A dozen industry organizations around the world have sent a joint letter to the government saying that India’s Data Protection Bill will not be implemented as recommended in a Parliamentary panel.
Before the bill is introduced into Parliament, industry associations sought to have more consultations with stakeholders.
The U.S. and Japan, Europe, Southeast Asia, and India-based industry bodies include ITI, JEITA and TechUK. These bodies represent thousands of companies and technology majors such as Google, Amazon, Cisco and Dell.
The March 1st letter was addressed to Ashwini Vaishnaw (Union Communications and IT Minister) and stated that the Parliamentary Panel’s report included novel recommendations for the personal information protection bill. This bill, if passed, would be a powerful disincentive for India’s innovation ecosystem as well as the promise of a billion-dollar digital economy.
These bodies expressed concern about the inclusion of non-personal information, restrictions on cross border data transfers, data localisation obligations and mandatory hardware and AI software certificates.
According to industry bodies, requiring companies to store data locally in India will compromise privacy and cybersecurity by limiting the availability of state-of-the art solutions globally.
The letter stated that “When these and other recommendations from this report are viewed as a whole their result, if they are enacted would lead to a significant deterioration in India’s economic environment, degrading India’s ease of doing business in India and with India, and negatively impacting India’s domestic start-up ecosystem, and global competitiveness.”
According to industry bodies, the proposal to establish a domestic SWIFT bank system is also unorthodox. This recommendation goes beyond the scope of this report’s objectives and would have a significant negative impact on India’s financial sector and digital payment ecosystem.
Kumar Deep, ITI India’s country manager, stated that India needs to have extensive consultation in order to create a privacy legislation that is future-ready. India can be a leader in this regulatory space by creating a dynamic data privacy legislation that serves all stakeholders. Opposition parties also raised concerns about the recommendations of the panel regarding the proposed data protection authority and clauses they feel violate the rights states.
On Thursday, Rajev Chandrasekhar, Minister of State for Electronics and IT, stated that the government was reviewing the concerns expressed by stakeholders to the ministry.
“So we are extremely careful that whatever legislation we do in the digital ecosystem will be enabling legislation…legislation that improves the momentum of growth of the digital economy rather than create any problems going down the road,” he had said.