Research and Articles
Hotline
- Capital Markets Hotline
- Companies Act Series
- Climate Change Related Legal Issues
- Competition Law Hotline
- Corpsec Hotline
- Court Corner
- Cross Examination
- Deal Destination
- Debt Funding in India Series
- Dispute Resolution Hotline
- Education Sector Hotline
- FEMA Hotline
- Financial Service Update
- Food & Beverages Hotline
- Funds Hotline
- Gaming Law Wrap
- GIFT City Express
- Green Hotline
- HR Law Hotline
- iCe Hotline
- Insolvency and Bankruptcy Hotline
- International Trade Hotlines
- Investment Funds: Monthly Digest
- IP Hotline
- IP Lab
- Legal Update
- Lit Corner
- M&A Disputes Series
- M&A Hotline
- M&A Interactive
- Media Hotline
- New Publication
- Other Hotline
- Pharma & Healthcare Update
- Press Release
- Private Client Wrap
- Private Debt Hotline
- Private Equity Corner
- Real Estate Update
- Realty Check
- Regulatory Digest
- Regulatory Hotline
- Renewable Corner
- SEZ Hotline
- Social Sector Hotline
- Tax Hotline
- Technology & Tax Series
- Technology Law Analysis
- Telecom Hotline
- The Startups Series
- White Collar and Investigations Practice
- Yes, Governance Matters.
- Japan Desk ジャパンデスク
Technology Law Analysis
November 12, 2019Privacy Law Developments in India – Wrapping up 2019
From what was expected to be a prospectively chaotic year in terms of privacy law developments, has turned out to be a rather mellow year thus far. The introduction of the revamped general privacy and data protection law in India continues to loom but there appears to be some time until it is introduced. This update brings to you privacy and data protection related developments in India during the past 11 months, which may be of interest to organizations doing or looking to do business in India.
1.New privacy and data protection law lurking
Indian Parliament is likely to consider the Personal Data Protection Bill, 2018 that is set to revamp the existing framework in India, in the upcoming Winter Session commencing from 18th November. The proposed law was publicly released last year and appears GDPR-inspired on various fronts. The proposed law may have a considerable impact on MNCs operating in India, whether with or without a physical presence, due to its data localization requirements and cross-border data transfer restrictions.
Our paper provides details of the proposed law, how it compares to the GDPR, specific industry implications and tax considerations. Our Technology and Privacy law team had also hosted a webinar to discuss the development and our analysis.
2. Clarifications on data localization in the payments industry
The Reserve Bank of India (apex bank in the country) had in April last year issued a data localization directive, mandating all authorized payment system operators and banks to store payment systems data only in India. This led to various ambiguities in the requirements as well as industry pushback on the strict requirements imposed, especially by global payment companies. Our write ups on this are accessible here and here. The RBI also issued the much awaited clarifications on the said directive. One of the major clarifications being that where processing of a payment transaction happens overseas, then the payment systems data (including end-to-end transaction details) for the said transaction could also be stored abroad, but only for a limited period i.e. for the duration of processing the transaction.
We have analyzed the implications of the clarificatory press release here.
Dedicated committee to look into governance of non-personal data
The Ministry of Electronics and Information Technology (MEITY) had in September released an office memorandum which constitutes a new Committee of Experts, chaired by Shri. Kris Gopalakrishnan (Co-Founder, Infosys). The MEITY had taken cue from the Committee that framed the draft Personal Data Protection Bill, 2018,
- study various issues relating to non-personal data; and
- make specific suggestions for consideration of the Central Government on non-personal data.
The report and recommendations of the Committee is currently awaited.
Interesting and exciting times lie ahead. As one can see, data is no longer looked at as an intangible commodity but rather as an asset on which further value can be derived. Both consumers, organizations and now the Government see value in data, its usage and security. Also, as sectoral and industry-wide regulation evolves, business models will have to keep up. One must wait and watch whether 2019 has a twist in the tail, but certainly buckle up for 2020.
– Aaron Kamath, Huzefa Tavawalla & Gowree Gokhale
You can direct your queries or comments to the authors