Applicability:
The Personal Data Protection Bill on enactment shall apply to –
1) the processing of personal data where the data has been collected, disclosed, shared, or processed otherwise within Indian territory.
2) the processing of personal data by the state, Indian company, any body or body of persons incorporated under India law, any citizen of India.
3) also be applicable to data fiduciaries, data processors not present within the territory of India.
4) Anonymised data u/s.91
Explanation:
This Bill provides that after enactment the Provisions under this act would be applicable to private as well as public entities and also including the data being processed by somebody in fiduciary capacity.
Usually the privacy laws are segregated between two categories and they are Private sector organizations and Public sector organizations for eg. Canada where the federal law applicable for Private Sector organization is PIPEDA (Personal Information Protection & Electronic Document Act) and for public sector Federal Privacy Act is there.
However, reading the Personal Data Protection, 2019 (India) bill it appears that it is aiming to include both kinds of organisation in one book. In general, the anonymised data is not under the ambit of its applicability as per 2 (B) but section 91 forms an exception to it and empowers Central Government to frame policies on digital economy to provide even any personal anonymised data.
Opinion:
The applicability part doesn’t seem worrisome but empowering the central government to have the anonymised personal data render the purpose of this wholly bill in darkness. Though it’s too early to judge anything, now I am proving each part and section of it along with my opinion and in final writing I will conclude the whole Bill in one article.
Picture Credit- firstpost.com