Urgent need to introduce data protection law to curb cybercrime menace: Par Panel

New Delhi: There is an urgent need to bring data protection law in the country that can effectively combat cybercrime menace and protect the interests and rights of citizens in the digital age, a parliamentary panel said on Tuesday.

The Standing Committee on Communications and Information Technology in its 48th report said that delaying the implementation of the data protection framework could potentially expose individuals to various risks and compromise the privacy rights of citizens.

“The Committee strongly advocates for the immediate action of enacting this crucial legislation to protect the interests and rights of citizens in the digital age,” the panel said.

The recommendation of the committee follows detailed discussion with the Ministry of Electronics and IT and other stakeholders around data security and privacy related issues of citizens.

The panel said that it is of the belief that no legislation can be perfect and it evolves over time, fine-tuned in response to changing circumstances and urged that the provisions that cannot be fully defined within the scope of the current Bill can be addressed through rules prescribed under it, which are subsequently presented to Parliament.

”The Committee are of the firm opinion that there is an urgent need to introduce a data protection law, that effectively combats the growing menace of cybercrime, ensures public order and also strengthens India’s defense capabilities,” the report said.

In its submission to the panel, the Ministry of Electronics and IT representative said that any entity that takes consent which is beyond what is necessary for the stated, specified purpose, will be considered illegal.

”Just like an illegal contract is no contract, this will be an illegal consent. So, even if I consent and I access, I will continue to be liable because it is a question of fact whether to do this,” the ministry said.

The ministry has also informed the panel that the deemed consent clause has been removed after the consultation and feedback received from stakeholders, but it will be applicable in few cases where states need to perform functions under law or in the interest of sovereignty and integrity of India and security of the state.

The deemed consent will be applicable in cases where state and its instrumentalities need to provide subsidies, benefits, services, certificates, licences etc. to comply with any judgement or order under law, protect or assist or provide service in a medical or health emergency etc. and in relation to an employee.

The panel has cautioned the ministry about the judicious use of rule-making powers and emphasizes the importance of employing them responsibly and with utmost care.

Earlier in the day, CPI(M) MP John Brittas raised a point of order when a standing committee report on ‘Citizens’ Data Security and Privacy’ of the Ministry of Electronics and IT was tabled in the House.

He pointed out that the report pertains to the digital data protection bill, which has been approved by the Cabinet but has neither been introduced in the House nor referred to the standing committee.

”The standing committee has overstepped and it is beyond their jurisdiction and it is breaching your (Chair) authority and the authority of this House,” he said.

Chairman Jagdeep Dhankhar , however, overruled the point of order and said it was right to place the report of a committee in the House and the ”rest will follow in accordance with the rules”.

”But to take a stand that this august House must not have such kind of input, your point of order is devoid of any merit,” Dhankhar said.