In case you are serious about understanding why it was pulled out and really care about the details for such an action, I highly recommend you check the Joint Committee on the Personal Data Protection report [1] the Press Release section where they released the 534 pages report on it.
Gist of it is - the committee recommended major changes across the board in all sections of the act so the IT Ministry would rework the bill and present it for discussion again in the parliament.
I know India looks like a lawless place because of the chaotic news coverage in the NYtimes but it is a democracy and most if not all government action have rational policy choices that presented in the Indian parliament. The loksabha proceedings (especially the question hour) is the best way to understand what goes on in India.
Edit: For those without a lot of time should check the point by point explanation and rebuttal for the recommendations here [2]
While that is true on rhetoric - on practice it is not. While 60% of bills went through parliamentary scrutiny prior to 2014 - the number today is just above 10%. Also Modi has the distinction of passing maximum bills without debate and bypassing the state senate altogether.
> the committee recommended major changes across the board in all sections of the act
This bill was under discussion for 3 years. Every year the JCP keeps proposing new and different changes. After all this if you have 81/99 amendments, you have to question if it is nitpicking and stalling, especially when you have things like the Finance Bill and Farm Bill that get passed in record time.
This seems like a political decision more than anything. There is also the fact that the industry does not like this bill at all, there are some powerful corporations who entered the digital consumer space recently and would be seriously inconvenienced by this move.
India had universal suffrage in 1950 and has deep parliamentary traditions. India was a democracy before the US, France, UK, Spain and numerous other Western cradles of democracy.
US got universal suffrage in 1965 (Voting Rights act).
France was killing a million Algerians whom it ruled and were demanding self-determination in 1954-1962 and finally became colony free in 1977.
UK was running concentration camps in Kenya in the 1960s and free of its last colony in the 1980 approaching something like Universal Suffrage.
Spain was a dictatorship till 1979.
"It is a democracy" doesn't mean that it isn't also a frequently irrational cesspit. That doesn't necessarily mean it's any worse than at least two other superpowers, but it does mean it's not good. It's not due to the NYTimes coverage that the country seems the way it does, it's the exported culture (i.e. it is the face of IT-related international crime) and the types of incidents that can be found there (closing off an entire province full of normal people just because some of them do things you don't like is strictly barbaric, for example).
On the spectrum of privacy india is on the furthest end of it. No one cares about privacy and actively give their data over to everyone. For example every vendor asks for your phone number and people don’t question it at all.
As great as the privacy law sounds I have a suspicion that it will just be used by police and the government to abuse authority and silence critics like they do with people tweeting anything the government doesn’t like. Hope I am wrong
Wasn't this always the case? There were once huge "phone-books" containing all phone numbers in an area mapped to people's names. This is not much different from giving out emails
The article seems to suggest a relatively good bill shot down by a weak or corrupt government that serves the interests of big companies with bad practices who don't want to be sued, actual data predators, etc.
But without details, "Personal Data Protection" can be newspeak for government-sanctioned abuse, like laws against "Child Pornography" that are actually intended to establish interception platforms. Are there good summaries of these Indian laws?
I question your claim of a weak or corrupt government based on the article below. It sounds like there was pushback from Startups who complained about compliance intensity, concerns about definitions of data storage when it came to adversarial countries, and a host of other concerns:
History:
In 2017, the Indian Supreme Court recognised the right to privacy as a fundamental right within the ambit of the Constitution. The top court had directed the Centre to come up with a data protection framework for the country. The data protection law for India has been in the works since 2018, when a panel led by Justice Srikrishna, a retired judge of the Supreme Court, drew up a draft version of a Bill. The draft was reviewed by the JCP, which submitted its recommendations along with a draft Bill in November 2021.
Why has the Bill been withdrawn?
In a note circulated to Members of Parliament, Union IT Minister Ashwini Vaishnaw explained the reason behind the withdrawal of the Bill: “The Personal Data Protection Bill, 2019 was deliberated in great detail by the Joint Committee of Parliament. 81 amendments were proposed and 12 recommendations were made towards a comprehensive legal framework on the digital ecosystem. Considering the report of the JCP, a comprehensive legal framework is being worked upon. Hence, in the circumstances, it is proposed to withdraw ‘The Personal Data Protection Bill, 2019’ and present a new Bill that fits into the comprehensive legal framework.
