Independent Research and Policy Advocacy

Responses dated 31 January 2018 to the “White Paper of the Committee of Experts on a Data Protection Framework for India” dated 27 November 2017 (White Paper) released by the Ministry of Electronics and Information Technology (MeitY)

In this document, we present our responses to the public consultation on the White Paper which is based on our broader approach on data protection. This approach looks past a consent-led approach to data protection, and seeks to embed a bundle of rights for all individuals with respect to their personally
identifiable data that apply even where consent has been validly obtained for data collection

Comments dated 20 March 2017 on the draft of the “Information Technology (Security of Prepaid Payment Instruments) Rules 2017” dated 8 March 2017 (Draft Rules) released by the Ministry of Electronics and Information Technology, Government of India (MeitY)

Our comments in response to the Draft Rules are presented in two sections below. In the first section titled “I. Overarching Comments”, we raise two broad points on (1) extending the data protection principles consistently to avoid regulatory gaps, and (2) the need for regulatory coordination to avoid dual regulation, mitigate potential capacity constraints for MeitY and any adverse impact on the ease of doing business for pre-paid instrument (PPI) issuers. In the second section titled “II.