The Ministry of Electronics and Information Technology will reportedly water down the original draft of the Personal Data Protection Bill where data that does not qualify as “critical” or “sensitive” will be allowed to be stored outside India.
A senior government official told a noted financial daily, “The proposed (draft) Data Protection Bill will now be tweaked to allow personal information which is not ‘critical’ nor ‘sensitive’ to be stored and processed anywhere, while data classified as ‘critical’ should be kept only in India… This could help ease the tension in trade ties between the US and India.”
The first copy of the Bill had recommended that a copy of all personal data should be stored and processed in India. Experts have also speculated that this move will reduce the number of instances in which company executives can be jailed due to the breach of data security. The tweaking of this provision, if accepted, will be a huge relief for companies, especially MNCs.
Another government official told a news wire, “Most important change is that the original draft said that a copy of all personal data should be stored in India…ultimately, the Cabinet will take a call on the matter… MeitY is proposing that with regard to personal data only such data which is to be categorised as sensitive or critical needs to be stored in India.”
The Indian Government in 2017 had constituted a Committee of Experts to study various issues relating to data protection. The committee was set up so that the specific suggestions could be made on the principles for data protection as well as for creating a Data Protection Bill. Last year, the committee, headed by Justice BN Srikrishna had recommended that multinational entities, especially tech and social media giants should store data physically in India, in order to ensure its safety and security.