IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Changes to India’s data bill will lead to 'higher business failure rates'

A leading trade association says proposed alterations will make the legislation more generic and create barriers to growth

A parliamentary report recommending changes to India’s personal data bill has been described as being out of sync with the country’s ambitions for the future of its technology sector.

India’s Internet and Mobile Association of India (IAMAI) raised concerns about a Joint Parliamentary Committee (JPC) report on the Personal Data Bill 2019. The report reviewed the country’s first data protection law and was tabled in parliament last December.

The IAMAI said yesterday the recommendations have fundamentally altered the structure of the bill, morphing it from a personal data protection bill into a more generic data protection bill, according to the Economic Times. The organisation added it believes the bill will negatively impact parts of the tech industry, including large tech companies, tech services companies, and startups.

The report recommends introducing strict data localisation requirements, which the IAMAI said will lead to higher business failure rates, create barriers to growth for startups, increase costs of compliance for companies, and slow down the socioeconomic benefits gained from the digital economy. It added the changes will have a drastic negative impact on Indian consumers being able to access a truly global internet.

The JPC also suggested tasking the Data Protection Authority (DPA) with consulting the government on all cross-border sensitive personal data transfers. This not only contradicts established global practices and undermines the role of the DPA, the IAMAI argued, but also subjects data flows to a cumbersome and inefficient process.

It added the suggested retrospectively applicable requirement to bring back data taken abroad poses a number of operational and technical challenges. This is especially true since relevant businesses would be subject to policies which weren’t enforced at the time of data collection.

“This calls for wider stakeholder consultations and impact assessment reports before these recommendations are hardcoded into law,” said the IAMAI in its statement.

The association added that while the JPC expands the scope of the bill to include non-personal data, it fails to account for the different value propositions offered by the two.

The report also recommends the DPA should create a framework to monitor, test, and certify hardware and software for computing devices. The IAMAI urged the government to refrain from developing new standards as there is a time-tested regime which devices sold in the country are subjected to. It underlined this new requirement would hamper India’s ability to attract global businesses and investment, and that the current rules and regulations are sufficient to address hardware and software certification requirements.

The IAMAI also urged the government to review a suggested transparency requirement. This is very broad and may encroach upon data fiduciaries’ intellectual property rights, it said, adding it may be harmful if they're mandated to publicly disclose their algorithms and other proprietary information without adequate safeguards.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

India to roll out 6G by end of decade
Network & Internet

India to roll out 6G by end of decade

18 May 2022
Ransomware group Conti threatens to overthrow Costa Rican government
ransomware

Ransomware group Conti threatens to overthrow Costa Rican government

17 May 2022
Data centres that switch from HDDs to SSDs use 70% less power
data centres

Data centres that switch from HDDs to SSDs use 70% less power

16 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

26 May 2022