After the Cyberabad police busted theft of sensitive and confidential data of 16.8 crore citizens, the Digital Data Protection Bill, which is pending in Parliament, has come to the fore again.
While police bat for the Bill saying that it will bring in accountability on those holding data and also secure the information of individuals, cyber and legal experts raise concerns on the bill and its limitations in protecting citizens.
Cyberabad police commissioner M. Stephen Ravindra said that data was the new currency and the new oil and people were products and not customers anymore. Different entities collecting data are not making sure that it is secure.
“As a result, data is now a weapon in the hands of crooks and miscreants and your data can be weaponized against you. At this juncture, every person should have a right over his data,” he said.
In view of this, the data protection Bill becomes more important, as it protects each citizen’s data and makes those holding the data more accountable and also penalise them if they resort to privacy violations.
However, the Free Software Movement in India (FSMI) differs.
“Data breach is not a new thing. It has been happening for quite some time but government bodies like CERT-In and law enforcement agencies have not done anything much on the issue, despite its threat to individuals,” said Y. Kiran Chandra, general secretary, of FSMI.
The Bill completely fails to protect the data of the user while providing the government access to personal data without any checks and balances. The situation where government data agencies are not being regulated creates a scope for mass surveillance and legitimizes any data collection by the government,” Chandra added. Though the Bill talks about ‘privacy by design’ and ‘transparency’, it fails to implement them in a binding manner. The objective should be to protect the privacy of the people and make sure that they have ultimate control over their data,” he said.
Senior advocate Ch. Sudheer Kumar said that the data protection authority needs constitutional entrenchment and that the interest of each individual should be protected.
“While MNCs should be monitored regarding the transfer of data, the bill should also lay down a framework that applies horizontally across all sectors. The bill should also provide cyber security to the individuals,” Kumar opined.
