Final version of the personal data protection bill unlikely to include aspects of non-personal data: Ritesh Pandey, Member, JPC on the PDPB

July 13, 2022

Consumer Unity & Trust Society (CUTS) organised a virtual stakeholder discussion on ‘Optimal Governance of NPD 2.0’, in which its research report titled ‘NPD 2.0’ was also launched.

Speaking at the event, Shri Ritesh Pandey, Hon’ble Member of Parliament, and Member of the Joint Parliamentary Committee (JPC) on the Personal Data Protection Bill 2019 (PDPB’19) stated that it is unlikely for the final version of PDPB’19, to include aspects of Non-Personal Data (NPD) regulation. He further asserted the need for enacting a standalone personal data protection law, before dealing with NPD.

This was said in the backdrop of many speakers in the event, questioning the veracity of shifting the goalpost from ensuring privacy of personal data, to harnessing the economic value of data, by expanding the scope of the PDPB’19 to include aspects of regulating NPD as well.

It is to be noted that the final report of the Committee of Experts (CoE) on NPD is still pending. Mr Parminder Jeet Singh, Member of the CoE called for having more conceptual clarity on the definition and scope of NPD, before any regulation is brought forth on the subject.

The urgent need for having a personal data protection law was highlighted by Mr Pradeep Mehta, Secretary General, CUTS, who emphasised on the need for inclusive growth of digital economy in India, which would rest upon a robust and transparent data protection regime, given India’s expanding data footprint.

Mr Daniel Castro, Vice President, Information Technology & Innovation Foundation (ITIF) echoed a similar viewpoint, especially in context of emerging data driven technologies such as 5G and connected devices. Enabling equitable access to NPD for maximising its value, and closing the digital divide were also considered imperative.

Mr Ashish Aggarwal, Vice President, NASSCOM, urged the government to pursue voluntary enablement of data sharing for the private sector, instead of mandating the same, in order to protect the interests of startups, data fiduciaries and other digital businesses.

The draft National Data Governance Framework Policy was cited as a good example in this regard. Furthermore, Mr Venkatesh Krishnamoorthy, Country Manager – India, The Software Alliance (BSA), cautioned against imposing a requirement of mandatory sharing of NPD on data processors, given their contractual obligations with data fiduciaries, and their lack of ownership of such data.

Ms Astha Kapoor, Co-Founder, Aapti Institute, drew attention towards the need for exploring concepts of data trusts, and data cooperatives, which will help in empowering communities to draw value from the data generated by and pertaining to such communities, in a safe manner.

Mr Amol Kulkarni, Director-Research, and Ms Vidushi Sinha, Senior Research Associate, CUTS, raised many other emerging issues in regulating NPD, which included competition concerns arising from risks of data monopolisation, possible over-burdening of the proposed Data Protection Authority in its early days by requiring it to regulate aspects of NPD on top of personal data, risks of infringement of Intellectual Property Rights and disclosure of trade secrets in case of the government mandating private entities to share NPD, among others.


For further details, contact:

Mr Vijay Singh (, and/ or Ms Vidushi Sinha (