India’s contentious Digital Personal Data Protection Bill 2023 got the go-ahead signal from the lower house of Parliament and is now pending approval in the upper house. The bill, a product of over five years of negotiations between the government, technology entities, and representatives of civil society, lays out the rules for how businesses and the government can gather and utilize data about Indian individuals.
Given India’s fast-rising internet user base, the passing of the bill is considered significant. Moreover, the world’s most populous nation is positioning itself to address the growing issues around the data gathering and usage practices of AI technologies, which have come under increasing attention globally.
Some of the key takeaways:
The bill covers the processing of digital personal data that is gathered in India, whether it be online or offline, and is then converted to digital form. Data fiduciaries will be required to keep data accurate and secure and delete it once its purpose has been served.
In particular, big tech companies must now acquire government approval before gathering consumer data and are explicitly prohibited from utilizing this data for reasons beyond the limits of the agreed-upon contracts, including selling personal information for AI training.
Additionally, the central government may exempt government agencies from the application of the provisions of the Bill on the grounds of national security, public order, prevention of offenses, etc. Establishment of the Data Protection Board of India to adjudicate on non-compliance with the provisions of the Bill.
India’s Crypto Proponents Say The Bill Is Incomplete
It is to be noted that the legislation has undergone numerous revisions over the years. The earlier version of the bill received harsh criticism, particularly from crypto lobby groups, who claimed it was unable to concentrate on the difficulties that blockchain technology faced.
Regarding the most recent one, Kashif Raza, the founder of Bitniing, a crypto education firm, stated that the public blockchain was not taken into account when the law was being drafted. He emphasized the stringent rules under the Data Controllers and Processors clause.
There are strict guidelines for data controllers and processors. In a public blockchain, there is no single data collector, and the data collected is forever.
Previously, India’s central bank, the Reserve Bank of India [RBI], urged banks to concentrate on Blockchain and AI to be future-ready at a recently organized conference.
The deputy governor of the RBI, Mahesh Kumar Jain, then spoke about risk management techniques for stable and sustainable growth. He acknowledged the disruptive paradigm shift in financial services brought on by the continuing Fintech revolution in the industry.