Digital India Act: Revolutionising Digital Governance

Beware! You are being watched! 

While you go by your mundane life, drinking your coffees, working your 9 to 5s, or scrolling through your Instagram, someone has their eyes on you. Every move you make, every grocery item you purchase and even all the favourite TV shows you watch is being noted down by your stalker. No, I am not talking about the usual stalker stereotype, a mysterious individual donned in black attire with dark sunglasses and a face covered by a hat. The stalkers, this time, are the big and small corporations operating via the digital waves.   

While you search for a keyword, suppose “the best locations in Thailand”, a pop-up window appears. This pop-up asks the user politely whether they would like to allow cookies for the page. This might seem like an innocent plea; after all, who doesn’t love cookies? But don’t get too excited, as you won’t be receiving sweet, sugary bites delivered to your doorstep. Instead, these metaphorical cookies would act like hidden cameras, catching every move you make online and keeping you in constant scrutiny.

The present security regulation for India, the Information Technology Act 2000, has many loopholes. These loopholes give corporations from different sectors, e-commerce or digital media, the chance to misuse their user's data for their benefit. To ensure complete safety and retain the user’s privacy, the Ministry of Electronics & Information Technology (MeitY) has announced the launch of the Digital India Act.

Giving you an A-Z description of what this new act is all about, I will be discussing how it will impact both users and corporations. So, grab your drink of choice and get on the ride of the data wheel and discover data usage with me. 

What is MeitY & Why is it Needed? 

Remember how I talked about the cookies on websites? So, these little cookies, which you permit in seconds, are actually small text files. These files contain information regarding what kind of usage you performed while being on that website. In simple words, suppose you have entered a clothing website. So, all the actions you perform while being on that particular website, like the search queries you make or the items you click on to explore in detail, are collected in text format in those cookie files. This allows the websites to learn what are the user’s preferences so that they can make suggestions based on that algorithm and hence increase their conversions. 

Sounds simple? Meh! It’s actually not. You might feel like this kind of basic information is no big deal. Still, by giving permission to “Allow All Cookies”, you are handing over access to your personal details to the websites. The best example of this is how after making an inquiry for a certain serum on any website or shopping app, you will see ads for serums everywhere you go. This one thing still gives me the creeps, I tell you!😨

Apart from the cookies, there are several other issues a user might face due to the misuse of data. Many times people get their devices hacked and end up getting scammed for money or personal images and videos stored in those devices. To shield all Indian citizens from the attack of digital crimes like phishing, tracking, misinformation, salami slicing, catfishing, etc., the Ministry of Electronics & Information Technology (MeitY) department is responsible. 

Since its establishment in 2016, MeitY took charge when the Department of Electronics & Information Technology and the Ministry of Communications and Information Technology were bifurcated. So, for all the woes regarding the digital world, MeitY is responsible for bringing justice and security to Indian citizens. They do this by introducing systematic and unbiased policies as well as bills that cater to all kinds of situations and scenarios the netizens might come across while playing with their big-shot gadgets. 

Revamping the Digital Security With Digital India Act, 2023

At present, around 690 million Indians use internet for entertainment, information, or other purposes. This grand number makes ours the largest democracy, which is digitally connected around the globe. Looks like PM Modi’s Digital India plan is going wonderfully well. Despite such a large number of users spending 5-7 hours in a day (on average), the law protecting the same users in the country is not something to flaunt around.

That’s right! I am talking about the Information Technology Act. The 90-section act, with 13 chapters and 4 schedules, was passed in the budget session of May 2000. It was devised during the entrance of the Internet in India. During those times, when only 5.5 million Indians were digitalised, the crimes used to be pretty simple and direct (still not a good thing, but our GenZ never likes doing things simply, even if it's a crime). There was no phishing or salami slicing, just direct hacking, cybercrime, and such. So, the IT Act devised contained laws to deal with crimes and situations of such parameters. That is why it is not qualified to regularise the netizens at the present time.

For which the MeitY came out with a complete framework and is all set to launch its draft by the first week of June 2023. Named the “Digital India Act”, this new bill is going to replace the now-useless IT Act 2000. This decision was a long time coming, 22 years to be exact, to make the digital grounds safe and regularised for the public. So, what are the features one can expect from this new draft? What are the rules and laws dumped, and what new leeways have been given to the government as well as business organisations? Let’s check out what you can expect from the Digital India Act one point at a time. 

What to Expect from the Digital India Act?

As per the pre-draft consultation held by MeitY minister Rajeev Chandrasekhar on March 9th, 2023, expectations are high. To help you get a clear vision of what the DIA bill might include, here are a few pointers:

Note: Two terms are utilised throughout the bill to determine the entities included properly.  One is a data fiduciary, and the other is a data principle. A data fiduciary is a person who decides the purpose of the data collected along with the means through which it is collected. In contrast, a data principle is an entity whose data is being collected. Let’s call them df & dp (hoping you don’t get confused with your profile’s Display Picture).

