India has proposed new rules regarding how technology companies use data, and the proposal is similar to Europe’s GDPR regulation, according to a report by TechCrunch.
The new rules would force companies to get consent from people before their data is collected, and before they could use personal data.
The proposed rules also have a twist, as they would compel companies to hand over to the state “non-personal”
data on users, and the government would be able to collect data without consent if it served the country or the larger public interest.
The rules are collected in the proposed Personal Data Protection Bill 2019, and would allow New Delhi to “exempt any agency of government from application of Act in the interest of sovereignty and integrity of India, the security of the state, friendly relations with foreign states, public order.”
The bill is going to be discussed in the country’s parliament in the coming weeks, and certain laws that were passed more than 10 years ago wouldn’t be changed or updated at all.
The new regulation would also let New Delhi have the ability to ask any “data fiduciary or data processor” to provide “anonymized non-personal data” to help the government.
It could potentially change operations in the country for technology companies like Google, which has over 600 million internet users.
The bill was originally drafted two years ago, and it has gone through major changes in the meantime. An earlier draft said that the government in India couldn’t collect or process personal data unless there was a procedure to follow.
Another proposed rule seems to be directly pointed at companies like Facebook and Twitter, which the bill would identify as companies that enable “interaction between two or more users.”
The rule would require companies to give users an option to verify their identity and then have a way to advertise that on their profile, much like the blue tick that Facebook and Twitter have for celebrities, or other accounts that draw public interest.