NEW DELHI: India’s personal data protection bill offers stronger provisions to users seeking deletion of their information from commercial and social platforms compared with European privacy laws according to officials and legal experts. The new Bill provides for Right to Erasure, in addition to the provision of Right to be forgotten in the draft bill submitted by a panel led by retired Supreme Court judge Justice BN Srikrishna.
The Bill allows individuals to approach the adjudicating officer under the independent regulator (the Data Protection Authority) to restrict or delete personal content that meets certain predefined criteria. The EU, meanwhile, puts the onus on the user to reach out to data controllers of companies such as Google and Facebook to delete such content.
A top government official told ET that the rules in India will apply to any organisation that has user data including “search engines”.
Legal experts are of the view that there are several implementation challenges with the provisions and the real test will come in defining what user data was required to perform the task in hand and how to ascertain that it’s purpose was now over. “It is likely to be one of the most crucial features of the Bill, the right to be forgotten may see some of the longest debates or court room battles as companies would want to design their consent requirement broadly versus data principals or individuals wanting it to narrow,” said Dipti Lavya Swain, partner at HSA Advocates.
Allowing users to seek deletion of their data was among the points that saw intense debates when the Right to be Forgotten was first coined in 2014 after a legal battle involving search giant Google. EU’s General Data Protection Regulation (GDPR) subsequently adopted the provisions when it was being framed in 2016. For instance, deletion of a search engine result throwing up past crimes that an individual has subsequently been absolved of led to arguments by people demanding that such information should not be deleted and should remain as a public record.
“The new Bill is stronger in terms of protecting the user privacy from private entities. In this regard, the Bill is an improvement over the 2018 draft,” said Udbhav Tiwari, policy advisor, Mozilla Corporation. Tiwari added the new Bill has added the provision around Right to Erasure, which says that users can ask data fiduciaries to delete the data which is no longer necessary for the purpose it was collected for. “The earlier provisions were not clear and didn’t create such active obligations on the service provider around erasure.”
A member of the Justice BN Srikrishna Committee which drafted the PDP Bill said that it remains to be seen how Right to be Forgotten and Erasure will be implemented.
“We got the feedback from companies that Right to be Forgotten is the most difficult provision to implement in the GDPR.” Even if the data fiduciary deletes the data, what happens to newspaper reports about the same incident, these are questions which will need to be carefully considered, the person told ET.
Source: ET
Image Courtesy: MP
You may also like
-
Trade Connect E-platform For Exports Is Single Window, Fast, Accessible And Transformational: Shri Piyush Goyal
-
Dot Simplifies Approval Processes For Telecom Licenses And Wireless Equipment
-
Coal Production and Supply Trends on Positive Trajectory
-
Union Minister To Release Booklets On Promotion Of Indigenous Species & Conservation Of States Fishes
-
2nd India-Japan Finance Dialogue held in Tokyo on 6th September, 2024