New draft for privacy data bill to allow info transfer with certain countries
The IT ministry published the draft on Friday for public consultation and will hear public views on the proposal until December 17
India’s new comprehensive data privacy law proposal details the ways in which companies will be handling the data of customers, including the permission for cross-border data transfer with certain countries, according to reports.
The IT ministry published the draft on Friday for public consultation and will hear public views on the proposal until December 17. This move comes at a time when there is much scrutiny around privacy and data in India, with big tech firms constantly battling with the government regarding these issues. The draft could offer a sigh of relief for certain big tech companies, the reports say.
The previous bill was withdrawn three months ago due to public and company concerns.
“The purpose of this Act is to provide for the processing of digital personal data in a manner that recognizes both the right of individuals to protect their personal data and the need to process personal data for lawful purposes and for matters connected therewith or incidental thereto,” the draft mentions.
According to the reports, the proposal seeks to give the central government powers to exempt state governments from the law in the interest of national security. It also proposes companies use data for their original purposes only and seeks accountability from firms on personal data for the users for the precise purpose they collected it.
No storage of data will be allowed to the companies by default, the draft mentions and proposes a penalty of up to $30.6 million in the event a firm fails to provide “reasonable security safeguards to prevent personal data breach.”
There’s another $24.5 million fine if the company fails to notify local authorities and users of failure to disclose the personal data breach, the reports mentioned.
