The Scope of the Draft Digital Data Protection Bill Should be Extended to Offline Mode Too!

  • The digitalization boom witnessed around the world is most welcome as the data in the form of information, education, entertainment, and welfare schemes/measures could be reached out to deserving individuals in real-time. Indeed, government authorities are increasingly using digital mediums to pass on several benefits to the citizens without relying on the erstwhile conventional methodologies. The penetration of digital usage is most heartwarming even in a developing country like India which is encouraging more citizens to get into the fold.  However, as is the case with any other medium, digital medium too faces challenges in the form of data protection.

PC: Tele Graph India

  • In the absence of enough safeguards, this issue assumes paramount importance. Mind you, there is an abundance of anti-social elements out there to exploit the gullibility of the citizens to siphon-off hard-earned money. With the explosion of digital usage, the vulnerability associated with the medium had to be plugged by introducing foolproof data protection laws to safeguard the interests of citizens.  We know the earlier digital data protection bill introduced in Parliament was withdrawn.  Now, a draft digital data protection bill is introduced.  However, why not extend the same to offline/physical data as well as cases of data theft keeps making headlines?
  • Karnataka is in the news for one such incident in recent times. As you are aware, with an assembly election just a few months away, Karnataka’s political landscape has been rocked by controversy over the illegal harvesting of sensitive personal data. An NGO, Chilume Educational, Cultural and Rural Development Trust, is in the midst of the controversy.  The NGO was given permission by the Bengaluru civic authority for a voter awareness drive.  Representatives of the NGO later posed as civic officials, with government identity documents, and collected sensitive personal data.  The civic body has terminated the contract and some representatives of the NGO have been arrested.

PC: I-Scoop

  • While the incident fed into charged pre-election political wrangling, it also highlights a larger question on personal data protection. The trigger to legislate protection for personal data arises from Indian jurisprudence that identified the right to privacy as an inalienable right. Safeguards are needed because personal data is a valuable commodity, which attracts many shady players.  The bill in the offing restricts itself to just data scooped up through digital means alone not extending to offline collection.  As the incident in Bengaluru shows unfair modes of harvesting personal data need not be confined to digital platforms.
  • Since the underlying principles of establishing legal safeguards to check unfair harvesting of personal data are the same regardless of the medium, there’s a case to extend the scope of the draft digital personal data protection bill. Core principles such as proper consent, purpose limitation, and legal basis to collect data apply both to online and offline modes.  The draft bill in its present form lacks it.  Wide exemptions without adequate safeguards will create a powerful incentive to abuse power.  Improper issue of government identities in Bengaluru is one such example.  Thus, the final bill should plug these gaps.