Draft `India Data Accessibility and Use’ policy 2022

The draft India Data Accessibility and Use Policy was published on MeitY website on February 21, 2022. Since its publication, MeitY has been receiving several comments and suggestions on the draft policy. It’s also observed that there is a need to bring in some more clarity with regard to some of the clauses in the draft policy so that the objectives of the Data Accessibility policy to enable better services is made amply clear. These clauses will be finalized after getting inputs of stakeholders in the consultation process Accordingly the draft policy document for consultations is being shared here.

The inputs/feedback may be sent to Ms. Kavita Bhatia, Scientist F at the email kbhatia[at]gov[dot]in and pmu [dot] etech [at] meity [dot] gov [dot]in.

The last date of submission for inputs/feedback is March 18, 2022.

Draft Data Centre Policy

MeitY has drafted a Data Centre policy to benefit the Data Centre park developers/Data Centre operators as well as the allied ecosystem of Data Centre sector. The policy intends to ensure sustainable and trusted Data Centre capacity within the country. This policy framework shall be followed by a detailed scheme with implementation guideline document providing the particulars of various fiscal and non-fiscal incentives to be provided to the sector by the Central and State Government. Download The Policy document. Pl send your inputs and feedback within 15 days to:- uma.chauhan@meity.gov.in, cmo@meity.gov.in.

Promote indigenous technology development, research and capacity building 

5.4.1 Promote local manufacturing

 5.4.1.1 Promote and encourage use of indigenous hardware (IT as well as non-IT equipment) and software products used in the Data Centres, thereby reducing the overall import burden of the country. 5.4.1.2 Extend fiscal incentives to domestic start-ups and MSMEs to develop solutions for Data Centre usage.

5.4.1.3 Incentivize global equipment manufacturers to set up manufacturing units of IT/ Non-IT components in India, catering not only to local demands but also for export purposes. 

5.4.1.4 Strengthen the testing and certification framework for the Data Centre ecosystem, including for the IT and non-IT equipment and software products pertaining to Data Centres operations.

 5.4.2 Encourage joint ventures between the foreign investors and domestic companies to promote participation from Indian companies, in the development of Data Centres. This would enable long-term capacity building of the domestic companies operating in this space. 

5.4.3 Promote R&D in Data Centre ecosystem 

5.4.3.1 Promote setting up of R&D units to create an ecosystem that will promote development of Data Centre components within the country. 

5.4.3.2 Promote technology firms to produce innovative products and services for the Data Centre ecosystem and facilitate their commercialization for sustainable growth.

 5.4.4 Promote Adoption of Established Global Standards

 5.4.4.1 MeitY shall publish and mandate minimum standards for Data Centres / Data Centre Parks in the areas of build, IT, non-IT and security. 

5.4.5 MeitY to promote global adoption of services from state-of-the-art Data Centre infrastructure available in India, through various inter-governmental initiatives / MoUs. 5.4.6 Capacity Building and Human Resource Development 

5.4.6.1 Collaborate with Ministry of Skills Development and Entrepreneurship (MSDE) and leading academic institutes to impart large scale trainings to workforce on Data Centre, Digital and Cloud technologies, and facilitate sector linkages for such trained workforce. 

5.4.6.2 Promote skill development and upgradation initiatives aimed at addressing the skill gap of trained manpower to be able to meet the demands of Data Centres and Cloud Computing Platform. Data Centre Policy 2020 DRAFT FOR DISCUSSION Page 12 of 16 

5.4.6.3 Provide assistance for these programs through Skill Development Mission at National and State Level. 

5.4.6.4 Design programs for continuous capacity building amongst government officials and personnel on Data Centre and cloud technologies, data classification, storage policies, data security and other allied technologies.

Government seeks public comments on Data protection bill; September 10 deadline

Two weeks after the draft of the data protection Bill was submitted by the Justice BN Srikrishna committee, the government has invited comments from stakeholders and public on it. Inviting comments on the draft, the ministry of electronics and IT has given time till September 10 which can be posted on the website. 
This follows EU Bill General Data Protection Regulation.

“EU GDPR was an over-reach. The Indian law seems a bit more rational and gets the balance right between the rights of the individual and the public good that comes from the digital economy. Having said that, the clauses on processing of data on reasonable grounds should have been less vague and the bill should have defined some accountability on part of the government when it processes personal data of the users without consent,” Suneeth Katarki, Partner, IndusLaw,

Read both and form your own opinion.

Right to be Forgotten:
GDPR’s Article 17 has outlined the circumstances under which EU citizens can exercise their right to be forgotten or right to erasure. The Article gives individuals the right to get personal data erased under six conditions, including withdrawal of consent to use data, or if data is no longer relevant for the purpose it was collected. However, the request may not be entertained in some situations such as if the request contradicts the right of freedom of expression and information, or when it goes against  public interest in the area of public health, scientific or historical research or statistical purposes. The B.N. Srikrishna Committee report has laid significant emphasis on obtaining the consent of an individual to process and use personal data. The committee said consent must be “informed”, “specific” and “clear”, and needs to be capable of being withdrawn as easily as it was given. 

The draft Personal Data Protection Bill, 2018, has a section on the Right to be Forgotten. But the proposed bill does not provide right to erasure. 

Section 27 of the bill has listed out three scenarios in which an individual will have the “right to restrict or prevent continuing disclosure of personal data” or the right to be forgotten, in a sense. This will be applicable if data disclosure is no longer necessary, the consent to use data has been withdrawn or if data is being used contrary to the provisions of the law. An adjudicating officer will have to determine the applicability of one of the three scenarios. The officer will also have to determine that the right of the individual to restrict use of her data over-rides the right to freedom of speech or right to information of any other citizen. (Source: Livemint)