India's Joint Parliamentary Committee Announces Recommended Changes to Privacy Bill

Last month, the Indian Joint Parliamentary Committee submitted its report on the 2019 Personal Data Protection Bill after two years of consideration, research, and analysis. The bill, while not a certainty but likely to pass, would replace what some consider to be archaic data protection regulations. Although not finalized, the biggest obstacle if implemented as envisioned is strict data localization. India has been in the group of countries legislating data privacy for decades, culminating in the 2021 JPC report submission. Here’s a look at the history of data privacy legislation in India.


The History of Data Privacy Legislation in India

  • 2000 – Information Technology Act is passed by parliament and signed by President K.R. Narayanan addressing electronic documents, e-signatures, and record authentication.
  • 2017 – The Indian Supreme Court hears Justice KS Puttaswamy vs Union of Indiaand passes a historic judgment affirming the constitutional right to privacy.
  • 2019 – Introduction of the Personal Data Protection Bill and immediately sent to the JPC to be examined.
  • 2021 – JPC submits report on PDP to Indian Parliament revisions.


The long-awaited report submitted December 16, 2021 by the JPC has provided necessary clarification and modifications that seek to enhance the syntax and governance of the bill.


The recommended amendments are as follows:

  • Scope – The bill has a proposed name change to Data Protection Bill and will cover both personal and non-personal data which is unusual as distinction of data type can be difficult when managing mass amounts of data. Clauses also address the deceased and transfer of minor rights (see Clause 16 below).
  • Implementation Timeline – The report outlines a timeline with a 24-month implementation period for data processors to comply.
  • Definitions – The following terms have been defined or revised: consent manager, data auditor, data breach, data fiduciary, data processor, data protection officer, harm, and non-personal data.
  • Clauses 13 & 14 – These clauses apply to consent of personal data processing for employment and legitimate interest, marrying the interests of both the data principal and data fiduciary.
  • Clause 16 – Entities dealing with the data of children must register with the DPA and are required to communicate with the subject 3 months prior to adult age to regain consent and “must continue providing the services to the child unless the child withdraws consent.”


The implementation timeline for the Data Protection Bill is still unknown but will likely be a phased approach. Like California, there is discussion of an oversight committee called the Data Protection Authority of India that would supervise compliance with the proposed law. With the notable amendments to the bill, it’s unlikely we’ll see this come to fruition quickly. Not unlike most proposed privacy legislation, it has been met with dissent and opposition and will have to make its way through the courts of India before becoming law.


All Posts

The Importance of Data: The Top Benefits of Collecting Customer Data

Roughly 2.5 quintillion bytes of data are generated every day -- and that unbelievable number is only going to continue to get higher. 

No matter the industry you work within, the demographics of your target market, or the kinds of goods/services you provide, you know that collecting data about your customers helps you to improve nearly every aspect of your business. 

And even though you may not be able to capture all 2.5 quintillion bytes of consumer data, you want to ensure that you put the customer data you do collect to the best possible use. 

The types of data collected by companies can include information on a fitness watch, a user's IP address, past search queries, a user's location, and even the ads that someone clicks on online. 

But what exactly are the benefits of collecting this kind of consumer data, and what are your responsibilities when it comes to collecting and storing customer data? 

Keep on reading this post to find out. 

1. Data Provides a Deeper Understanding of Your Market

Perhaps the biggest reason why so many companies collect consumer data is that it helps them to get a much better understanding of the way their consumers behave online, define their overall demographics, and identify the ways in which they can improve the overall customer experience. 

Data makes it much easier for your company to understand what your customers want from your company, the specific products/services they're looking for, and even how they prefer to interact with your brand. 

When you know more about your customers, you can tweak everything about your business to better fit their needs. You can also improve the ways in which you communicate with your target market, optimize your website to improve the user experience, and much more. 

2. Data Collection Improves Your Consumer Database

We know that you're always looking for the most effective ways to grow and organize your company database -- and collecting customer data can certainly help to make that happen. 

You'll be able to collect the IP addresses, email addresses, and even potentially phone numbers of the people who have interacted with your brand in some way. 

This means you can reach out to them about future opportunities, improve your lead generation strategy, and better gauge the actual level of interest a consumer has in your company based on the way they act on your site or respond to advertisements in another way. 

So, you'll spend more time, energy, and marketing money on quality leads.

You'll have the information you need to be able to send them SMS marketing updates, email newsletters, special offers, and much more.

3. Consumer Data Improves Your Marketing Strategies

Especially in today's world, your company's overall digital marketing strategy is more important than ever. 

If you want to outrank your competitors, increase your conversions, and establish a sense of trust and transparency between your brand and your market, you need to do everything that you can to optimize your marketing campaign. 

And the reality is that you simply can't do that without collecting data and using it to inform everything about the way you market your products/services to consumers.

Data will be able to tell you which of your marketing campaigns and tactics your target audience responds to the most and prefers, so that you can create more effective and targeted advertisements in the future. 

You'll learn more about your average buyer persona, their preferred social media platforms, which products they're the most interested in, and much more. 

Data can also help you to get a better insight into the overall customer path/journey on your website. This way, you can make the necessary improvements to improve the user experience and convince them to convert. 

4. It Allows For Greater Personalization 

Roughly 63% of consumers say that they expect personalization from the companies they work with when it comes to marketing and product suggestions, order confirmations, and any sort of communication between themselves and your business. 

Collecting data allows you to meet consumer expectations in regards to personalized communications and suggestions. 

Additionally, the more you know about the kinds of products/services your customers are interested in, the more likely you are to pitch them products they're the most likely to buy and close the sale. 

You can segment your marketing strategies according to consumers who have similar interests, allow for the autocompletion of payment methods and other forms on your website, and even get a better understanding of the devices that customers prefer to use when accessing your website.

This goes a long way towards improving your ROI, shortening your sales cycle, and making the kind of expansion you've always dreamed of a reality. 

Understanding Your Responsibilities

As you can see, there are countless benefits of collecting consumer data -- but those advantages also come with specific responsibilities. 

The General Data Protection Regulation (GDPR) outlines guidelines that companies must follow regarding data collection and protection. For example, guidelines include not keeping data for longer than needed, ensuring that the data is kept secure, and, above all, responding to Subject Access Requests (SARs.) 

Under SAR regulations, you are required to provide a copy of the personal data that your organization has collected about individuals (whether they're consumers, employers, or simply individuals who have visited your website.)

Most companies need help with automation, tracking, task management, and other issues regarding individual rights and privacy management. 

Our software can help to make that happen. 

Request your free demo from us today, and get ready to future-proof the way your company approaches privacy management! 

Truyo Product Preview

About Truyo
Powered by IntelⓇ, Truyo is the automated answer for enterprises seeking to deploy truly integrated SAR, consent, and other data privacy rights processing capabilities that scale with your needs, deliver conspicuous compliance, and adapt to new privacy regulations as they emerge.
Recent Posts

India's Joint Parliamentary Committee Announces Recommended Changes to Privacy Bill

Last month, the Indian Joint Parliamentary Committee submitted its report on the 2019 Personal Data Protection Bill after two years of consideration, ...

Log4J Vulnerability Update

At Truyo we take data privacy and security very seriously. Recently a security vulnerability was reported in the open-source Java library “Log4J” that...

Forrester Wave Announcement: Truyo Named Strong Performer

Report notes Truyo’s “management and fulfillment of individual privacy rights capabilities are some of the best in the market ” PHOENIX (Dec. 09, 2021...

Human Error: The Pitfalls of Manual SAR Response

In the age of information, organizations have increased the amount of consumer data housed in structured and unstructured environments. As consumers b...