With the release of the Digital Personal Data Protection Bill by the government, the debate over its provisions has heated up. In the event of a data breach, it appears that even the government could be held liable.
“The Bill’s main purpose is to hold entities that monetize data accountable.” Even the government is not immune in the event of a data breach, according to a source quoted by the news agency PTI. Due to frivolous RTI applications, the bill exempts certain government-notified fiduciaries from sharing information with their respective data owners. According to the report, data transfer and storage in other countries will be based on mutual agreements. After nearly three years in limbo, a reworked version of the draught Bill was unveiled on November 18 and will be open for public comment until December 17.