On December 4, The cabinet of Indian Prime Minister Narendra Modi approved a data protection bill for tabling in parliament. Following the circulation of the Personal Data Protection Bill (PDPB) text, U.S.-India Business Council President Nisha Biswal issued the following statement:

“The U.S.-India Business Council welcomes the Government of India’s introduction of the Personal Data Protection Bill (PDPB) in Parliament this week and commends the government for its consultative process.  Over the past several years, USIBC has worked closely with both government and industry leaders to support development of a transparent, light-touch, and risk-based approach to data protection in India.

It is clear that the government and Minister Ravi Shankar Prasad recognize the importance of establishing a sound data protection framework, and we are encouraged to see a number of industry perspectives reflected in the revised PDPB.  We note the requirements for data localization have been relaxed, enabling access to the global processing and data analytics that sustain India’s nearly $200 billion digital economy. A balanced approach to penalties is also a significant, constructive step. We look forward to additional opportunities to share specific additional technical points that could further improve the bill.

Unfortunately, the bill also contains several new provisions outside the core issue of data privacy that raise serious concerns for the private sector, particularly the inclusion of requirements around non-personal data and voluntary social media know your customer (KYC) provisions. These two issues are distinct from personal data issues and are complex in their own right. Given the need for additional discussion, we urge the government to remain focused on essential data privacy issues and to take up these matters as part of existing policy efforts taking place in parallel to the PDPB. We also recommend the bill be revised to provide ample time to establish a new Data Protection Authority (DPA) and strengthen the DPA’s independence and effectiveness, as well as allow companies to transform business operations, develop new technologies, and innovate digital solutions. We remain committed to working closely with the government as the bill moves through the parliamentary process, and commend the clear process outlined for the Bill’s introduction and passage next year.  Meanwhile, we will continue to seek opportunities for industry and India’s leading trading partners to share their views as new policy takes shape.”

For media inquiries, please contact Carolyn Posner (cposner@usibc.com | +1 202-281-7345) or Priyanka Sethi (psethi@usibc.com).

The U.S.-India Business Council will host an intimate roundtable interaction with government and industry stakeholders on global best practices to enhance India’s Personal Data Protection Bill, data privacy policy and cyber security regime. The discussion will include senior leaders from the U.S. Federal Trade Commission (FTC); data protection authorities from Japan, Singapore and India; privacy experts from the Centre for Information Policy Leadership (CIPL) and senior industry leaders.

Participants will share their perspectives on implementing India’s proposed personal data protection law in the context of India’s broader privacy policy framework and the increasingly data driven economy. With both FTC and Government of India (GOI) officials at the table, this event is designed to be a practical, solutions-oriented discussion focused on industry challenges related to data governance and protection. By the end of the session, we will seek to develop solutions that are sustainable and  effective for both industry and consumers.