In the recently concluded Budget Session, we saw several key issues being taken up as part of the budget deliberations in both the Houses. The Session also saw the introduction of 6 Finance and Appropriation Bills as opposed to the 1 earlier planned. Similarly, 7 other Bills were introduced against the earlier planned 14. In this post, we take a look at these disruptions and analyse how the Parliament fared with respect to digital rights.
Why should you care?
The length of this post is a testament to the fact that this session was indeed very eventful. The session even took some unexpected turns, as the much-anticipated Draft Data Protection Bill, 2021 was not tabled in Parliament. However, in the absence of legislation protecting our digital rights, the troubling Criminal Procedure (Identification) Bill, 2022, which significantly expands the surveillance powers of the police, was passed in Parliament. While significant responses from the Parliament improved transparency on key digital rights issues, they didn’t always alleviate all of our concerns on these matters.
A look back
The Budget Session saw a total of 6 Finance and Appropriation Bills for introduction, as well as for passage. The Session also saw 7 other Bills for introduction and 5 for passage including the Criminal Procedure (Identification) Bill, 2022. The Criminal Procedure (Identification) Bill, 2022 was passed approximately within five hours of its introduction in Lok Sabha and within four hours of its introduction in Rajya Sabha. In the 17th Lok Sabha so far, Lok Sabha has worked for 111% of the scheduled time, while Rajya Sabha has worked for 83% of the scheduled time.
Data from PRS Legislative Research shows that accounting only for actual sitting days in this session, Lok Sabha worked for 123% of its scheduled time and Rajya Sabha for 90%. The Budget Session 2022 was significantly productive, even though both the Houses were adjourned sine die one day ahead of schedule.
It must be noted that this is the sixth consecutive time when a session has been cut short, ahead of the scheduled date. On the day the Houses were adjourned sine die, the Comptroller and Auditor General of India came up with its report on Functioning of Unique Identification Authority of India (UIDAI). The report revealed that the UIDAI generated Aadhaar numbers with incomplete information, along with the lack of proper documentation or poor quality biometrics, resulting in multiple or duplicate Aadhaar cards being issued to the same person. Ending a Session before the scheduled time means that the questions filed by public representatives meant to be answered by Ministers lapse, and other issues of public importance cannot be raised and discussed.
Conflicted sentiments: Analysing Budget 2022-23
Budget 2022-23 evoked conflicting sentiments with respect to digital rights (read our full analysis of the budget here, while an analysis of trends from previous budgets can be found here). On the one hand, it contains a markedly increased allocation to the National Digital Health Mission (NDHM) and, prima facie, BSNL, as well as provisions for utilising 5% of the Universal Service Obligation General Fund (USOF) to promote R&D and commercialization of technologies and solutions. Unfortunately, on the other hand, allocations towards Pradhan Mantri Gramin Digital Saksharta Abhiyan remain low, while concerns remain that significant capital expenditure may not take place. Additionally, although on first impression BSNL seems to have received a significant jump in allocations, given the situation and context, which is explained in the next section, such allocations may actually be too little too late.
Department of Telecommunications
The allocation in Budget Estimates 2022-2023, net of receipts and recoveries, for the DoT is Rs 84,586.80 crores. This is a 138% increase over the 2021-22 Revised Estimates that were pegged at Rs 35,550.2 crores. The substantial jump in total allocation may be attributed to Rs 52,702.3 crores earmarked for Other Central Sector Expenditure, which reflects an enormous 1091.4% increase from the Revised Estimate 2021-22 (Rs 4,423.6 crores). This 1091.4% increase is primarily on account of the monetary support designated to support the state-owned telecommunications provider, BSNL (Rs 44,720 crores), which accounts for 84.8% of the total expenditure on Other Central Sector Schemes.
However, praise for these allotments must be tinged with a hint of caution as a major proportion of the increase (Rs 44,720 crores) is being directed only towards BSNL. Furthermore, given that this capital infusion is for the purpose of very belatedly acquiring 4G spectrum at a time when other companies are preparing for 5G, this money will ultimately return to the government’s account and so it does not constitute additional capital expenditure. It is also reflective of the government’s lackadaisical approach to the effective management of public sector companies.
Source: Union Budget 2022-2023
Ministry of Electronics and Information technology
MeitY witnessed a 49.25% increase in allocation with Rs 14,300 crores being allocated to it as compared to the Revised Estimates of the previous year. This increase can be attributed to the allocations to the Digital India program, which received Rs 10,676 crores this year and its share in the total budget increased to 74.66% in the 2022-2023 Budget Estimates from 66.67% in the 2021-2022 Revised Estimates. This increase is largely due to the introduction of PLI Scheme for Large Scale Electronics and IT Hardware, which has been allocated Rs 5,300 crores for 2022-2023. This scheme has been introduced to boost domestic manufacturing and attract large investments in Mobile Phones & Specified Electronic Components, and IT Hardware respectively.