Fair Trade Practises

Finally, tapping into the muddy water of trade practises when it comes to the digital part of businesses. MeitY has cleared the air about its intentions not to give any kind of leeway when it comes to Indian users' data privacy. No more hiding behind complicated agreements for privacy or terms & conditions. As per interviews and different sources, the DIA will contain clear regulations on how the corporations, i.e. the data fiduciaries, would be held accountable for the usage of data collected. Along with this, there are going to be limitations in the collection of 3rd party data (as highlighted in the Data Protection Bill, 2022). So, companies like Google won’t be able to misuse their user’s data, such as tracking location or sell this data to others for profitable usage. 

No More Complicated Jargon

What’s the one thing you find difficult about the government bills and legalities? For me, it’s the complicated framing of sentences and the big jargon. Although the law should be well-defined so as to avoid including any segment and give the law complete authenticity too, the IT Act is an example that this can be done using understandable words as well. Even our MoS Rajeev Chandrasekhar believes this. In an interview, the minister said the DIA bill would be devoid of complicated jargon so as to make sure that every individual can understand what their right is in this category. 

All Intermediaries Covered

While the IT Act was devised, India only had one intermediary in terms of business. It was only the digital world of computers. Today, there is more than one intermediary present, namely, e-commerce, digital media, social media, OTT, gaming, etc. All these intermediaries utilise a variety of data to enrich their platforms with their targeted audience. Thus, there are breaches and misuse of data in different forms. So, every intermediary needs to be regulated as a separate entity which is a key factor of the DIA bill. So, social media regulations and internet regulations are included, unlike only internet regulations in the IT Act 2000.

Includes Personalised Digital Data

The Digital India Bill is all about digital personal data. It is basically about the rights of the data principles (citizens), the obligation of the companies who deal with processing that data and how one deals with the breach of the law. It will make reporting for cybercrime or other kinds of digital misconduct more accessible to users. Plus, the bill would make getting justice much faster through the adjudication process. 

Subordinate Legislation

The Digital India Act is going to be drafted in the subordinate legislature format. This means that the body selected to draft the bill is a substitute for the legislature and can exercise the power to modify the bills within specific limits. This kind of subordination is done with the mindset of leaving space for improvements for future times. Thus, the bill should be evolvable as per market change or development in technology. 

In an interview, Minister Chandrasekhar describes the subordination of the bill; 
“Subordinate legislation is not a free pass for the executive. It has to be passed in the parliament just like amended IT laws. The world is evolving, and so should the digital ecosystem, and that is what the main motive of MeitY is. The reason why there is subordination in the legislation of these bills is that there is always room for more improvement when it comes to digital protection. So, to support the requirement of another improvement in the future, there won’t be the need to spend 6 months just understanding what the laws were and how to enhance them. The continuation will help save time and find the right developments the bill requires.”

Human Rights: Version 2.0

Every human being has six basic fundamental rights; 

• Right to speech and expression,
• Right to equality,
• Right to cultural and educational rights,
• Right to freedom of religion,
• Right against exploitation,  
• And right to constitutional remedies.

But, many are not aware that as part of a digital society, we have digital rights as well. They are: 

• Right to be forgotten, 
• Right to secure electronic means, 
• Right to redressal, 
• Right to digital inheritance,
• Right against discrimination, 
• Right against automated decision-making, etc.  

The DIA will contain regulations making sure that the netizen's digital rights are secured and protected. After all, everyone has the right to feel safe while surfing the internet. 

Playing favourites with Big Firms

From the little data MeitY has given regarding the content of the Digital India Act, one thing is clear. Indian users’ rights will be protected much better than what the IT Act 2000 could do. But, the section regarding its effect on companies, i.e. data fiduciaries, is still a bit uncertain. Yes, the sharing of users' personal data without their knowledge and permission is likely to be deterred. But would it cause difficulty for big firms like Google and Meta? 

Many believe that the blockage on sharing of third-party data is only going to cause harm to the small firms who rely heavily on it to gain large revenues. After all, how could they share the ad with a user without knowing what their preferences are, right? But giants like Google won’t be affected too much as they have the means (and connections!) to pay the fine, just fine! (See what I did there? 😉) 

Seeing what remedy the Electronics & IT department bring out for this problem would be interesting. 

The Bottom Line

With a population of over 600 million using smartphones daily, India has the power to make or break trends. We all rely upon the internet to gain information, catch a break with an exciting or soothing web series and shop for the cheapest and the trendiest items online. Amidst all this, basic details such as name and gender to sensitive information like demography, internet history, location, etc., are stored and sold by companies whose websites or social media pages we visit. 

Although data leakage is the key to the booming advertising industry in India, it is also the reason behind many people losing their identity, money, and even a good night's sleep. Let’s see whether this method of drafting a bill via a joint venture including the government, legislative officials, and shareholders from different business sectors would work well or not in the creation of a strong and resilient digital act.

Read our best articles on Technology related articles here.