Personal Data Protection Act…2.. RTI Act amended

The much awaited Data Protection Act of India has finally come to the open with a copy of the draft now being available. This appears as a text of the Bill and needs to be passed by the Parliament, approved by the President and notified in the Gazette before it becomes a law. This is part of a series of articles on the new Bill which when it becomes an Act will bring several changes to the Privacy and Data Protection scenario in India.

[This is the second of a series of articles that will be published on this topic…Naavi]

Presently the Section 8(1)(j) of Right to Information Act 2005 stated as follows:

 “information which relates to personal information the disclosure of which has not relationship to any public activity or interest, or which would cause unwarranted invasion of the privacy of the individual unless the Central Public Information Officer or the State Public Information Officer or the appellate authority, as the case may be, is satisfied that the larger public interest justifies the disclosure of such information: Provided that the information, which cannot be denied to the Parliament or a State Legislature shall not be denied to any person.”

Now this has been replaced with :

“information which relates to personal data which is likely to cause harm to a data principal, where such harm outweighs the public interest in accessing such information having due regard to the common good of promoting transparency and accountability in the functioning of the public authority;

Provided, disclosure of information under this clause shall be notwithstanding anything contained in the Personal Data Protection Act, 2018;

Provided further, that the information, which cannot be denied to the Parliament or a State Legislature shall not be denied to any person.

Explanation. —For the purpose of this section, the terms „personal data‟, „data principal‟, and „harm‟ shall have the meaning assigned to these terms in the Personal Data Protection Act, 2018.”

The change is consequential. However it requires an interpretation of “likely to cause harm” if disclosed and that such harm outweighs the public interest.

This means that before any personal information is disclosed the Information officer should quantify and document the “Likely hood of harm” and “Public Interest” before arriving at a decision to allow or disallow the release of the information.

Naavi

A Copy of the Proposed Bill is available here (67 pages)

A more detailed Report of the Srikrishna Committee is available here (213 pages)

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.