New Delhi: A Joint Parliamentary Committee has recommended that the data protection bill being brought by the government should cover both personal and non-personal data, among 81 recommendations on modification of the bill. The report of the JPC headed by BJP leader P. P. Chaudhary, which was tabled in Parliament on Thursday, has made elaborate observations and recommendations in its over 500 page report, and has made over 150 drafting corrections and improvements in the different clauses of the bill.
In its recommendations on the bill, the committee has recommended changing the title of the bill from “The Personal Data Protection Bill” to “The Data Protection Bill”, and to name the act as the “Data Protection Act”.
The recommendation of amending the name of the bill has been given “in view of the impossibility of a clear cut demarcation of personal and non-personal data and to cover the protection of all kinds of data”, the report said.
The JPC report said social media platforms should be treated as publishers and be regulated for the content they host. It also recommended formulating a mechanism under which social media platforms which do not act as intermediaries will be held responsible for content from unverified accounts on their platforms. It recommends formulation of a statutory media regulatory authority on lines of the Press Council of India, and said that social media platforms should not be allowed to operate in India unless the parent company handling the technology sets up an office in India.
The panel has recommended that the long title of the bill should be changed to clarify that it is for protection of ‘digital’ data, and instead of ‘social media intermediaries’, the term has been changed to ‘social media platforms. It said the definition of children should be reduced from 18 years. For the definition of “data fiduciary”, the panel has suggested adding NGOs as they play a significant role in collecting data especially in rural areas, and brings them under the ambit of the legislation.
Noting that the current bill had no provision to keep check on hardware manufacturers that collect that data through digital devices, and has recommended addition of a sub-clause for regulating hardware manufacturers. It also said that employers cannot be given complete freedom to process personal data of employees without their consent, creation of a separate class of guardian data fiduciary on behalf of minors, and reporting of breach of personal data within specific time. The panel also recommended flexible penalty provisions for data fiduciaries, and a single window for deciding penalties and compensation.
