Regulation of non-personal data: MeitY sets up new committee

News:Ministry of Electronics and Information Technology(Meity) has formed a new Committee of Experts to focus on non-personal data.


About the committee:

  • The committee is headed by the Infosys co-founder Kris Gopalakrishna.
  • The committee is mandated to to study various issues relating to non-personal data and to make specific suggestions for consideration of the central government on regulation of non-personal data.

Why was this committee formed? 

  • The draft Personal Data Protection Bill by Srikrishna Committee only dealt with personal data.It had recommended that the government should come up with a law to protect non personal data.

What is non-personal data?

  • Non-personal data is usually held by large commercial entities like cab-aggregators, e-commerce companies that use the community data generated on their platforms to improve their services. 
  • This is in addition to anonymised datasets also being provided to government bodies and departments by large internet companies to assist in policy making.

Additional information:

Draft Personal Data Protection Bill,2018:

  • The draft of Personal Data Protection Bill,2018 is based on the recommendations of the government-constituted panel headed by Justice BN Srikrishna.
  • The Bill regulates the processing of personal data of individuals (data principals) by government and private entities (data fiduciaries) incorporated in India and abroad.
  • The bill provides individuals several rights with respect to their data such as seeking correction or seeking access to their data which is stored with the fiduciary. 
  • The bill says that government and private entities has certain obligations towards the individual while processing their data such as notifying them of the nature and purposes of data processing.
  • The Bill allows exemptions for certain kinds of data processing such as processing in the interest of national security for legal proceedings or for journalistic purposes.
  • The Bill requires that a serving copy of personal data be stored within the territory of India.Certain critical personal data must be stored solely within the country.
  • A national-level Data Protection Authority (DPA) is to be set up to supervise and regulate data fiduciaries.