What the new data law must focus on


The mode of economic and social interactions worldwide has considerably shifted from offline to online. In India, this trend is noticeable on several parameters. More than 6.28 billion digital banking transactions were made in June. There are more than 1.17 billion telecom subscribers and more than 760 million active internet users. The user base of social media and messaging apps is expected to cross 1 billion by 2025. There are more than 75,000 start-ups in India and 105 unicorns. These start-ups have created more than 7.5 lakh jobs in the past seven years.

The digital economy, comprising information technology (about six million jobs), electronics manufacturing (about three million jobs), and telecom (about a million jobs) more than 10 million people in India today. In addition, three times as much indirect employment is generated by the digital economy.

India’s IT industry plays a key role in the economy. The financial year 2021-2022 marked a tipping point for the IT industry in India as the sector clocked revenue of $227 billion (more than 18 lakh crore) and crossed an important landmark of employing 5.5 million people. The world trusts the competence and responsible conduct of the Indian IT industry when it comes to handling data.

The digital economy enabled the country to address the challenges of Covid-19. Remote working, online education, the vaccination drive, and delivery of benefits were made possible by digital technologies. Thus, the emergence and sustained growth of digital interactions have brought about a massive transformation in society and the economy.

Laws concerned with the digital landscape should be consistent with the transformational changes in technology and its usage. Such laws should be focused on approach and scope. Laws must be adaptable to keep pace with changing times and technological advancements.

Protecting personal data has been a subject of discussions for a considerable time. Through this discussion process, certain core principles of personal data protection have emerged. The government is committed to upholding these principles.

Our country needs a comprehensive set of laws to holistically address the digital landscape. The regulation on personal data protection should form a consistent and seamless part of such a comprehensive set of laws. Further, the law on personal data should facilitate and nurture the innovative spirit behind the digital economy. Such a law should enable our start-up ecosystem to go from strength to strength.

From the stage of conceptualisation, the role of people who understand technology should be acknowledged. The voice of such professionals should be given due weight. This will enable a healthy evolution of a law that caters to the requirements of today’s interconnected world.

The ease of implementation of the law needs to be given due thought. In line with the changing times, the implementation structure should be born digital, ie, designed to be implemented digitally. To ensure ease of implementation, the structure and organs of the process should be compact.

An implementation structure that contains numerous tiers should be avoided in the interest of easy execution. A grievance redressal mechanism should be accessible for an individual to meaningfully exercise his/her rights. The mechanism should not be unnecessarily complex, resulting in delays and expenditure. Further, the grievance redressal mechanism should be digital by design in line with the changing nature of interactions. Comprehensibility of the law is a basic expectation of citizens. A law should be drafted in a plain and simple language that everyone can understand. This is all the most important in the law on personal data protection, which concerns every citizen of the country.

Comprehensibility of the law enables all concerned parties to understand their obligations and rights under the law. It is generally accepted that a law needs to consider the societal experience and economic imperatives. Therefore, the Indian experience with the adoption of IT must be reflected in the law on personal data. Further, the law should facilitate and nurture the innovative spirit behind the digital economy.

Penalties for non-compliance with the law should be commensurate with the harm suffered by individuals and the gravity of non-compliance. Further, the focus should shift from criminalization of non-compliance. All concerned parties should be allowed reasonable opportunity to make necessary efforts to rectify errors and comply.

The new law needs to be aligned with the vision of inclusive growth. The Digital India program is a crucial tool for realizing this vision. The objective of the Digital India is to ensure that programs for public welfare are accessible even to those at the bottom rung of the ladder. This is being achieved through direct benefit transfer, utilizing the Jan Dhan-Aadhaar-Mobile trinity. The new law on personal data needs to be consistent with the framework of Digital India. This would enable the government to extend services and benefits to citizens. Our laws should benchmark a focused approach, ease of implementation, and comprehensibility. The law on personal data should incorporate global best practices. Such law should also be rooted in the realities of our vibrant digital economy that is enabling development for all.

Ashwini Vaishnaw is Union minister for electronics and IT, communication, and railways

The views expressed are personal

.

Leave a Comment

Your email address will not be published.