India’s data protection Bill comparison with EU regulation

  • IASbaba
  • December 19, 2021
  • 0
UPSC Articles
Print Friendly, PDF & Email


  • GS-3: Indian Economy and challenges
  • GS-2: Government policies and interventions for development in various sectors and issues arising out of their design and implementation.

India’s data protection Bill comparison with EU regulation

Context: The Joint Committee of Parliament on the Personal Data Protection Bill recommendations on the Personal Data Protection Bill are in some aspects very similar to global standards such as European Union’s General Data Protection Regulation, but differs in aspects such as jail terms. 


Parameter EU India
Consent Users must have informed consent about the way their data is processed so that they can opt in or out. Processing of data should be done in a fair and transparent manner, while also ensuring privacy
Breach Supervisory authority must be notified of a breach within 72 hours of the leak so that users can take steps to protect information Data Protection Authority must be informed within 72 hours; DPA will decide whether users need to be informed and steps to be taken
Transition period Two-year transition period for provisions of GDPR to be put in place 24 months overall; 9 months for registration of data fiduciaries, 6 months for DPA to start
Data fiduciary Data fiduciary is any natural or legal person, public authority, agency or body that determines purpose and means of data processing Similar suggestions; additionally, NGOs which also process data to be included as fiduciaries

Difference between EU’s regulation and JCP recommendations:

Parameter EU India
Anonymous information Principles of data protection do not apply to anonymous information since it is impossible to tell one from another Non-personal data must come under the ambit of data protection law such as non-personal data
Punishment No jail terms. Fines up to 20 million euros, or in the case of an undertaking, up to 4 % of their total global turnover of the preceding fiscal year Jail term of up to 3 years, fine of Rs 2 lakh or both if de-identified data is re-identified by any person.

Connecting the dots:

  • Justice Sri Krishna Committee Report on Data legislation
  • K.S. Puttaswamy Judgement

For a dedicated peer group, Motivation & Quick updates, Join our official telegram channel – https://t.me/IASbabaOfficialAccount

Subscribe to our YouTube Channel HERE to watch Explainer Videos, Strategy Sessions, Toppers Talks & many more…

Search now.....