The Indian government is withdrawing its long-awaited Personal Data Protection Bill that drew scrutiny from several privacy advocates and tech giants who feared the legislation could restrict how they managed sensitive information while giving government broad powers to access it.
The move comes as a surprise as lawmakers had indicated recently that the bill, unveiled in 2019, could see the “light of the day” soon. New Delhi said Wednesday that the government received dozen of amendments and recommendations from a Joint Committee of Parliament that “identified many issues that were relevant but beyond the scope of a modern digital privacy law,” said India’s Junior IT Minister Rajeev Chandrasekhar.
The government will now work on a “comprehensive legal framework” and present a new bill, he said.
“The Personal Data Protection Bill, 2019 was deliberated in great detail by the Joint Committee of Parliament 81 amendments were proposed and 12 recommendations were made towards comprehensive legal framework on digital ecosystem. Considering the report of the JCP, a comprehensive legal framework is being worked upon. Hence, in the circumstances, it is proposed to withdraw. The Personal Data Protection Bill, 2019′ and present a new bill that fits into the comprehensive legal framework,” India’s IT Minister Ashwini Vaishnaw said in a written statement Wednesday.
The Personal Data Protection Bill sought to empower Indian citizens with rights relating to their data. India has seen an explosion of personal data in the past decade as hundreds of citizens came online for the first time and started consuming a number of apps. But there has been uncertainty on how much power the individuals, private companies and government agencies have over it.
The bill drew criticism from many industry stakeholders. New Delhi-based privacy advocacy group Internet Freedom Foundation said the bill “provides large exemptions to government departments, prioritises the interests of big corporations, and does not adequately respect your fundamental right to privacy.”
Meta, Google and Amazon were some of the companies that had expressed concerns about some of the recommendations by the join parliamentary committee on the proposed bill.
The bill also mandated that companies may only store certain categories of “sensitive” and “critical” data including financial, health and biometric information in India.