Why in the News?

The Ministry of Electronics and Information Technology (MeitY) is looking to wrap up public consultations on the draft Rules for the Digital Personal Data Protection Act, 2023 by March 5.

What’s in Today’s Article?

• Introduction (Context of the Article)
• Controversial Provisions of DPDP Act (Section 9(1), Concerns, Govt’s Response, Way Forward, etc.)

Introduction:

• The Ministry of Electronics and Information Technology (MeitY) is finalizing public consultations on the Digital Personal Data Protection (DPDP) Act, 2023 and its draft rules.
• However, disability rights activists have raised serious concerns over a specific provision in Section 9(1), which clubs adult Persons with Disabilities (PwDs) with children and mandates that their legal guardians provide consent for any digital personal data processing.
• Activists argue that this undermines the autonomy of PwDs and reflects a flawed understanding of guardianship laws.

Understanding the Controversial Provision – Section 9(1):

• The DPDP Act requires data fiduciaries (organizations processing data) to obtain verifiable consent from a parent or legal guardian before processing personal data of a child or a PwD with a lawful guardian.
• The definition of PwDs in this provision lumps all individuals with disabilities together, assuming that those with guardians are incapable of making legally binding decisions.
• The draft rules under Rule 10(2) require verification that the guardian was appointed by a court or designated authority under Indian guardianship laws.
• While the rule provides detailed explanations for child consent, it lacks clarity on how guardianship-based consent would apply to PwDs, leading to confusion.

Reasons Behind PwDs and Activists Concerns:

• Undermining Autonomy of PwDs
  • The provision assumes that all PwDs with guardians lack decision-making abilities, ignoring the Rights of Persons with Disabilities (RPWD) Act, 2016, which promotes supported decision-making instead of absolute guardianship.
  • Many PwDs function independently with limited legal support but may still have a legal guardian for specific purposes.
• Legal Confusion Between RPWD Act and NT Act
  • PwDs are governed by two laws:
    • The RPWD Act, 2016 provides for limited guardianship, allowing the PwD to exercise rights with support.
    • The National Trust (NT) Act, 1999 allows full guardianship for individuals with autism, cerebral palsy, or intellectual disabilities.
  • However, the DPDP Act does not differentiate between these categories, applying a blanket rule for all PwDs with guardians.
• Practical Challenges in Implementation
  • There is no clear guideline on how digital platforms should obtain guardian consent for PwDs.
  • If a guardian refuses consent, the PwD may lose access to essential services, such as online banking, e-commerce, or healthcare platforms.
  • Activists highlight gender-based discrimination, where women with disabilities may be denied access to digital platforms without guardian approval.

Risk to Digital Rights of PwDs:

• Disability rights groups argue that the DPDP Act compromises digital rights by making guardian consent mandatory for accessing online services. This could lead to:
  • Exclusion from digital platforms like banking, government schemes, e-commerce, and education portals.
  • Increased control of guardians over PwDs’ choices, restricting their ability to make personal decisions.
  • Legal ambiguity for guardians, who may face penalties under the DPDP Act if their consent leads to data misuse.
• A survey by PACTA and Saksham Disability found that 27.4% of PwDs had legal guardians, yet most of them managed their affairs independently, contradicting the assumptions made by the DPDP Act.

Government's Response and the Way Forward:

• The government argues that limiting the definition of PwDs covered under Section 9(1) helps address concerns.
• However, disability activists argue that this further complicates the issue by adding unclear definitions.
• Recommended changes by disability rights groups include:
  • Amending Section 9(1) to align with the RPWD Act, 2016, ensuring PwDs have decision-making autonomy.
  • Providing clear guidelines on how data fiduciaries should handle guardian-based consent for PwDs.
  • Ensuring that digital accessibility barriers are addressed, as many platforms are still not user-friendly for PwDs.

Conclusion:

The DPDP Act, 2023, aims to regulate digital personal data while protecting user rights. However, its rigid guardianship rules threaten the digital autonomy of PwDs, potentially excluding them from online services and decision-making processes.

A balanced approach, incorporating input from disability rights groups, is necessary to ensure data protection laws do not inadvertently violate the rights of PwDs.