Data Protection: Jairam Ramesh’s dissent note warns against unbridled powers of Centre
Senior Congress leader Jairam Ramesh moved a dissent note to the report and draft Bill prepared by the Joint Select Committee of Parliament on the Data Protection Bill. Ramesh said the design of the Bill assumes that the constitutional right to privacy arises only where operations and activities of private companies are concerned.
He said in the note that Governments and government agencies are treated as a separate privileged class whose operations and activities are always in the public interest and individual privacy considerations are secondary. “The idea that the August 2017 Puttaswamy judgment of the Supreme Court is relevant only for a very, very, very tiny section of the Indian population is, in my view, deeply flawed and troubling and is one that I totally reject,” he said.
Ramesh said Section 35 gives almost unbridled powers to the Centre to exempt any government agency from the entire Act itself. “Under the amendment I had suggested, the Central Government will have to get Parliamentary approval for exempting any of its agencies from the purview of the law. Even then, the Government must always comply with the Bill’s requirement of fair and reasonable processing and implementing the necessary security safeguards. I was willing to compromise provided the JCP had recommended that the reasons for exemption that would be recorded in writing as provided in the Bill would be tabled in both Houses of Parliament. This would bring about greater accountability and transparency, but even that was not found acceptable,” Ramesh said.
The senior MP said Section 12(a)(i) creates certain exceptions for governments and government agencies from the provisions of consent. “While fully understanding the logic for such exemptions in a number of circumstances, I had suggested some changes to make this exemption less sweeping and less automatic. The JCP’s report allows a period of two years for private companies to migrate to the new data protection regime but governments and government agencies have no such stipulation,” he said.
Ramesh said the amendments proposed are in line with the recommendations of the Justice Srikrishna Committee Report and Clause 42 of the 2018 Personal Data Protection Bill prepared by it. “Based on a reading of the Supreme Court’s privacy judgment, the Justice Srikrishna Committee had identified ‘security of the State’ as the sole interest that should be privileged under exceptional conditions, as an exemption from certain obligations of the law. Given the breadth of the proposed power under Section 35, the exemptions should be narrowly tailored to protect the law from a constitutional challenge,” Ramesh reasoned.
In this background, he said the ground of “public order” should be deleted in Section 35(i) given its susceptibility to misuse. “Despite the Supreme Court distinguishing between the standards of “law and order”, “public order”, and “security of state”, these standards are often conflated in practice. Hence, to ensure a narrow tailoring of the exemption and limiting its scope, the term “public order” should be deleted from Section 35(i) and (ii) of the Bill,” he added.