The Bill was also seen as being too “compliance intensive” by startups of the country, The Indian Express had reported earlier. According to government sources, the revamped Bill will be much easier to comply with, especially for startups.
So what could the revamped Bill look like?
Specific provisions or contours of the upcoming new Bill are not known. But a senior official said that on the question of data localisation, the government is considering whether to add it to the planned new version of the Information Technology Act, and whether to allow cross-border data flows only to “trusted geographies”
When is the revamped Bill expected to be ready?
Minister of State for Electronics and IT Rajeev Chandrasekhar said the government will table the new legislation in Parliament “very quickly”. “The government has today withdrawn the Personal Data Protection Bill that was formulated in 2018 and re-written by the JCP in 2021,” Chandrasekhar said on Wednesday (August 3). “After considerable deliberation and examination of the JCP’s report, it was found that there is a need for a comprehensive redrawing of laws and rules taking into account some of the JCP’s comments and the emerging challenges and opportunities that arise from there. A comprehensive approach to the laws will be undertaken by the government and we will come back to Parliament very quickly after following the process of consultation,” he said.
According to sources in the IT Ministry, the government is aiming to bring the legislation in Parliament’s Winter Session. A senior official said that the new Bill would incorporate the broader ideas of data protection as recommended by the JCP, and would be in line with the Supreme Court’s landmark privacy judgment of 2017. Given the significant number of amendments suggested by the JCP, it was necessary to comprehensively redraw the contours of the proposed law, the official said.
FYI, they withdrew it because of major issues that need to be rectified. it will be reintroduced later after the changes have been made. this is how a parliamentary democracy works, how much ever the american media tries to present India as a lawless mess. sure there's things to improve, but name one democracy where there isn't.
If you want to read policy research on Indian goverment PRS research is a good resource. They usually analyse new bills and amendments in Indian parliament.
You can guess how sovereign a country is by how they protect their own people, and how much effort they put into it (or rather their lack of motivation)
To me this looks like their government have different interests to protect, than protecting their own people
Not a great outlook for the future of India, in a world where tech will be even more predominant and cyberwarfare will pose serious threat to democracy
They are at the mercy of the american tech giants, maybe they lobby over there? I wouldn't be surprised since both Google and Microsoft are present over there
>New Delhi [India], August 4 (ANI): Union Electronics and Information Technology Minister Ashwini Vaishnaw on Thursday explained the reason behind withdrawing the Personal Data Protection Bill, 2019, asserting that the aim is to bring new compressive legislation at par with technology landscape which is changing rapidly.
He further said that the Joint Committee of Parliament recommended 81 amendments in a Bill that was of 99 sections which practically, suggested for overhauling the Bill.
The government on Wednesday withdrew the Personal Data Protection Bill, 2019 and has decided to come up with new legislation in view of a large number of amendments suggested by the Joint Committee of Parliament towards a comprehensive legal framework on the digital ecosystem.
Speaking to ANI, the Union Minister said, the Joint Parliamentary Committee recommended major changes in the Bill, which was like rewriting the entire Bill.
“The Joint Parliamentary Committee did very extensive work. They consulted a very large number of stakeholders. After it, the Joint Committee of Parliament gave a very comprehensive report which recommended 81 amendments in a Bill that was of 99 sections, it was practically rewriting the entire bill. Apart from the amendments, they were some 12 major suggestions were there from the committee,” said Vaishnaw.
He said that it was important to withdraw the old Bill to come up with a contemporary and modern legal framework to tackle the challenges of coping with the rapidly changing technology.
Let's see what happens. Personally, most people really don't cares about their data privacy, it only really became a talking point when TikTok started gaining dominance in India cause China is a geopolitical and millitary threat. I don't have any real hopes of them enacting something close to the GDPR ever.
