In Part 10 of the #DataProtectionTop10 series, we discuss the need for protection of whistleblowers, digital security researchers, and vulnerability testers. We recommend that the Bill make suitable amendments to provide clear provisions detailing such protections.
In Part 9 of the #DataProtectionTop10, we analyse some miscellaneous provisions in the PDPB and recommend that the Bill acknowledge a natural person as the owner of her data, provide sound provisions for facilitating the transition to the new regime, and give the RTI Act precedence over the Bill.
We analyse the provisions in the Personal Data Protection Bill, 2019 which relate to the Data Protection Authority of India (DPA) and its independence, transparency, and constitution. We recommend that it not be bound by the Central Government’s orders.
In Part 7 of the #DataProtectionTop 10 series, we discuss the provisions in the Bill which enable the State to engage in large scale surveillance. Blanket exemptions without a sound oversight and review mechanism raise concerns. Thus, we recommend that a chapter on surveillance reforms be inserted.
In part 6 of the #DataProtectionTop10 series, we look at the restrictions imposed by the PDPB on the transfer of personal data outside India. We recommend that the Bill explicitly define critical personal data and not impose undue restrictions that affect the open nature of the internet.