The Internet and Mobile Association of India (IAMAI) on Thursday issued a statement calling out the recent Joint Parliamentary Committee’s (JPC) report on the Personal Data Protection Bill 2019. The industry body said the recommendations of the committee are out of sync with the ground reality, with India keen to take a leadership position in the world of technology.
IAMAI has been in talks with the government, and has raised a few critical issues.
To impact tech industry segments
The JPC report was submitted to Parliament on December 16, 2021. The association is of the view that the recommendations are likely to negatively impact a cross-section of tech industry segments such as large tech companies, tech services companies. as well as digital start-ups, who form the backbone of India’s tech leadership aspirations.
On setting stringent data localisation rules, IAMAI said, “Placing restrictions on cross-border flows may lead to higher business failure rates, create barriers on the growth of start-ups, increase the cost of compliance for companies and slow down socioeconomic benefits reaped from the digital economy. It will also inevitably have a negative impact on the ability of Indian consumers to access a truly global internet.”
Additionally, the suggested retrospectively applicable requirement to bring back data taken abroad poses significant operational and technical challenges, especially since relevant businesses would be subject to policies which were not enforced at the time of data collection.
Changes recommended by the JPC also expands the scope of the bill to include non-personal data along with personal data. However, the recommendation fails to illustrate what different value propositions these two offer. IAMAI calls this premature as the expert committee report on non-personal data is yet to be finalised.
Social media concerns
IAMAI is concerned about the proposed imposition of age restrictions of 18 years on certain services. “Such a bar will exclude an important demographic from the digital ecosystem and will contradict most data regimes, which create enabling provisions for youth aged between 13 and 18 years. The government should bring in a graded and proportionate risk-based approach for children’s age of consent, depending on the kind and nature of services provided,” it said.
Counting social media as publishers instead of intermediaries restricts free speech, according to IAMAI.
“Social media intermediaries continue to have safe harbour provisions and are not regulated as publishers, based on their ‘ability’ to control content, given that this ability stems from a legal obligation. Such a provision may have drastic impacts on the use of social platforms, free speech and creativity.”
Transparency requirements
IAMAI said, “The Government should also review the ‘transparency’ requirement suggested by the JPC. It is very broad and may encroach upon the data fiduciaries’ intellectual property rights. It may be harmful to data fiduciaries if they are mandated to publicly disclose their algorithms and other proprietary information, without adequate safeguards.”
“The association is of the view that the JPC recommendations have collectively fundamentally altered the structure of the bill from a personal data protection bill to a generic data protection bill. This, in itself, calls for wider stakeholder consultations and impact assessment reports before these recommendations are hardcoded into law.”
Published on
February 24, 2022
