News:Ministry of Electronics and Information Technology(Meity) has formed a new Committee of Experts to focus on non-personal data.
About the committee:
- The committee is headed by the Infosys co-founder Kris Gopalakrishna.
- The committee is mandated to to study various issues relating to non-personal data and to make specific suggestions for consideration of the central government on regulation of non-personal data.
Why was this committee formed?
- The draft Personal Data Protection Bill by Srikrishna Committee only dealt with personal data.It had recommended that the government should come up with a law to protect non personal data.
What is non-personal data?
- Non-personal data is usually held by large commercial entities like cab-aggregators, e-commerce companies that use the community data generated on their platforms to improve their services.
- This is in addition to anonymised datasets also being provided to government bodies and departments by large internet companies to assist in policy making.
Draft Personal Data Protection Bill,2018:
- The draft of Personal Data Protection Bill,2018 is based on the recommendations of the government-constituted panel headed by Justice BN Srikrishna.
- The Bill regulates the processing of personal data of individuals (data principals) by government and private entities (data fiduciaries) incorporated in India and abroad.
- The bill provides individuals several rights with respect to their data such as seeking correction or seeking access to their data which is stored with the fiduciary.
- The bill says that government and private entities has certain obligations towards the individual while processing their data such as notifying them of the nature and purposes of data processing.
- The Bill allows exemptions for certain kinds of data processing such as processing in the interest of national security for legal proceedings or for journalistic purposes.
- The Bill requires that a serving copy of personal data be stored within the territory of India.Certain critical personal data must be stored solely within the country.
- A national-level Data Protection Authority (DPA) is to be set up to supervise and regulate data fiduciaries.