A parliamentary panel report on “Citizens’ data security and privacy” was tabled in the Rajya Sabha on Tuesday in the face of protests by some Opposition members over the inclusion of provisions of a bill that had not been introduced in any House of Parliament nor referred to the committee by the authorities.
Soon after BJP parliamentarian Anil Agrawal tabled the reports of the Standing Committee on Communications and Information Technology, CPM MP John Brittas alleged that the report dealt with provisions of the yet-to-be-introduced Digital Personal Data Protection (DPDP) Bill, 2023. Brittas raised a point of order to state that Rule 270 of the Procedure and Conduct of Business of Rajya Sabha had been violated.
According to Section B of Rule 270, a standing committee shall examine bills pertaining to the related ministries/ departments referred to it by the Rajya Sabha chairman or the Lok Sabha Speaker, as the case may be.
“The report which has been presented is on the digital data protection bill, which has been approved by the cabinet but not introduced in the House, nor referred to the standing committee. The standing committee has overstepped and it is beyond its jurisdiction. And it is breaching your authority and the authority of the House,” Brittas said.
Chairman Jagdeep Dhankhar rejected the point of order. “Report of a committee being put before the House, can it be stopped? It is right to place the report of the committee and the rest will follow in accordance with rules. But to take a stand, this august House must not have this report, your point of order is devoid of any merit,” Dhankhar said.
The standing committee headed by Lok Sabha member Prataprao Jadhav discussed the 2023 bill in its last meeting on July 26. Opposition members walked out of the meeting citing, among other issues, procedural flaws.
The minutes of the meeting of the committee held on July 26 attached with the report tabled in Parliament refer to the objections raised by Opposition MPs who stated that the DPDP Bill of 2023 had not been referred to the committee.
“They also placed on record their disagreement with the Report which examined the clauses of the said Bill. Some Members insisted that a division of votes may be conducted to determine the majority which was eventually not implemented…. At the end of the Sitting, the Chairperson said that the Report was adopted,” said the minutes.
The committee report said the government had published for public consultation a draft DPDP Bill, 2022, that casts obligations on data fiduciaries for the protection of personal data of people. It also referred to the DPDP Bill, 2023, on different issues. For example, it said: “With regard to the reasonable purposes for which data can be processed with deemed consent, the (IT) Department informed the following — ‘In the earlier DPDP Bill, 2022, draft the deemed Consent was applicable only when a data principal was deemed to have given consent for her personal data if such processing is necessary for the specific conditions only including public order, employment etc...’ The deemed consent clause has been henceforth removed after the consultation and feedback received from stakeholders. In the modified draft of DPDP Bill, 2023, in its equivalent format, the personal data can be processed for certain legitimate uses.”
Brittas and minister of state for IT Rajeev Chandrasekhar also sparred on Twitter over this issue after the CPM MP cited the report’s adoption to say: “The ruling party has no hesitation to trample on the rules and regulations. Adoption of a report on DPDP was another instance.”
Chandrasekhar tweeted: “This is misinformation and completely wrong. No bill including the proposed DPDP Bill can be referred to any committee unless it is done so by Parliament. In turn, the bill can be only referred to committee AFTER the Cabinet-approved bill is introduced in Parliament. DPDP has not been introduced into Parliament AND so question of considering it in committee does not arise.”