Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation

Indian lawmakers approved a data protection legislation that “seeks to better regulate big tech firms and penalize companies for data breaches” as several groups expressed concern over citizens’ privacy rights.

Indian lawmakers Wednesday approved a data protection legislation that “seeks to better regulate big tech firms and penalize companies for data breaches” as several groups expressed concern over citizens’ privacy rights.

The legislation will limit cross-border transfer of data and provide a framework for setting up a data protection authority to ensure compliance from tech companies, Information Technology and Telecom Minister Ashwini Vaishnaw said.

Several opposition lawmakers and digital experts say the legislation would allow the government and its agencies to access user data from companies and personal data of individuals without their consent as well as collect private data in a country where digital freedoms have been shrinking since Prime Minister Narendra Modi took office in 2014.

Digital experts also fear that the legislation will weaken the landmark Right To Information law — passed in 2005 — that allows citizens to seek data from public officers, such as salaries of state employees.

“It jeopardizes privacy, grants excessive exemptions to the government, and fails to establish an independent regulator,” digital rights group Access Now said in a statement, adding it will enhance the government’s control over personal data and increase censorship.

The upper house of Parliament passed the Digital Personal Data Protection bill which would later be signed by the country’s ceremonial president, a formality, before becoming law. It was passed by the lower house of the Parliament on Monday.

The legislation is the government’s third attempt to pass such legislation and comes nearly six years after India’s top court ruled that privacy is a fundamental right of every citizen — a landmark judgment that was widely hailed as a win for individual freedom.

Earlier drafts of the legislation had raised similar concerns.

Advertisement. Scroll to continue reading.

Proponents of the legislation have long been saying a data protection law is necessary for a country like India where financial fraud and data leaks are rampant, adding that it could act as a crucial step to protect people’s information from commercial and political exploits.

In 2021, India introduced sweeping regulatory laws that have put social media companies and digital platforms under direct government oversight. Modi’s government said it was needed to quell misinformation and hate speech and to give users more power to flag objectionable content. Critics of the law, however, said the law would lead to online censorship in India, particularly on social media platforms like X, previously known as Twitter.

Related: India Claims It Foiled Chinese Cyberattack on Disputed Border

Related: Indian Cyberspies Expose Their Operation After Infecting Themselves With RAT

Related: India-Linked Threat Actor Involved in Spying, Planting Evidence

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights