India’s Proposed Data Protection Law and Analysis of India-US Executive Agreement Under the CLOUD Act

The digital economy is burgeoning in India. The country has more than 300 million social media users, more than 580 million internet subscriptions, and 74 billion UPI transactions reaching INR 125.84 trillion in 2022, and at last, the e-commerce consumer base is expected to outplay the US in coming years. The data and data storage are non-rivalrous good. Data is consumed by large numbers of people and corporations, its control and distribution however happen without the consent of the owner. 

The concepts of security and privacy are still developing. In November 2022, Central Depository Services Limited (CDSL) central securities depository detected cyber malware in machines, disconnecting from the capital market. Recently, data from AIIMS, Delhi was also breached. Furthermore, the frequency of ransomware attacks in 2021 impacted even Indian organizations. The majority of such attacks happen in data centers. Cybersecurity risks make individuals and organizations extremely vulnerable. With the internet, every aspect of life from home automation to individual fitness routines is now digitized. 

Therefore, all such incidents command a public policy to protect data and a person’s privacy. The right to Privacy has now been regarded as a fundamental right by the Supreme Court in 2017. This further brings the question of protecting personal data to the forefront. The right held that informational privacy or privacy to maintain personal data and facts also comes under the ambit of the Right to Privacy. This paper intends to understand and analyze India’s Data Protection Bills introduced in 2019 and again in November 2022. It also emphasizes the debate around  India- US Executive Agreement under the CLOUD Act.

Click Here To Read The Paper

Author: Aena Rawal