Will India’s Proposed Data Protection Law Protect Privacy and Promote Growth?

Anirudh Burman
Content Type
Working Paper
Carnegie Endowment for International Peace
How should a legal framework for data protection balance the imperatives of protecting privacy and ensuring innovation and productivity growth? This paper examines the proposed data protection legislation in India from the perspective of whether it maintains this balance. In December 2019, the government introduced the Personal Data Protection Bill, 2019, in parliament, which would create the first cross-sectoral legal framework for data protection in India.1 This paper argues that the bill does not correctly address privacy-related harms in the data economy in India. Instead, the bill proposes a preventive framework that oversupplies government intervention and strengthens the state. This could lead to a significant increase in compliance costs for businesses across the economy and to a troubling dilution of privacy vis-à-vis the state. The paper argues that while the protection of privacy is an important objective, privacy also serves as a means to protecting other ends, such as free speech and sexual autonomy. A framework for protecting personal data has to be designed on a more precise understanding of the role of privacy in society and of the harms that emanate from violations of individual privacy.
Science and Technology, Law, Privacy, Data
Political Geography
South Asia, India