Digital Policy Alert logo

India: Introduction of Personal Data Protection Bill to house

Go to policy change overview
Share

Compare with different regulatory event:

Description

Introduction of Personal Data Protection Bill to house

The Personal Data Protection Bill (2019) was introduced to the House (Lok Sabha). It includes a comprehensive data protection regime. Among others, the bill would set out the rules for cross-border data transfers (art. 33 et seq.). Whereas sensitive personal data may be transferred outside India under the express consent of the data subject, critical personal data (as may be defined by the government) can only be processed in India. Exemptions thereof may be possible.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cross-border data transfer regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
legislature
Government Body
parliament

Complete timeline of this policy change

Hide details
2019-12-11
under deliberation

The Personal Data Protection Bill (2019) was introduced to the House (Lok Sabha). It includes a com…

2021-12-16
under deliberation

On 16 December 2021, the Indian Joint Parliamentary Committee (JPC) on the Personal Data Protection…

2022-08-03
rejected

On 3 August 2022, the Indian Government withdrew the Personal Data Protection Bill (2019) which had…

Key regulatory dimensions

Regulated subjects

The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type Private organisation
Economic activity cross-cutting
Category All

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): transfer: cross-border
Regulatory tool
Data storage/retention obligation
Sanctions
Regulated subjects
1
personal data: biometric: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: genetic: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: financial or credit information: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: health: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: sexual orientation: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: religious beliefs: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1
personal data: political orientation: transfer: cross-border
Regulatory tool
User consent: Opt-in requirement
Data storage/retention obligation
Other oversight tool
Sanctions
Fine
Regulated subjects
1

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.

personal data (all forms): transfer: cross-border

personal data: biometric: transfer: cross-border

personal data: genetic: transfer: cross-border

personal data: financial or credit information: transfer: cross-border

personal data: health: transfer: cross-border

personal data: sexual orientation: transfer: cross-border

personal data: religious beliefs: transfer: cross-border

personal data: political orientation: transfer: cross-border