wordpress blog stats
Connect with us

Hi, what are you looking for?

Lower age of consent to allow children to benefit from technology: MP Ritesh Pandey On Data Protection Bill 2021

A breakdown of the committee member’s dissent note reveals the rationale behind his proposed amendments.

Source: Lok Sabha TV

In his dissent note on the Joint Parliamentary Committee (JPC) report on the Data Protection Bill, Lok Sabha MP Ritesh Pandey objected to the high age of consent, the composition of the Selection Committee tasked with appointing members of the Data Protection Authority, and the power of the government to exempt any of its agencies from the Bill.

“I am in complete agreement with the recommendations of this Committee, barring [these] three sections,” Pandey said.

The landmark JPC report along with Data Protection Bill 2021 was tabled in both houses of the Parliament on December 16 after two years of deliberations, bringing us one step closer to India’s first data protection law.

Here’s our complete guide to the Data Protection Bill, 2021

Age of consent too high, not in the best interest of children

Section 3(8) of the Bill defines a “child” as a person who has not completed eighteen years of age. Data fiduciaries processing children’s data have a different set of obligations to follow including getting consent from a parent or guardian before processing the child’s data.

  • Proposed amendment: Pandey has recommended bringing down the age of consent to fourteen years.
  • Rationale: Pandey argued that the current definition “does not stand with the principle of the best interest of a child in the digital age.”

 “Although protecting children’s privacy and welfare is a vital concern of the Bill, the definition of a child should be anyone under the age of 14, so as to allow young users to benefit from innovative technologies without the onus of obtaining consent from their parent/guardian. This amendment also takes into account the social barriers that young women face in accessing the internet, particularly in rural India.” — MP Ritesh Pandey

Government power to exempt any of its agencies must be based on the principle of necessity and proportionality

According to Section 35, the Central Government has the power to exempt any government agency from all or any of the provisions of the Data Protection Act for various reasons.

Advertisement. Scroll to continue reading.
  • Proposed amendment: Pandey has recommended that any exemption should be granted based on the principle of necessity and proportionality and under no circumstances should any government agency be exempted from sections 5 and 24. Section 5 lays down that personal data must be processed in a fair and reasonable manner and ensure the privacy of the data principal and for the purposes that the data principal consented to, while section 24 deals with security safeguards such as encryption and measures to prevent unauthorised access.
  • Rationale: Pandey wrote that Section 35 “gives broad-reaching and unfettered power to the central government” and referred to the Personal Data Protection Bill, 2018 (“the Srikrishna Bill”), which allowed government access to personal data for security purposes based on principles of necessity and proportionality and upon due authorisation under law.

“Section 35 of the current bill effectively enhances existing surveillance powers of the government without the limitations built in Section 5 and guaranteeing best practices of security under Section 24. Therefore, granting access to personal data to the Central Government, without appropriate safeguards and judicial oversight is against established constitutional principles and should not form part of the Bill.” — MP Ritesh Pandey

Selection Committee for DPA members must be impartial and independent

According to Section 42 of the Bill, the Chairperson and the Members of the Data Protection Authority will be appointed by the Central Government on the recommendation made by a Selection Committee. The Selection Committee will be constituted by:

  1. The Cabinet Secretary, who shall be Chairperson of the Selection Committee
  2. The Attorney General of India
  3. The Secretary to the Government of India in the Ministry or Department dealing with the Legal Affairs
  4. The Secretary to the Government of India in the Ministry or Department dealing with Electronics and Information Technology
  5. An independent expert to be nominated by the Central Government from the fields of data protection, information technology, data management, data science, data security, cyber and internet laws, public administration or related subjects
  6. A Director of any of the Indian Institutes of Technology to be nominated by the Central Government
  7. A Director of any of the Indian Institutes of Management to be nominated by the Central Government
  • Proposed amendment: Ritesh Pandey has suggested that the Selection Committee must also include a Supreme Court judge appointed by the Chief Justice of India and that the Committee must have a flat hierarchical structure i.e. each member has an equal vote and equal power within the committee. Furthermore, the industry expert and academic experts must be confirmed by Parliament, Pandey said.
  • Rationale: 

“The J, Srikrishna Committee Report emphasized that the independence of the DPA is of paramount importance to the welfare of data principals and the growth of India’s technology industry. Therefore, it is vital to ensure that the members of the DPA are impartial and independent of outside influence from any party including the central government.” — MP Ritesh Pandey

Get our white paper on the Data Protection Bill 2021 in your inbox

We may also reach out occasionally with our coverage of the Data Protection Bill and more.
By filling out this form, you agree to receive a copy of MediaNama's white paper and further information about MediaNama's work and services.

Subscribe to MediaNama to get access to our ongoing coverage of the bill. Here is everything we have planned around the report:

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