India’s Personal Data Protection Bill set to be passed soon?

India’s Personal Data Protection Bill set to be passed soon?

Article by Tsaaro

7 min read

Table of Contents

India’s Personal Data Protection Bill set to be passed soon?

The Joint Committee of Parliament examining the Personal Data Protection Bill, 2019 after nearly two years of deliberations and five extensions and setting up of a panel has adopted its final report on the bill. The report is all set to be presented in the Winter session of the parliament that is expected to start by this month’s end along with the PDP Bill 2019, for discussion.

The Personal Data Protection Bill (PDPB), sets out to align India’s data protection regime with the EU’s GDPR. The bill establishes protections on the cross-border flow of data and includes the creation of a Data Protection Authority (DPA).

The PDPB presents the need for organizations, companies in India to build and maintain flexible data frameworks. With a flexible framework that gives you full visibility into your data, your organization can ensure compliance and accountability.

What is PDPB?

The proposal for the bill came after the Supreme Court declared in 2017 privacy as a fundamental right and directed the government to come up with a data protection regime.

In July 2017, an expert committee on data protection was set up by the Ministry of Electronics and IT (MeitY). Former Supreme Court judge Justice BN Srikrishna headed the panel that proposed a personal data protection bill and submitted its report in July 2018. The bill was introduced in the Lok Sabha as the Personal Data Protection Bill 2019, on December 11, 2019. The draft of the Data Protection Bill was referred to the parliamentary panel in December 2019. It has called for storing sensitive personal data in India, obligations of data fiduciaries to deploy safeguards, and grievance redressal mechanism.

Soon after, it was referred to a joint parliamentary committee which was to submit a report by the end of the budget session in 2020. Since then five extensions have been granted to the committee and finally, after almost two years of deliberation and opposition, the report will now be presented in the upcoming Winter session of the parliament.

Aim and Objective of PDPB:

The bill aims to protect the privacy of individuals by regulating how their data can be used and processed. It aimed to create a framework around how governments, private companies, and individuals, can process the data.

It mandates storing sensitive personal data in India. The bill also gives consumers the right to withdraw consent at any point in time. It calls for a Data Protection Authority to be established to protect individual rights, and also ensure compliance. Any failure to comply with the law will attract a penalty of 4 percent of annual turnover for the companies. It also has a provision to exempt the government in matters of national security.

Key Recommendations:

  1. To treat all social media platforms which do not act as intermediaries as publishers, and them to be held accountable for the content they host.
  2. Develop an alternative indigenous financial system for cross-border payments.
  3. Set up a dedicated lab for certification for all digital devices.
  4. In case of cross-border transfer of data, a mirror copy of sensitive and critical personal data be mandatorily brought to India.
  5. Allow no social media platform to operate in India unless the parent company handling the technology sets up an office in India.
  6. Protect the autonomy of individuals concerning their personal data, specify the follow and usage of their personal data.
  7. Establish a relationship of trust between persons and entities processing their personal data
  8. To create a framework for implementing organizational and technical measures in processing personal data and a Data Protection Authority for overseeing the processing of data.
  9. Expected to set data localization norms for companies that retain user data.


The Data Protection Bill was first brought to Parliament in 2019 and was referred to the Joint Parliamentary Committee for examination at the time. The draft Bill proposed in 2019 had been opposed by social media firms, experts, and even ministers, who said that it had too many le beneficial for both users and companies. With the latest developments as discussed above, all the Privacy professionals, Lawmakers, Tech-enthusiasts, and Corporations are looking forward to the bill being passed and revolutionizing the data privacy architecture in India. The finalization of the report clears the way for the PDPB to be considered and perhaps passed during Parliament’s Winter Session, which begins Nov. 29.

Leave a Reply

Your email address will not be published. Required fields are marked *


White Paper Personal Data Protection Law In this White Paper, we will enumerate and elucidate the various provisions of PDPL, …


In a world where data is the new oil, a threat to data is directly proportional to a threat to …


A moreprivate, open web accessible to everyone. IntroductionIn August 2019, Google announced a new initiative (known as Privacy Sandbox) to …


Introduction South Korea’s data protection watchdog recently imposed a hefty penalty on a startup for leaking a massive amount of …


DOMINOS INDIA DATA BREACH. Introduction Pizza delivery service Dominos India is the latest victim of a massive data breach that …

Recent Comments


    Would you like to read regular updates from Tsaaro.
    Subscribe to our newsletter

    Our Latest Blogs

    Read what the latest hapennings in the cyber world are and learn what the
    experts have to say about them