According to the bill, processing or transferring personal data in violation of the norms, is punishable with a fine of Rs 15 crore or 4 per cent of the annual turnover of the fiduciary, whichever is higher
New Delhi:
Several members of a parliamentary panel examining the data protection bill have vehemently opposed a proposal to reduce the penalty amount to several crores from a fixed percentage of the global income of big tech firms found violating the privacy norms, sources said on Saturday.
The Joint Committee of Parliament on Personal Data Protection Bill, chaired by BJP MP PP Chaudhary, met here on Friday to adopt a draft report on the bill but could not do so as some more amendments have been suggested to the proposed legislation, they said.
The sources said the committee will meet again on November 22 to adopt a draft report on the bill, as several members including BJD MPs Bhartruhari Mahtab, Amar Pattnaik along with Congress MPs Manish Tewari and Jairam Ramesh opposed the proposal to reduce the penalty amount.
According to the bill, processing or transferring personal data in violation of the norms, is punishable with a fine of Rs 15 crore or 4 per cent of the annual turnover of the fiduciary, whichever is higher.
Similarly, failure to conduct a data audit, is punishable with a fine of Rs 5 crore or 2 per cent of the annual turnover of the fiduciary, whichever is higher. In the meeting, a proposal was made that the fine amount is limited to several crores on those tech firms which are found violating the privacy norms under this bill. The proposal suggested that the annual turnover option be not considered. In the next meeting to be held this month, the final draft will be shared, they said.
When contacted, BJD MP Amar Pattnaik did not say anything about the penalty clause but emphasised the need for a state-level regulator on the lines of central data authority proposed in the bill.
It would be very difficult for the Central Data Protection Authority to address all complaints including those from the district level, without proposing District Data Protection Authority, this bill violates the federal structure, he told PTI.
Pattnaik said as MPs, members of the committee want the bill which will ensure full privacy and safety to the citizens. He also added that the bill has many similarities with the European Union’s data privacy law — General Data Protection Regulation (GDPR). Central Data Protection Authority would be overwhelmed with the entire operation of the act if starts receiving complaints and settling disputes from remote areas and villages of the country. The joint committee has held wide discussions on the bill with various stakeholders, including social media giants like Twitter and Facebook, e-commerce players and telecoms.
The draft of the bill, approved by the Cabinet in December 2019, proposes to put restrictions on the use of personal data without the explicit consent of citizens. It was introduced in the Lok Sabha in February last year. Later, it was referred to the Joint Committee of Parliament then headed by BJP MP Meenakshi Lekhi. It was drafted following a Supreme Court judgement in August 2017 that declared ‘Right to Privacy a fundamental right. The need for a strong personal data protection regime was further highlighted by the apex court in its judgement in September 2018 in which it held Aadhaar as a constitutionally valid scheme but struck down some provisions in the Aadhaar Act.