The Srikrishna committee fears Trai’s move will delay the submission of its own report due later this month. This is as per a report in the Economic Times.
The Justice BN Srikrishna Committee, which is drafting a model data protection and privacy law for India, is upset by the timing of recommendations made by the country’s telecom regulator this week, according to a senior member of the panel, as it fears this will delay the submission of its own report, due later this month.
On Monday, Telecom Regulatory Authority of India (Trai) in a surprise move recommended rules that give users control of their data and personal information while severely restricting ways in which telecom and internet firms can use customer data. Its rules are applicable for apps, browsers, operating systems and handset makers.
“Next week somebody will make some recommendations and that will have to be merged, then again somebody will make some other recommendations,” the person has been quoted in ET. He added that the committee will look into Trai’s submissions.
“Like any other sector, the data protection Act will be the final thing. In respect of telecom matters, there will be a role for Trai as sectoral regulator but the basics of privacy will be governed by the data protection Act,” a MeitY (Ministry of Electronics and Information Technology) official has been quoted in the same report.
Legal experts and industry analysts also questioned the need for the regulatory announcement just before the Justice Srikrishna committee releases its report, after a year of deliberations.
The high-powered group — consisting of jurists, academicians and policymakers — was formed last July with a brief to suggest principles for data privacy and a draft data protection bill for the country.
“Why is Trai then pre-empting the law?” said Kartik Maheshwari, leader for technology companies at law firm Nishith Desai Associates.
“Now that Trai has published its recommendations in public domain, the government may not be able to completely ignore them. But it’s so late in the day that it may not have any real impact on the final recommendations of the Justice Srikrishna committee,” he said.
The ten-member panel may incorporate some of Trai’s suggestions even as it submits its report to the union government next week.
Trai chairman RS Sharma said the regulatory body has jurisdiction to tackle data protection under consumer interest, and those who feed off the industry — content providers, or apps, browsers, operating systems, and devices — were only custodians.
“We will send these recommendations to the committee, but we did not time it to coincide. We’re not dependent on the committee and we had issued this suo moto, since we felt the need to rigorously deliberate on the issue,” he had reportedly said.
There could be sector-specific laws within the general data protection framework for the telecom sector, he added.
Analysts say that regulators making public their recommendations before the data framework only adds to the confusion. “Industry was looking forward to a common primary framework. There are many independent suggestions coming from various regulators. It is creating confusion and chaos. I do expect considerable delay in finalising the law. Once the draft is out, there will be public consultation; all regulators will also have a say,” said Vidur Gupta, partner, government and public sector, EY India.
Others say that while there is clarity on what Trai is expecting, it has to be bound by the panel’s recommendations.
“It is good that a regulator has an eye on the market. It gives us an idea about what Trai has on its mind. The Reserve Bank of India also had not waited for Srikrishna Committee report before issuing a directive on data localisation,” said Swaraj Paul Barooah, policy director at Centre for Internet and Society.
“But the major point is that Trai’s recommendations are not binding; the data privacy law will be influenced by Justice Srikrishna committee only.”
Over 150 activists and experts write to Srikrishna Committee; demand transparency
It was reported by Outlook on 19th July that over 150 citizens from various walks of life have demanded that the draft bill on data protection should be made available in the public domain as per established democratic practices.
In a letter to IT Minister Ravi Shankar Prasad on July 17, the citizens raised concerns over the functioning of the expert panel drafting the legislation and alleged that policy framework for data protection is being developed by overriding established democratic practices.
“We request you to make public the draft Data Protection Bill circulated by the Ministry of Electronics and Information Technology, which is being considered by the Committee,” the citizens demanded.
They alleged that there was lack of diversity in the composition of the committee with respect to their opinions on key issues.
It is also deeply disappointing that the chairperson chose not to exercise his right to co-opt other members into the committee to make it more balanced, they said.
The B N Srikrishna-led committee was constituted last year is to deliberate on a data protection framework for India and to consider the draft Data Protection Bill circulated by the IT Ministry.
The citizens who have written the letter to Prasad come from varied backgrounds. They include lawyers, social activists, anthropologists, researchers and professors.
“Any draft legislation along with the recommendations subsequently being considered by the Government of India be placed in the public domain for 30 days to invite comments before it is sent to the Cabinet.
“A clear roadmap be made publicly available with dates and a process for considering the feedback received from the public consultation before placing it for Cabinet approval and introduction in the Parliament,” the citizens demanded in their letter.
Claiming that the committee has failed to bring transparency in its proceedings, the citizens demanded disclosure of information about the dates and agenda of the meetings of the panel, the correspondence among the committee members and summary of the white paper received by the committee.
“Many of us, in our various capacities, gave specific feedback to the committee on the white paper shared by it. We fundamentally disagree with the committee’s mandate as being to ensure growth of the digital economy while keeping personal data of citizens secure and protected.
“We strongly believe that individual rights and public interest should be at the centre of any legislation being considered with respect to data protection, especially after the landmark judgment of the nine-judge bench of the Supreme Court upholding the fundamental right to privacy,” the citizens said.