Data Privacy Day is a great reminder about the value of privacy: Sreenidhi Srinivasan, Principal Associate, Ikigai Law

tech.hindustantimes.com:

In a short but incisive interaction, Sreenidhi Srinivasan, Principal Associate, Ikigai Law, has revealed what World Data Protection Day is all about for both individuals and corporates while voicing her thoughts and concerns on the Data Privacy Bill, what it lacks and whether the expansion of scope into non-personal data coverage is a good idea or not. Here are edited excerpts of the interaction with HT Tech.

It's a great reminder about the value of privacy! For companies - to make privacy conscious choices when developing products. And for individuals - to be aware of their rights.

The bill draws from core privacy principles accepted globally- privacy 'by design', minimising the amount of data collected, informed consent, and accountability. It also provides for the setting up of a data protection regulator. The law is mostly principle-based. And the real meat of implementation will depend on how the regulator interprets the principles, develops codes of practice and regulations, and enforces compliance. A lot rides on the regulator- and the focus should be on building a robust, effective regulator.

At the same time, the bill suggested by the joint Parliamentary panel expands the scope of the law to cover non-personal data (anonymised data, business insights). This expansion is concerning. While 'personal data' is about individuals' privacy, non-personal data governance has an economic rationale. Combining the two could dilute both objectives.

First, since the government itself collects and uses a lot of data, more narrowly tailored exceptions for government bodies could have strengthened privacy. Second, the bill treads into business proprietary data- for eg., it asks businesses to disclose fairness of algorithms, it does