India's incoming data laws need our serious attention NOW.
The Joint Parliamentary Committee is all set to table their comments within the next few days, & you deserve to know: What are its glaring issues? How can we make it better? 🧵 1/n #MonsoonSession
internetfreedom.in/update-indias-…
The Joint Parliamentary Committee is all set to table their comments within the next few days, & you deserve to know: What are its glaring issues? How can we make it better? 🧵 1/n #MonsoonSession
internetfreedom.in/update-indias-…
Is India's incoming data law secure? Is it enough? Does it really protect you?
At IFF, we dived into them through #StartFromScratch #DataProtectionTop10 #PrivacyOfThePeople, where we analysed the Bill and looked at how they would affect you — as someone under its purview. 2/n
At IFF, we dived into them through #StartFromScratch #DataProtectionTop10 #PrivacyOfThePeople, where we analysed the Bill and looked at how they would affect you — as someone under its purview. 2/n
Now, the recommendations of the JPC will probably be considered, and the Bill itself may be passed. We're keeping our eyes peeled! But the story isn't over just yet.
Due to the cabinet reshuffle, multiple positions lie vacant in the JPC, including that of the chairperson! 3/n
Due to the cabinet reshuffle, multiple positions lie vacant in the JPC, including that of the chairperson! 3/n
Additionally, here's a scoop: the report may substantially expand the scope of the Bill to include non-personal data, a *major* missing component of the current Personal Data Protection Bill 2019! But, but, but... the framework may be unconstitutional. 4/n
hindustantimes.com/india-news/cab…
hindustantimes.com/india-news/cab…
Why?
1. Overbroad definitions! What is 'personal'? What is 'non-personal'? What's the relationship between the Bill and the framework? Does it protect your data privacy and security? (nope) 4/n
1. Overbroad definitions! What is 'personal'? What is 'non-personal'? What's the relationship between the Bill and the framework? Does it protect your data privacy and security? (nope) 4/n
2. What is non-personal data? It's mostly just personal data that has been "anonymised", and the risk of *de-anonymisation* is high — given that today's internet makes true anonymity close to impossible. We must create strong safeguards against this risk. 5/n
3. Your data may be exploited... against your interests. Entities should *not* be given a free hand to collect your data and use it for their own interests, and they *must* prioritise YOUR consent. 6/n
That's why these issues must be resolved ASAP:
a. Fill up JPC vacancies! It's urgent, and the Speaker must focus on this.
b. Some suggestions will be accepted and some won't be. We deserve to know why. 7/n
a. Fill up JPC vacancies! It's urgent, and the Speaker must focus on this.
b. Some suggestions will be accepted and some won't be. We deserve to know why. 7/n
c. Lastly, accepting the 'non-personal' data framework changes the incoming data law substantially, i.e A LOT.
As a democratic country, this can't be heaped on us. We need fresh consultations to inspect the multiple issues that may be thrown up by this integration. 8/n
As a democratic country, this can't be heaped on us. We need fresh consultations to inspect the multiple issues that may be thrown up by this integration. 8/n
At IFF, we're fully funded by the people of India. Help us advocate for your fundamental rights in a digital India!
internetfreedom.in/donate/
internetfreedom.in/donate/
• • •
Missing some Tweet in this thread? You can try to
force a refresh
