techUK joins global industry in raising concerns over India’s new Data Protection Bill (DPB)

techUK, together with several other organization from different regions, co-signed a letter on India’s Data Protection Bill (DPB) and more specifically on India’s Joint Parliamentary Committee Report. This report will form the basis of the new DPB Data Protection Bill. It contains a number of concerning elements that, beyond impacting the ability of firms across sectors to do business in India, stands to set a particularly detrimental precedent with respect to the regulation of non-personal data, data localization, and restrictions on the cross-border movement of data.

The Report’s recommendations run counter to global standards for data protection and competition, and the absence of a formalized and robust public debate on these significant new provisions deviates from good regulatory practices. The regulation of non-personal data is premised on data sharing in the interest of transparency and openness, requiring a distinct set of considerations and approaches from governing personal data. Mandates for companies to locally store their data in India will degrade the privacy and cybersecurity protections by limiting state-of-the-art solutions that are globally available.

The letter raises these concerns and requests the Indian Authorities to urgently conduct additional stakeholder consultations before the introduction of the DPB Bill in Parliament, given the wide-ranging impact and ramifications of the report’s recommendations.

The full letter is available below.

Global association letter on Data Protection bill 01032022.pdf