×

Our award-winning reporting has moved

Context provides news and analysis on three of the world’s most critical issues:

climate change, the impact of technology on society, and inclusive economies.

India nixes privacy bill that alarmed big tech companies, works on new law

by Reuters
Thursday, 4 August 2022 09:33 GMT

The Indian parliament building is pictured on the opening day of the parliament session in New Delhi, India, June 17, 2019. REUTERS/Adnan Abidi

Image Caption and Rights Information

The bill, first proposed in 2019 as part of Modi's crack down on tech giants, has alarmed companies such as Facebook and Google over the possible granting of powers to government to seek user data from companies

NEW DELHI, Aug 3 (Reuters) - India's government on Wednesday withdrew a data protection and privacy bill which was first proposed in 2019 and had alarmed big technology companies such as Facebook and Google, announcing it was working on a new comprehensive law.

The 2019 law had proposed stringent regulations on cross-border data flows and proposed giving the Indian government powers to seek user data from companies, seen as part of Prime Minister Narendra Modi's stricter regulation of tech giants.

A government notice said the decision came as a parliamentary panel's review of the 2019 bill suggested many amendments, leading to the need for a new "comprehensive legal framework". The government will now "present a new bill", the notice added.

IT minister Ashwini Vaishnaw told Reuters the government has started drafting the new bill, "which is in good advanced stages", with a public release "very close".

The government aims to get the new bill approved and made into law by early 2023 in the parliament's budget session which typically runs January-February, he said.

The 2019 privacy bill was designed to protect Indian citizens and establish a so-called data protection authority, but it had raised concerns among Big Tech giants that it could increase their compliance burden and data storage requirements.

"It is good that there will be a redraft from scratch," said Prasanto Roy, a New Delhi-based consultant who closely tracks India's technology policy.

"However, India still has no privacy law in sight. That's leaving data regulation open to a wide variety of sectoral regulations, something a common privacy law could have harmonised."

Asked about consultation with stakeholders on the new bill, Vaishnaw said the process "won’t be that long" because the parliamentary panel that reviewed the old bill had already gathered industry feedback.

CONCERN OVER DATA MISUSE

India says such regulations are needed to safeguard the data and privacy of citizens. Lawmakers have said that concerns about misuse of sensitive personal data have risen exponentially in India.

Companies including Facebook (META.O), Twitter (TWTR.N) and Google (GOOGL.O) have for years been concerned with many other separate regulations India has proposed for the technology sector, often straining relations between New Delhi and Washington.

After India's privacy law plan of 2019, it also floated new proposals to regulate "non-personal data", a term for data viewed as a critical resource by companies that analyse it to build their businesses. The parliamentary panel had said such non-personal data should be included in the purview of the privacy bill.

The bill also exempted government agencies from the law "in the interest of sovereignty" of India", a provision privacy advocates at the time said would allow agencies to abuse access.

"There were multiple, large concerns earlier. One has to wait and watch whether the new bill is any better," said Apar Gupta, the executive director at advocacy Internet Freedom Foundation.

(Reporting by Aditya Kalra and Aftab Ahmed in New Delhi; Editing by Bernadette Baum)

Our Standards: The Thomson Reuters Trust Principles.

-->