Parl panel calls for greater accountability for social media platforms
A parliamentary committee on Thursday recommended widening the scope of proposed data protection legislation to include both personal and non-personal data and called for greater accountability for social media platforms in handling them like editors.
The Joint Committee on the Personal Data Protection Bill, 2019, led by BJP MP PP Chaudhary, tabled its report in both Houses on Thursday.
The main highlights of the report include expanding the scope of the bill to also cover non-personal data, stricter regulations for social media platforms and the creation of a media regulatory authority, according to one. press release from Lok Sabha’s secretariat.
The panel also favored a framework to regulate hardware manufacturers, who also collect data with software. It has favored a certification mechanism for all digital devices and the Internet of Things (IoT).
“The committee, given the immediate need to regulate social media intermediaries, expressed the belief that these designated intermediaries can work as content editors in many situations, given that they have the flexibility to select the recipient of the content and also exercise control over access to any content hosted by them, ”the report said, asserting that a mechanism should be devised for their regulation.
The panel recommended that all social media platforms, which do not act as intermediaries, be treated as “publishers” and be held accountable for the content they host.
“Further, the Committee recommended that a statutory media regulatory authority, modeled on the Press Council of India, could be established to regulate content on all such media platforms, regardless of the platform on which their content is published, whether online, print or otherwise, ”he said.
A mechanism should be devised where social media platforms, which do not act as intermediaries, will be held accountable for the content of unverified accounts on their platforms.
“Once the verification request is submitted with the necessary documents, social media intermediaries must verify the account,” the report said.
The panel suggested that no social media platform should be allowed to operate in India unless the parent company managing the technology sets up an office in India.
He also sought to broaden the sphere of data protection law to include personal and non-personal data, claiming that defining or restricting the new legislation only to the protection of personal data or naming it the data protection bill. personal data is “prejudicial to privacy”.
“The committee therefore recommends that, since the DPA (Data Protection Authority) will process both personal and non-personal data, any other policy / legal framework on non-personal data can be part of the same text instead of ‘other legislation,’ he said.
As soon as the provisions to regulate non-personal data are finalized, there could be a separate regulation on non-personal data in the data protection law which will be regulated by the Data Protection Authority, he said. He suggests.
The parliamentary joint committee last month adopted the report on the draft law on the protection of personal data. The data protection bill seeks to give the government the power to exempt its investigative agencies from the provisions of the law, a move strongly opposed by opposition MPs who have tabled their notes of dissent.
The suggestions made by the panel are not binding.
The parliamentary committee further recommended that approximately 24 months be allowed for the implementation of all provisions of the law.
Other recommendations include fixed guiding principles for dealing with a data breach, a mechanism to be followed / decided for the processing of personal data when the child reaches the age of majority, an alternative financial system to be developed in India.
The committee, in its report, said that although there are provisions (in the bill) for the cross-border transfer of data, “certain concrete steps need to be taken by the central government to ensure that a mirror copy of the sensitive and critical personal data which is already in the possession of foreign entities is compulsorily brought to India in a limited time ”.
A 72 hour deadline for reporting a personal data breach has been suggested.
The panel also preferred that the provisions relating to sanctions for ‘data trustees’ (those who determine the purpose and means of the processing of personal data) remain flexible, asserting that’ flexibility in the imposition of sanctions is required because digital technology is evolving rapidly and the quantum of the sanction to be imposed should be decided taking these factors into account ”.
The Committee noted that at present there is no single agency that regulates the different forms of media, in particular news media, in the country.
“In the Committee’s view, existing media regulators such as the Press Council of India are not adequately equipped to regulate the journalism industry which seeks to use modern communication methods such as media platforms social or the Internet in general, ”he said.
In this regard, the committee considered it necessary to create a statutory media regulator to achieve these objectives.
“The committee hoped that section 36 (e) could be amended to allow any statutory media regulator that the government may create in the future and until the government can also issue rules in this regard. “, indicates the report of the group of experts.
(Only the title and image of this report may have been reworked by Business Standard staff; the rest of the content is automatically generated from a syndicated feed.)