Companies that deal, store and manage consumer data are supposed to keep them safe at all costs and if they fail to do so, then as per Government rules they will be fined heavily. And under the modified Data Protection Bill, the penalties can be as high as ₹200 Cr. So, you can conclude that the Data Protection Bill is being imposed on such companies to ensure that they make efforts to protect the collected consumer data at all costs.

Penalties on Companies Collecting Consumer Data

The severity of these penalties can depend upon the extent of non-compliance of this data-collecting and managing companies. Moreover, the companies who fail to notify the users about their data being breached are to be fined around ₹150 Cr. Entities who are not able to safeguard children’s sensitive info can be fined around ₹100 Cr. It is to be noted that in the previous bill before modification, the companies were only fined to either pay ₹15 Cr or 4 per cent of their annual turnover, whichever authority finds higher.

Earlier, in August of this year, the Government withdrew the Data Protection Bill after putting in efforts and going through a lot of hardships for at least four years. “It said the government would soon finalise a “comprehensive legal framework” for the online ecosystem. The withdrawal came despite Union IT Minister Ashwini Vaishnaw stating in February 2022 that he hoped to get the Parliament’s nod on the Bill in the monsoon session,” mentioned by Indian Express.

In September, The Indian Express interviewed the Minister of State for Electronics and IT, Rajeev Chandrasekhar, who said, “companies would face punitive actions in the nature of financial penalties in the event of misuse of data and data breaches”

The revised version of this bill is supposed to be introduced soon, with an explanation and summary, as Indian Telecommunication Bill 2022. However, a lot of debate is also expected before this bill is released in the Budget session of Parliament next year.