The Centre withdrew the Personal Data Protection Bill amid widespread contentions about it violating fundamental rights on Wednesday, 3 August.
The bill, which sought to regulate how an individual's data can be used by companies and the government, was withdrawn in the Lok Sabha during the ongoing Monsoon Session, after a joint parliamentary committee suggested 81 changes to it.
IT Minister Ashwini Vaishnaw told The Economic Times that a new Data Bill draft was almost ready and would be put out for public consultation soon.
"The entire work on the drafting of the new bill is almost complete. It is at a very advanced stage. We will go through the entire approval process soon and present the new bill in the coming session or the forthcoming session," he said.
The bill had been sent for review to the panel in 2019, following widespread opposition which claimed that it gave the government sweeping access to an individual's personal data for "national security."
What Was the Bill About?
Here are the points of note:
The new bill allows for conditional cross-border transfer of 'sensitive personal data', while 'critical personal data' (yet to be defined) cannot leave the country except in very limited circumstances.
It also allows for broad exemptions for the government from the provisions of the bill.
The Joint Parliamentary Committee (JPC) recommended that the central government formulate a comprehensive data localisation policy and ensure that a mirror copy of the sensitive and critical personal data stored abroad is brought back to India.
It also asked the government to play a consultative role with the proposed Data Protection Authority (DPA) in approving the cross-border transfer of sensitive personal data through a contract or an intra-group scheme.
The JPC recommended stringent measures for limiting data collection from people below 18. Companies might be barred from profiling, tracking, behaviourally monitoring children and their data.
According to the committee, social media platforms should be accountable for the content they host from unverified accounts.
It has also recommended that non-personal data be within the scope of the new bill. However, there are a lot of unanswered questions here, since such a move is unprecedented.