wordpress blog stats
Connect with us

Hi, what are you looking for?

A complete guide to the Data Protection Bill, 2021

The Data Protection Bill, 2021 is one of the most important pieces of legislation in Indian tech policy.

The report of the Joint Parliamentary Committee (JPC) on the Personal Data Protection (PDP) Bill was tabled in both Houses of Parliament on December 16, bringing us one step closer to India’s first data protection law, which will significantly impact how businesses collect data about users and the rights that users have over the data that is collected about them.

MediaNama has prepared a guide to the Data Protection Bill, 2021, that gives you an overview of the Bill, its history, concerns, and what people think about it.

  1. The Bills:
    1. JPC Report and Data Protection Bill, 2021 [download]
    2. Personal Data Protection Bill, 2019 [download]
    3. Personal Data Protection Bill, 2018 [download]
  2. Summaries of various key sections of the Data Protection Bill, 2021:
    1. Obligations of data fiduciaries [read]
    2. Personal data of children [read]
    3. Rights of individuals [read]
    4. Reporting of data breaches [read]
    5. Role of data protection officers [read]
    6. Data localisation norms and restrictions on cross border data transfer [read]
    7. Powers of the government and government access to data [read]
    8. Data Protection Authority (DPA) [read]
    9. Non-Personal Data (NPD) [read]
  3. Key Takeaways From The JPC Report Tabled In Parliament [read]
  4. Exclusive interview with JPC Chair PP Chaudhary [read]
  5. Dissent notes to the Data Protection Bill, 2021:
    1. All dissent notes [download]
    2. Summaries:
      1. Lok Sabha MP Manish Tewari [read]
      2. Lok Sabha MP Mahua Moitra and Rajya Sabha MP Derek O’Brien [read]
      3. Lok Sabha MP Ritesh Pandey [read]
      4. Rajya Sabha MP Dr. Amar Patnaik [read]
      5. Rajya Sabha MP Vivek Tankha [read]
      6. Rajya Sabha MP Jairam Ramesh [read]
      7. Lok Sabha MP Gaurav Gogoi [read]
  6. MediaNama’s Decoding India’s Data Protection Bill Event #NAMA:
    1. MP Ritesh Pandey On Data Protection Bill: Childrens Consent, DPA, Govt Access To Data; Hopes That Judiciary Will Add Checks And Balances [read]
    2. Obligations of Data Fiduciaries:
      1. Lower Age Of Consent, Limit Data Portability, Strengthen Data Breach Rules, And Introduce More Grounds For Processing Data [read]
      2. Financial Data, Non-Personal Data And Algorithmic Transparency Should Be Regulated Separately [read]
    3. Cross-Border Data Transfers 
      1. Restrictions On Cross-Border Data Transfer Will Hurt Indian Start-Ups That Depend On Global Tools [read]
      2. Issues Around Cross-Border Transfer Approval, Data Localisation, Adequacy, And Exemptions To Foreign Data [read]
    4. Data Protection Authority
      1. How Should The DPA Be Set Up And What Functions Should It Have [read]
    5. Government access to data
      1. How Government Access To Data Is Carved Out Of Fiduciary Obligations [read]
      2. How Can We Introduce Accountability For Surveillance Of Citizens? [read]
    6. User Rights
      1. Burden On Users To Establish Harm, Problems In Ascertaining Compensation Amount And More [read]
      2. Possibility Of Misuse Of Right To Be Forgotten, Overlap With Right To Erasure And More [read]
  7. Industry impacts:
    1. Online Advertising [read]
    1. Facing The Consequences Of The Data Protection Bill On Children’s Digital Privacy [read]
    2. How Function Of State May Limit Informed Consent: Examining Clause 12 Of The Data Protection Bill [read]
    3. Clause 12 Of The Data Protection Bill And Digital Healthcare: A Case Study [read]
    4. The Data Protection Bill 2021: A Missed Health Opportunity [read]
  9.  Statements by industry bodies:
    1. IAMAI: Data Protection Bill Has Changed Fundamentally From 2019 Version, Needs Consultations [read]
  10. Personal Data Protection Bill, 2019
    1. A Complete Guide To The Personal Data Protection Bill, 2019 [read]
  11. Other key reading material:
    1. Srikrishna Committee Report (on which the 2018 Bill was based) [download]
    2. Dvara Research’s Personal Data Protection Bill [download]
    3. MP Shashi Tharoor’s Data Protection Bill [read]
    4. MP Jay Panda’s Data Protection Bill [read]
    5. SaveOurPrivacy.in bill [read]
    6. TRAI recommendations on privacy [read], [comments]

We will keep updating this post with more resources and developments.

Timeline of the bill’s progress

  • July 2018: The PDP Bill is first drafted by an expert committee headed by Justice BN Srikrishna.
  • October 2018: Subsequently, the Ministry of Electronics & Information Technology says that it will be drafting the bill.
  • December 2019: The bill is referred to a Joint Parliamentary Committee and BJP MP Meenakshi Lekhi is appointed chairperson.
  • September 2020: The committee requests and obtains an extension of time for the presentation of their report.
  • December 2020: The committee undertakes a clause-by-clause review of the bill.
  • March 2021:  Once again, the committee requests and obtains an extension of time for the presentation of their report.
  • July 2021: The Lok Sabha Speaker rules out any further extension for submission of the report.
  • July 2021: PP Chaudhary is appointed as the new chairperson of the JPC after Meenakshi Lekhi gets elevated to a minister in the Union Cabinet.
  • July 2021: Committee is granted extension to present report in Winter Session.
  • November 2021: Committee holds meeting to discuss consideration and adoption of its draft report.
  • December 16, 2021: Report of the Joint Parliamentary Committee is tabled in the Parliament.

Get our white paper on the Data Protection Bill 2021 in your inbox

We may also reach out occasionally with our coverage of the Data Protection Bill and more.
By filling out this form, you agree to receive a copy of MediaNama's white paper and further information about MediaNama's work and services.

Subscribe to MediaNama to get access to our ongoing coverage of the bill. Here is everything we have planned around the report:

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