Majority of the arguments posted here are only for "Modi-ashing"; I'd be tempted to assume they have no idea about the inner workings of the parliamentary processes or how laws are made or governed.
The "discussion" has veered off from the initial Joint Parliamentary Committe reports on the incompatibility of the far reaching law on personal data protection. The bill is just withdrawn to be replaced by a different one. There's nothing special there. That's the purpose of the JPC, and I am glad the Government avoided the adversarial clash with the JPC to account for the suggestions therein.
I do not understand why legislator of a non-US country is not instantly copying GDPR. It has solid spread already and the rules are adequately balancing customers, law and company interests (yes, that does not look like but hey, advertisement is still possible). International collaboration is much easier like that.
GDPR has this very fancy article saying: This all applies, except a law says otherwise. As a government, this is then up to you how many laws you create for your own surveillance and other state apparatus. Citizens get a nice benefit. Big companies anyway need to adhere to GDPR one way or the other due to the international market. Local companies which want to collect citizens data should get their users consent. That is not so hard. Even data privacy paranoid Germany has a private credit rating system which works for 50+ years.
There is no other reason except corruption/lobbyism which would require a legislator to vote against a GDPR like approach. There is no risk to your economy by introducing good data privacy.
Because there will be people for whom any changes would massively affect their ability to do their work/business who would not simply accept something as comprehensive as GDPR.
As the OP article says, even if not perfect, why not start here and make amendments later to tighten things up i.e. something is better than nothing. The real problem is that legislation is glacially slow and expensive to put into law which is good (to stop kneejerk laws) but also bad since it doesn't allow you to pass the 90% that is probably agreed and worry about the sticky bits later.
India doesn't have enough purchasing power to convince big tech companies (Google, Facebook, etc.) to store the data of Indian residents in India. Also, there are not many local tech monoliths with consumer apps to fall back on (like China had).
Since India depends heavily on apps & services by big tech, I doubt such requirements like GDPR has would be enforced. Although the right to ask a website to delete all information about one and so on are quite good and could work.
I'm always on board for criticism of any ruling government, Modi included. But in this case, it seems like OP is wrong. They're coming up with a replacement bill. It won't be GDPR, but it'll be something.
[+] [-] kobiguru|3 years ago|reply
Gist of it is - the committee recommended major changes across the board in all sections of the act so the IT Ministry would rework the bill and present it for discussion again in the parliament.
I know India looks like a lawless place because of the chaotic news coverage in the NYtimes but it is a democracy and most if not all government action have rational policy choices that presented in the Indian parliament. The loksabha proceedings (especially the question hour) is the best way to understand what goes on in India.
Edit: For those without a lot of time should check the point by point explanation and rebuttal for the recommendations here [2]
1. http://loksabhaph.nic.in/Committee/CommitteeInformation.aspx...
2. https://vidhilegalpolicy.in/wp-content/uploads/2022/01/JPC-P...
[+] [-] anuraj|3 years ago|reply
[+] [-] potamic|3 years ago|reply
This bill was under discussion for 3 years. Every year the JCP keeps proposing new and different changes. After all this if you have 81/99 amendments, you have to question if it is nitpicking and stalling, especially when you have things like the Finance Bill and Farm Bill that get passed in record time.
This seems like a political decision more than anything. There is also the fact that the industry does not like this bill at all, there are some powerful corporations who entered the digital consumer space recently and would be seriously inconvenienced by this move.
[+] [-] zepearl|3 years ago|reply
The Committee observes that it is impossible to distinguish personal and non-personal data. Therefore...
That sounds to me like a crazy statement for a new law that was in the process of being created since years?
[+] [-] haltingproblem|3 years ago|reply
US got universal suffrage in 1965 (Voting Rights act). France was killing a million Algerians whom it ruled and were demanding self-determination in 1954-1962 and finally became colony free in 1977. UK was running concentration camps in Kenya in the 1960s and free of its last colony in the 1980 approaching something like Universal Suffrage. Spain was a dictatorship till 1979.
