Acme Ai
A
gs3
250 Words15 Marks

Q.Data security has assumed significant importance in the digitized world due to rising cyber crimes. The Justice B.N. Srikrishna Committee Report addresses issues related to data security. What, in your view, are the strengths and weaknesses of the Report relating to protection of personal data in cyber space?

UPSC Mains 2018Internal Security

Introduction

With cybercrimes in India rising sharply—from 44,546 cases in 2017 to 50,035 in 2020 according to the National Crime Records Bureau (NCRB)—the need for a robust data protection framework has become critical. In response, the Government of India constituted the Justice B.N. Srikrishna Committee, which submitted its landmark report in 2018, laying the foundation for personal data protection in India's cyberspace.


Body Analysis

Strengths of the Justice B.N. Srikrishna Committee Report

  • Comprehensive Data Protection Framework: The report outlines a detailed framework governing data processing, storage, and transfer, making it uniformly applicable to both public and private entities.
  • Empowerment of User Rights: It places strong emphasis on individual rights over personal data, introducing rights such as access, correction, and the "right to be forgotten" (erasure), giving citizens greater agency over their digital footprints.
  • Focus on Consent and Transparency: It mandates that data collection must be based on informed consent, requiring data fiduciaries to provide clear, accessible information regarding how data will be utilized.
  • Data Localization Mandate: The report advocates storing sensitive personal data locally within India. This ensures sovereign jurisdiction over critical data, facilitating easier legal and security interventions.
  • Independent Regulatory Body: It recommends establishing an independent Data Protection Authority (DPA) to monitor compliance, investigate breaches, and enforce data laws.
  • Accountability and Liability: The framework introduces mandatory data breach notifications to the DPA and proposes strict financial penalties for non-compliance, alongside provisions for compensating affected individuals.

Weaknesses of the Justice B.N. Srikrishna Committee Report

  • Ambiguity in Data Localization: The report lacks precise guidelines on what specific categories of data must be localized, creating compliance uncertainty for multinational corporations operating in India.
  • Economic Burden on Startups: Mandatory data localization and compliance requirements could significantly increase operational costs, potentially hurting early-stage startups and small enterprises.
  • Broad Exemptions for Government Agencies: The report allows wide exemptions for state agencies on grounds of national security and public order. Critics argue this lacks adequate judicial oversight and could lead to state surveillance, undermining citizen privacy.
  • Implementation Complexity: The proposed comprehensive regulations may impose a heavy compliance burden on smaller businesses. Additionally, its suggested phased implementation could lead to prolonged regulatory uncertainty.
  • Restrictions on Cross-Border Data Flows: Tight restrictions on international data transfers could disrupt global business operations, particularly in India's IT-BPM and e-commerce sectors, and potentially trigger trade disputes.
  • Neglect of Emerging Technologies: The report does not provide specific, detailed guidance on how data protection principles apply to rapid advancements in Artificial Intelligence (AI), Big Data, and the Internet of Things (IoT).

Conclusion

The Justice B.N. Srikrishna Committee Report represents a major milestone in India's journey toward securing its digital ecosystem. While its focus on user consent, transparency, and accountability is highly commendable, addressing the loopholes regarding state exemptions, localization costs, and emerging technologies is vital to creating a balanced framework that protects privacy without stifling digital innovation.