Gvt controls under data protection bill to hit data centre investment

NEW DELHI: Significant controls and exemptions to the government under the proposed Digital Personal Data Protection bill 2022 are likely to make it harder for companies to invest in data centres and data processing activities in India, according to global technology industry body ITI.

The Ministry of Electronics and IT has floated draft Digital Personal Data Protection (DPDP) Bill 2022 and has invited comments on the same till January 2.

“The Bill grants significant controls to the executive arm of GOI (Government of India) and delegates much of the detailed rulemaking authority to separate, as yet undefined processes. GOI is also afforded a broad exemption from the Bill’s application, which could make it harder for companies to invest in data centers and data processing activities in India,” ITI said in its submission.

ITI represents global technology majors such Google, Microsoft, Meta, Twitter.

The draft DPDP has exempted government-notified data fiduciaries from several compliance burdens such as provisions dealing with informing an individual about the purpose for data collection, collection of children’s data, risk assessment around public order, appointment of data auditor, etc. The bill proposes to exempt government notified data fiduciaries from sharing details of data processing with the data owners under the “Right to Information about personal data”.

The minister of state for electronics and IT Rajeev Chandrasekhar has said the exemptions for the government will be only in special circumstances like maintaining public order, emergency, pandemic, national security etc.

The industry body, however, has supported the bill on various points such as permission to store data outside India, delineation of roles and responsibilities of entities that determine the purposes and means of the processing of personal data (Data Fiduciary), and entities that process personal data solely under direction and contract (Data Processor) etc.

“The Digital Personal Data Protection Bill represents the cornerstone of India’s broader digital ecosystem. ITI considers this an important moment for India to demonstrate global leadership in developing robust and consistent data protection standards that enable innovation and facilitate cross-border trade, ITI India country director Kumar Deep said on Monday.