[+] [-] eatonphil|3 years ago|reply
To be fair I can't think of any specific sites like that I follow for US law/policy news, just a variety of people on Twitter.
[+] [-] LightG|3 years ago|reply
[+] [-] venkat223|3 years ago|reply
[+] [-] donedealomg|3 years ago|reply
[deleted]
[+] [-] krageon|3 years ago|reply
[+] [-] yalogin|3 years ago|reply
As great as the privacy law sounds I have a suspicion that it will just be used by police and the government to abuse authority and silence critics like they do with people tweeting anything the government doesn’t like. Hope I am wrong
[+] [-] cuteboy19|3 years ago|reply
[+] [-] iamgopal|3 years ago|reply
[+] [-] HelloNurse|3 years ago|reply
But without details, "Personal Data Protection" can be newspeak for government-sanctioned abuse, like laws against "Child Pornography" that are actually intended to establish interception platforms. Are there good summaries of these Indian laws?
[+] [-] portpecos|3 years ago|reply
History:
In 2017, the Indian Supreme Court recognised the right to privacy as a fundamental right within the ambit of the Constitution. The top court had directed the Centre to come up with a data protection framework for the country. The data protection law for India has been in the works since 2018, when a panel led by Justice Srikrishna, a retired judge of the Supreme Court, drew up a draft version of a Bill. The draft was reviewed by the JCP, which submitted its recommendations along with a draft Bill in November 2021.
Why has the Bill been withdrawn?
In a note circulated to Members of Parliament, Union IT Minister Ashwini Vaishnaw explained the reason behind the withdrawal of the Bill: “The Personal Data Protection Bill, 2019 was deliberated in great detail by the Joint Committee of Parliament. 81 amendments were proposed and 12 recommendations were made towards a comprehensive legal framework on the digital ecosystem. Considering the report of the JCP, a comprehensive legal framework is being worked upon. Hence, in the circumstances, it is proposed to withdraw ‘The Personal Data Protection Bill, 2019’ and present a new Bill that fits into the comprehensive legal framework.
The Bill was also seen as being too “compliance intensive” by startups of the country, The Indian Express had reported earlier. According to government sources, the revamped Bill will be much easier to comply with, especially for startups.
So what could the revamped Bill look like?
Specific provisions or contours of the upcoming new Bill are not known. But a senior official said that on the question of data localisation, the government is considering whether to add it to the planned new version of the Information Technology Act, and whether to allow cross-border data flows only to “trusted geographies”
When is the revamped Bill expected to be ready?
Minister of State for Electronics and IT Rajeev Chandrasekhar said the government will table the new legislation in Parliament “very quickly”. “The government has today withdrawn the Personal Data Protection Bill that was formulated in 2018 and re-written by the JCP in 2021,” Chandrasekhar said on Wednesday (August 3). “After considerable deliberation and examination of the JCP’s report, it was found that there is a need for a comprehensive redrawing of laws and rules taking into account some of the JCP’s comments and the emerging challenges and opportunities that arise from there. A comprehensive approach to the laws will be undertaken by the government and we will come back to Parliament very quickly after following the process of consultation,” he said.
According to sources in the IT Ministry, the government is aiming to bring the legislation in Parliament’s Winter Session. A senior official said that the new Bill would incorporate the broader ideas of data protection as recommended by the JCP, and would be in line with the Supreme Court’s landmark privacy judgment of 2017. Given the significant number of amendments suggested by the JCP, it was necessary to comprehensively redraw the contours of the proposed law, the official said.
https://indianexpress.com/article/explained/explained-sci-te...
As a side note: I don't know why AccessNow.org's blog post was upvoted. It's extremely light on details.
