News Brief
Union Meity Secretary Ajay Prakash Sawhney (Source: @cdacindia/Twitter)
During a seminar organised by the Public Affairs Foundation of India, the Ministry of Electronics and Information Technology (MeitY) Secretary Ajay Prakash Sawhney said India should update its Information Technology (IT) Act to meet the demands of new technology and industrial advances. Additionally, the top official stated that currently, the government’s focus is on putting in place the Personal Data Protection Bill.
According to Sawhney, the world had changed dramatically in the last several years, necessitating the need to update India’s IT Act, which was first notified in 2000 and was last amended in 2008.
This Act is the fundamental piece of legislation governing electronic governance and cybersecurity—it was reported that India witnessed an exponential rise in cyber attacks in 2020 and the Indian Computer Emergency Response Team (CERT-In) said that in 2018, such attacks increased fourfold, with an 89 per cent increase in 2019.
However, Sawhney added that the difficulties that the country is dealing with have altered dramatically and companies have grown tremendously. As reported, the official said: “Completely new segments of operations have taken shape and globally there is a huge amount of innovation happening in this space.”
During the seminar, Sawhney explained that laws are being enacted in various places of the world and India need to improve cybersecurity, adjudication as well as a variety of other aspects. As per the official, the next step will be to build a legislative framework that considers these new developments. “That is something which will also be on the anvil but right now we will focus on Personal Data Privacy Bill and Non-Personal (Data Protection) Policy”, added Sawhney.
During the Budget Session, the Joint Committee of Parliament reviewing the bill was allowed a fourth extension to introduce it before parliament. “Hopefully, in the next session, if we are able to get the report from that group, then we shall be pushing for early processing in Parliament," said Sawhney.
The Personal Data Protection Bill states that it is “to provide for protection of the privacy of individuals relating to their personal data, specify the flow and usage of personal data, create a relationship of trust between persons and entities processing the personal data, protect the rights of individuals whose personal data are processed, to create a framework for organisational and technical measures in processing of data, laying down norms for social media intermediary, cross-border transfer, accountability of entities processing personal data, remedies for unauthorised and harmful processing, and to establish a Data Protection Authority of India for the said purposes and for matters connected therewith or incidental thereto.”
The MeitY Secretary also talked about the Non-Personal Data Protection Bill plan which according to him is also taking shape that promotes innovation and growth around data processing.
Sawhney said: “This creates a very unique kind of ecosystem in India, which will, on the one hand, allow us to promote the growth of non-personal data at a very large scale, and simultaneously provide extensive opportunities through the Indian start-up system and the innovation system to make full use of non-personal data.”