India has approved a controversial data privacy bill that aims to ease data transfers and storage between countries for BigTech companies, marking a win for large companies like Meta and Google, despite receiving a flurry of criticism. 

The 2023 Digital Personal Data Protection Bill gives permission for companies to export data freely to any country, apart from specifically named exceptions. This makes it considerably easier for Big Tech, reducing compliance issues.

The data privacy bill also makes it mandatory for companies to obtain consent before collecting explicit user data. 

It also gives different sectors a bigger say in their data rules for their specific industries, which provides a more free-flow approach to data regulation and privacy. 

However, the data privacy bill has been criticised by independent bodies and opposition leaders for the extensive exceptions that the bill gives to India’s government.

For example, the government is able to overrule the need for companies to obtain consent before collecting user data in “certain legitimate uses”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

As well as this, the new bill allows the government to put together a data protection board and appoint all its members. 

“It’s good news for the Indian government, as the bill will give it extensive exemptions around data privacy, including when it comes to prioritising the sovereignty and integrity of India and the security of the state,” Laura Petrone, analyst at GlobalData, told Verdict. 

Adding: “From this perspective, human rights groups will continue to be dissatisfied with the bill for enhancing the power of the state to conduct surveillance.”

The bill comes almost a year after it was abrudetly withdrawn by the government following major backlash. Back then, India’s Junior IT Minister Rajeev Chandrasekhar said the government would be work on a “comprehensive legal framework” and present a new bill.

Petrone described the bill as “long overdue”, noting that countries like India who are embracing digitalisation “need greater certainity about how data is protected and how it is transferred outside the country”.

“India’s approach to tech regulation reflects its concerns about containing Big Tech’s market power while ensuring that the country continues to attract foreign investment,” Petrone said.