As many as 15 international technology and business trade associations respectfully urged India’s Joint Parliamentary Committee to amend the Personal Data Protection (PDP) Bill 2019 suitably in order to truly uphold privacy protection and remove barriers to the growth of the economy. In a letter led by the Information Technology Industry Council (ITI), the global associations commended the Government of India’s prioritization of the technology sector and privacy for Indian citizens but expressed concerns with its current approach to data protection in the PDP Bill.
“We welcome the significant progress that the Government of India has made on the protection of personal data for Indian citizens. India has long been a global technology leader that creates and supplies goods and services to contribute to a productive, competitive, and innovative global economy and society,” the associations wrote. “However, we are concerned that some provisions in the personal data protection bill would hamper the country’s economic growth, constrain the ability of companies operating in market to innovate, and in some cases potentially undermine the protection of Indian citizens’ privacy.”
The groups raised specific concerns regarding the bill’s approach to data localization, regulating non-personal data, and government access to both personal and non-personal data, the bill’s open-ended definition of sensitive personal data, and the lack of a definition for critical personal data.
“Privacy and user trust are central to our member companies’ businesses, and that commitment to privacy is fulfilled no matter where our user’s data is stored,” the associations wrote. “Our companies operate at a global scale and the free flow of data across borders is fundamental to maintaining trust and providing the highest quality products and services. We are deeply concerned that the PDP Bill requires a copy of sensitive personal data to be stored in India even when conditions for its cross-border transfer are met, and that critical personal data cannot be transferred under any conditions.”
The letter is in addition to recently submitted comments to the Joint Parliamentary Committee on the Personal Data Protection Bill 2019 by many of the associations on the letter and their member companies.
Here's the full letter