Digital Personal Data Protection Bill 2023 passed in Rajya Sabha: Key points


The Rajya Sabha on Wednesday (August 9) passed the Digital Personal Data Protection Bill 2023 (DPDP Bill) with a voice vote. The bill was passed after the opposition members staged a walkout over the Manipur issue. The Lok Sabha had passed the bill on Monday.

The bill has provisions to curb the misuse of individuals’ data by online platforms. The union IT Minister Ashwini Vaishnaw said the bill lays down obligations on private and government entities around collection and processing of citizen’s data.
“It would have been good had the opposition discussed the bill today (in the House). But no opposition leader or member is concerned over the rights of the citizens,” Vaishnaw said.

The bill comes six years after the Supreme Court declared “Right to Privacy” as a fundamental right. The Bill retains the contents of the original version of the legislation proposed last November, including exemptions for the Centre.
“Feel deeply privileged at being given [the] opportunity by PM Narendra Modi to help achieve this important step to protect our citizens rights and support innovation economy and governance,” Rajeev Chandrasekhar, minister of state for electronics and IT, posted on X.
Why the bill is important
The bill seeks to protect the privacy of Indian citizens while proposing a penalty of up to Rs 250 crore on entities for misusing or failing to protect the digital data of individuals.
Companies dealing with user data will have to protect personal data even if it is stored with a third-party data processor. In case of a data breach, companies must inform the Data Protection Board (DPB) and users.
Children’s data and data of physically disabled persons with guardians must be processed after consent from guardians. Furthermore, companies must now appoint a Data Protection Officer and provide details to users.
The bill also allows for the formation of a Data Protection Board (DPB), which will take care of providing remedial measures for any complaints of data breaches. It also gives power to the Board to recommend any removal of content, or blocking of any digital intermediary in the “public interest”.

Source link

By jaghit