This series intends to address the loopholes in the Draft Data Protection Bill formulated by the Committee under the Chairmanship of Hon’Ble B.N. Shrikrishna and to analyze the impacts the new Law would have on Financial Institutions. In furtherance of its objectives, the second part of this series traces the aims and objectives of this Bill and draws attention to certain remarkable features of the European Law on the subject. In the third part, it envisages the efforts, that are called for, from the financial sector to be compliant to this law. The series closes by stressing on the need for this much-awaited law despite the various hurdles that may come in the way of its implementation and compliance.
This Series aims to critically examine the Draft Personal Data Protection Bill, 2018 and attempts to provide solutions. If enacted, the law would have significant repercussions over various sectors domestically, similar to the widespread effects created by Europe’s General Data Protection Regulations (‘GDPR’). Financial Institutions such as Banks, non-banking financial institutions process huge amounts of personal data on a daily basis which is handled by various internal departments. Thus, it also aims to analyze the impact this law would have on financial institutions and information.
A Historic Order passed by the Supreme Court of India in Justice K.S. Puttaswamy v. Union of India, recognized the Right to Privacy as an integral part of Article 21 and Part III of the Indian Constitution.
A committee of Experts on a Data Protection framework for India under the Chairmanship of Justice B.N. Srikrishna released its white paper on November 27, 2017. The White Paper explored notions such as Fiduciary Relationship between individuals and service provider entities having access to such data and the liability placed by such relationship against abuse of power by service providers. The committee sought to settle for once, the domain of sensitive personal data. A crucial step frontwards has been taken by the Committee by bringing in consent-based processing and stipulating the unambiguous grounds for immunity from compliance. The Draft bill leads in array concepts such as autonomy, transparency and accountability presently absent in the Indian Jurisdiction. The Draft Bill formulated by the Committee is projected to be tabled in the Parliament in December 2018.
Though previously an unsuccessful attempt was made to formulate a framework on data protection by a committee headed by A.P. Shah in 2012, the odds are in favour of passing the present draft bill, in light of the decisions such as Puttaswamy and Whatsapp Privacy Case.
 Karmanya Singh Sareen and Anr. v. Union of India and Ors, (2018)1SCC809, Order dated 24 August 2017.
 Karmanya Singh Sareen v. Union of India Ministry of Communications Department of Telecommunications Secretary, SLP No. 804/2017 Diary No.- 42134 – 2016. (pending).