Blog Posts Business Management

Update: NASSCOM-DSCI Feedback on the Personal Data Protection Bill, 2019

Blog: NASSCOM Official Blog

As a part of the consultation process undertaken by the Joint Parliamentary Committee (JPC) chaired by Member of Parliament, Smt. Meenakshi Lekhi, NASSCOM, together with the Data Security Council of India (DSCI) submitted their comments on the Personal Data Protection Bill, 2019 (PDP Bill) on 26 February 2020. The NASSCOM-DSCI submission was prepared based on extensive industry consultation carried out between December 2019 and January 2020.

More recently, NASSCOM was invited by the JPC to submit a presentation on its views on the PDP Bill. Accordingly, NASSCOM and DSCI submitted a presentation deck before the JPC on 8 July 2020, highlighting the key points from its February 2020 Submission.

In particular, the presentation highlighted the eight foreseeable challenges in the context of the PDP Bill:

As with the February 2020 submissions, NASSCOM-DSCI highlighted that certain types of personal data, such as Official Identifiers and Financial Data, should not be treated as Sensitive Personal Data under the PDP Bill – given especially the wide definitions afforded to these terms under the PDP Bill. Instead, it was advocated that a risk-based approach should be adopted to the classification of Sensitive Personal Data.

Likewise, emphasis was also placed on the need to extend the “reasonable purposes” ground available for the processing of Personal Data, to the processing of Sensitive Personal Data as well – particularly, in the context of processing of Sensitive Personal Data for employment purposes (such as processing of biometric data for maintenance of attendance).

Other issues, such as greater clarity over adequacy mechanisms, and the precise scope and conditions of the exemption to processing of foreign nationals’ data; in addition to making such an exemption explicit in the Bill itself.

A point was also made as to the inclusion of Non-Personal Data within the Scope of the PDP Bill, especially considering that the Ministry of Electronics and Information Technology (MeitY) has already established a Committee on Non-Personal Data, to consider in detail the framework for sharing of non-personal data, together with adequate safeguards for such sharing.

Lastly, the presentation emphasized upon the need for the DPA to be independent, and for it to adopt a co-regulatory approach through hard-coded obligations to consult industry and other regulators. Likewise, the DPA should imbibe regulatory governance, and adopt open and effective consultation processes.

NASSCOM and DSCI have not deposed before the JPC as on date. The contents of our submissions to the JPC are being withheld from publication, till the conclusion of the JPC’s process.



The post Update: NASSCOM-DSCI Feedback on the Personal Data Protection Bill, 2019 appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples