On a day when the long-awaited report on the Data Protection Bill 2019 was tabled in Parliament, the Chairperson of the Joint Parliamentary Committee and BJP MP P.P. Chaudhary stresses that divulging the reasons for exemptions to government agencies would imperil the security of the state.
The report has been in the works for the last two-years. You got less than six months as the Chairperson. What were the challenges?
The primary challenge was that with the ever-changing technology, we cannot visualise what other compliance problems could crop up in the future. Our endeavour was to write a comprehensive and futuristic report. Also, it is a very technical subject. Since I took over, there were 16 meetings, that included a study tour too. The committee introduced 170 new amendments since I got the job in July this year.
There were seven dissent notes from the members, many of them aimed at the controversial clause 35 that gives exemption to the government agencies. Why did the committee retain it despite so many questions?
The clause 35 is very clear; it exempts the government agencies from the purview of the law only for the reasons of “public order”, "sovereignty", "friendly relations with foreign states" and "security of the state". And the reasons to seek exemption have to be noted in writing. Now, some of the members wanted this record of reasons to be tabled for Parliament's approval. It simply can’t be done! By divulging the reasons would imperil the security of the state. It would have been at cross purpose of why such an exemption is being given. If there is a conflict between interest of the nation and interest of an individual, the former always takes precedence.
But by giving this exemption to the government, aren’t you promoting a surveillance state?
If the law is followed to the letter, there will be no problem. Moreover, I believe that the dissent notes were politically motivated. They are misconceived and unfounded.
Another key criticism was that the law seeks to make two ecosystems — one for the government with all the exemption and another one for the private sector where the law would be enforced with full rigour. Your comments.
You are talking about Section 12. If you were to read the clause closely, it says that for providing a service or extending a benefit by a government agency, the consent of the data principal need not be taken. If we were to remove this clause, the entire country would come to a halt. Our entire push towards digitisation would also come to a stop. If the government is depositing subsidies directly in a farmer’s account, should they first seek consent to process the data? Or if the Income Tax Department is to raid an offender, should they seek their consent? The committee has been vigilant about maintaining a fine balance between practicality and privacy issues.
The committee has laid down a 24-month period to implement the law. Many fear that with all its complexities, there will be insurmountable challenges in implementing this.
Yes, it is true it is a complex and complicated law. If not implemented properly it could lead to litigation. The committee has prescribed a timeline of 24 months, this is not binding on the government. This recommendation has only persuasive value. The government, if it feels, could extend or reduce the period.
Published - December 16, 2021 09:57 pm IST
