new factor of production in its “field-based allocation system and mechanism”. Interestingly, in the 2020 American docudrama The Social Dilemma, a former Google employee states: “We could tax the collection and processing of data in the same way as you, for example, pay your water bill by monitoring the amount of water you use”. Proposals to implement a data tax have recently emerged in different corners of the globe. A Data Exchange is now operational in Shanghai, where data is sold like goods are sold in hypermarkets.
“Yet we can’t just hit the ‘pause button’ and let these issues sort themselves out. Building the legal, cultural, technological and economic infrastructure to enable the development of a balanced personal data ecosystem is vitally important to improving the state of the world,” the WEF 2011 report said. So we definitely need a concrete law as soon as possible. But, what would India’s new data protection bill look like? The principles of confidentiality with respect to the Supreme Court guidelines based on the landmark judgment of 2017 on confidentiality i.e. Justice KS Puttaswamy v Union of India must be upheld, c ‘is on. And some key changes and recommendations from the previous bill would also likely be addressed. However, with the ever-changing data model, scope, domain, demand and scope, the quantum, dynamics and discoveries of hidden opportunities and dangers of personal data are bound to change in the near future. The changing pattern would also change dynamically. Any personal data protection law should incorporate the flexibility to continually make the changes required without too much hassle. However, it is never easy. I hope our law will do this in the best possible way.
Star Trek character Data tends to be more human-like. An emotion chip is added to it. A personal data protection bill certainly needs this kind of human chip, as part of its legal framework, of course. Let’s expect the Bill in his new avatar, in the near future.
The author is Professor of Statistics Indian Statistical Institute, Kolkata