Building an Effective Data Protection Authority in India

Thu. June 24th, 2021
Zoom Webinar

India's proposed data protection legislation, the Personal Data Protection Bill, 2019 is currently pending in Parliament. The bill proposes to create a new, independent public authority called the Data Protection Authority of India (DPA). The DPA will oversee the implementation of the protections provided under the bill and is therefore a key part of the proposed regulatory framework. However, as a new regulator, the DPA will have to build data-related expertise. The DPA will also have to deal with capacity constraints that existing Indian regulators already face. Given that the bill is on its way to being enacted into law, how can the Indian Government best prepare for what lies ahead? What strategies can the DPA adopt to enable it to become a capable and effective regulator?

Carnegie India hosted a workshop on ‘Building an effective Data Protection Authority in India’. This event examined capacity constraints likely to be faced by the proposed DPA, and the need to prepare for it in advance. This workshop featured a presentation by Carnegie India scholars Suyash Rai and Anirudh Burman. It was followed by a discussion featuring Dr. Ajay Shah, Ms. Annabel Lee and Ms. Rosalien Stroot.

RELATED CONTENT

1. Shivangi Tyagi and Anirudh Burman, Banking to groceries — Data Protection Authority has multi-sector role, but must be efficient, December 6, 2020, ThePrint.

2. Suyash Rai, A Pragmatic Approach to Data Protection, February 8, 2018, The Leap Blog.

Carnegie does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.
event speakers

Ajay Shah

Anirudh Burman

Associate Research Director and Fellow, Carnegie India

Anirudh Burman is an associate research director and fellow at Carnegie India. He works on key issues relating to public institutions, public administration, the administrative and regulatory state, and state capacity.

Annabel Lee

Annabel Lee leads Amazon Web Services’ (AWS) public policy work on Data issues for APAC. She has deep subject matter expertise on data issues, including data protection, privacy and emerging technologies, from both the industry and government perspectives. Prior to joining AWS, Annabel was senior manager, APAC Policy at BSA, The Software Alliance, where she advocated on behalf of the software industry in the Asia-Pacific region on a range of regulatory and legislative issues including privacy, cybersecurity, and copyright. Annabel was also policy and international manager in the Personal Data Protection Commission of Singapore, responsible for developing policy and advising both public and private sector organizations on data protection and privacy issues. Her key areas of focus included emerging technology, data economy, telecommunications, and financial sectors. She also held the international portfolio in the Commission for the Asia-Pacific and Europe regions.

Rosalien Stroot

Rosalien Stroot is a senior policy advisor at the Autoriteit Persoonsgegevens with 9 years of experience in data protection at the Dutch Data Protection Authority (Dutch DPA). She started as a supervision officer, handling complaints and providing (legal) advice to citizens and companies. After organising the international privacy conference in Amsterdam in 2015 she specialized in international cooperation, both on European (Working Party 29 / European Data Protection Board) and international level (Global Privacy Assembly, GPEN, EU Spring Conference). Rosalien has a bachelor and master’s degree in International Relations and International Organization from the University of Groningen, the Netherlands.

Suyash Rai

Fellow, Carnegie India

Suyash Rai is a fellow at Carnegie India. His research focuses on the political economy of economic reforms, and the performance of public institutions in India.