[+] [-] shreyshnaccount|3 years ago|reply
[+] [-] pvsukale3|3 years ago|reply
If you want to read policy research on Indian goverment PRS research is a good resource. They usually analyse new bills and amendments in Indian parliament.
https://prsindia.org/
[+] [-] alephnerd|3 years ago|reply
[+] [-] girishso|3 years ago|reply
[+] [-] Kukumber|3 years ago|reply
To me this looks like their government have different interests to protect, than protecting their own people
Not a great outlook for the future of India, in a world where tech will be even more predominant and cyberwarfare will pose serious threat to democracy
They are at the mercy of the american tech giants, maybe they lobby over there? I wouldn't be surprised since both Google and Microsoft are present over there
[+] [-] mynameismon|3 years ago|reply
Where did you derive this from? They are not scrapping the bill in its entirety, rather, they are bringing out a replacement bill.
[+] [-] anshumankmr|3 years ago|reply
He further said that the Joint Committee of Parliament recommended 81 amendments in a Bill that was of 99 sections which practically, suggested for overhauling the Bill.
The government on Wednesday withdrew the Personal Data Protection Bill, 2019 and has decided to come up with new legislation in view of a large number of amendments suggested by the Joint Committee of Parliament towards a comprehensive legal framework on the digital ecosystem.
Speaking to ANI, the Union Minister said, the Joint Parliamentary Committee recommended major changes in the Bill, which was like rewriting the entire Bill.
“The Joint Parliamentary Committee did very extensive work. They consulted a very large number of stakeholders. After it, the Joint Committee of Parliament gave a very comprehensive report which recommended 81 amendments in a Bill that was of 99 sections, it was practically rewriting the entire bill. Apart from the amendments, they were some 12 major suggestions were there from the committee,” said Vaishnaw.
He said that it was important to withdraw the old Bill to come up with a contemporary and modern legal framework to tackle the challenges of coping with the rapidly changing technology.
https://theprint.in/india/personal-data-protection-bill-with...
Let's see what happens. Personally, most people really don't cares about their data privacy, it only really became a talking point when TikTok started gaining dominance in India cause China is a geopolitical and millitary threat. I don't have any real hopes of them enacting something close to the GDPR ever.
[+] [-] stereoradonc|3 years ago|reply
The "discussion" has veered off from the initial Joint Parliamentary Committe reports on the incompatibility of the far reaching law on personal data protection. The bill is just withdrawn to be replaced by a different one. There's nothing special there. That's the purpose of the JPC, and I am glad the Government avoided the adversarial clash with the JPC to account for the suggestions therein.
[+] [-] oaiey|3 years ago|reply
GDPR has this very fancy article saying: This all applies, except a law says otherwise. As a government, this is then up to you how many laws you create for your own surveillance and other state apparatus. Citizens get a nice benefit. Big companies anyway need to adhere to GDPR one way or the other due to the international market. Local companies which want to collect citizens data should get their users consent. That is not so hard. Even data privacy paranoid Germany has a private credit rating system which works for 50+ years.
There is no other reason except corruption/lobbyism which would require a legislator to vote against a GDPR like approach. There is no risk to your economy by introducing good data privacy.
Just a rant. India might have its reasons.
[+] [-] lbriner|3 years ago|reply
As the OP article says, even if not perfect, why not start here and make amendments later to tighten things up i.e. something is better than nothing. The real problem is that legislation is glacially slow and expensive to put into law which is good (to stop kneejerk laws) but also bad since it doesn't allow you to pass the 90% that is probably agreed and worry about the sticky bits later.
[+] [-] randomperson_24|3 years ago|reply
Since India depends heavily on apps & services by big tech, I doubt such requirements like GDPR has would be enforced. Although the right to ask a website to delete all information about one and so on are quite good and could work.
[+] [-] 1sembiyan|3 years ago|reply
[+] [-] known|3 years ago|reply
[deleted]
[+] [-] marioexpert|3 years ago|reply
[deleted]
[+] [-] pmg1991|3 years ago|reply
[+] [-] the_common_man|3 years ago|reply
[+] [-] nindalf|3 years ago|reply
[+] [-] dev080913|3 years ago|reply
[deleted]
[+] [-] klors|3 years ago|reply
This is nothing against China/India etc., I'm sure their populations do not like the direction either.
[+] [-] eklavya|3 years ago|reply
[+] [-] ksquarekumar|3 years ago|reply
[deleted]