However, allocations to the Pradhan Mantri Gramin Digital Saksharta Abhiyan (PMGDISHA) have decreased by 16.67% as compared to both the Revised and Budget Estimates for 2021-2022. Since PMGDISHA aims at helping adults with low technological literacy develop the skills they need to interact in an increasingly digital world, it is especially concerning that allocations to it are at an all-time low from 2018-2019. The allocations made to this scheme must increase in order to ensure its effective progress and robust digital literacy in the country.
Budgetary allocations for specific items.
Ministry of Information and Broadcasting
The 2022-2023 Budget Estimates, net of receipts and recoveries, for MIB is Rs. 3980.77 crores. This is a 105.74% increase over the 2021-22 Revised Estimates that were pegged at Rs. 3764.69 crores. The increased allocation, however, needs to be looked at with caution since it’s not all going towards innovation or a new scheme.
A marginal increase (9.4%) in spending on Information and Publicity may be noticed, with Rs 472.08 crores being allocated (compared to Rs. 431.23 crores in the Revised Estimates of 2021-2022). However, spending on it has fluctuated over the years. While the Revised Estimate was a 6.4% decrease over the Budgetary Estimates of 2021-2022 (Rs. 460.77 crores), it was a 30.8% increase over the Actual Spending in 2019-2020.
Source: Union Budget 2022-2023
National Digital Health Mission
The allocation to NDHM under the Ministry of Health and Family Welfare has been witnessing a consistent increase in allocations since 2020-2021. The allocation in the Budget Estimate (BE) 2021-2022 was Rs. 30 crores, which increased to Rs. 75 crores in the Revised Estimate 2021-2022 and finally to Rs. 200 crores in BE 2022-2023 (166.6% increase). While the share of NDHM in BE 2022-2023 increased as compared to the actual expenditure in 2020-2021, the total expenditure for Central Sector Schemes/ Projects decreased by 30.5%. This decrease in expenditure can be attributed to COVID-19 related expenditure undertaken by the Government in the past years.
While projects like the United Health Interface (UHI) aim to unleash a digital health tech revolution in India, there are some pressing concerns about these interventions that are yet to be satisfactorily addressed. This stems from a perspective that seems to view the existence of information asymmetries in the health sector as the primary concern, in lieu of which it prescribes the use of emerging technologies to remedy such problems. Such an approach may result in other issues, given the extractive model of data collection envisaged under the NDHM mission. Other concerns, such as the commoditization of citizens’ data in the absence of robust data protection legislation, also abound and may have wide-ranging implications for data security and exclusion from welfare entitlements: as per TRAI’s recent data, a significant digital divide persists in India. In such a scenario, it is likely that many citizens of India may not be able to adequately navigate the UHI and so may end up being excluded from the NDHM environment.
Bills and Legislations
The Criminal Procedure (Identification) Bill, 2022
The Criminal Procedure (Identification) Bill (CPIB), 2022 was passed in Lok Sabha on April 4, 2022, and subsequently in Rajya Sabha on April 6, 2022. Once the President gives his approval for the aforementioned Bill, it will replace the Identification of Prisoners Act, 1920. The Bill was introduced in Parliament without any public consultation. Though the ostensible aim of the Bill is to improve the investigation, detection and prevention of crimes, it violates the right to equality under Article 14, the right against self-incrimination under Article 20(3) and the right to privacy under Article 21. The Bill was also met with strong opposition from both the opposition parties and the civil society as well. This is thus a crucial piece of legislation as, if passed, it will have significant implications for privacy and surveillance norms in India.
The proposed Bill expands the surveillance powers of the police by empowering it to collect and store biometrics from any person who is arrested or even detained under any law. The Bill doesn’t differentiate between the intensity and gravity of the crime committed, allowing biometric collection for crimes ranging from mere traffic violations up to detention under preventive detention law. The biometrics collected, which are termed as ‘measurements’, will include fingerprints, palm/foot-prints, “biological samples”, iris and retina scans, signatures, and handwriting samples. This data will be stored, processed and shared by the NCRB, with a retention period of 75 years! This bill, which was termed as ‘draconian’ and ‘unconstitutional’ by many Members of Parliament, infringes upon our fundamental right to privacy as enshrined in Justice K. S. Puttaswamy (Retd.) and Anr. vs Union Of India And Ors. These concerns will be exacerbated in the absence of data protection legislation and there is, therefore, a need for stringent safeguards to prevent the misuse and abuse of the law as a tool for targeting people (For a more detailed analysis of the Bill, see our briefing here).
The Department of Biotechnology under the Ministry of Science and Technology had formulated ‘The DNA Technology (Use and Application) Regulation Bill in 2019 (For a detailed explainer of the DNA Bill, 2019, see here). The Bill, which is currently under consideration, aims to regulate the use and application of DNA technology in order to establish the identity of certain categories of persons including the victims, offenders, suspects, undertrials, missing persons and the unknown deceased persons. The draft Bill includes provisions to set up DNA data banks across the country to store DNA profiles. If the DNA Bill along with the CPIB Bill is passed, it will significantly increase the discretionary powers with respect to data collection, beyond what is necessary or proportionate.
Standing Committee’s Report on India’s Preparedness for 5G
The Standing Committee on Communication and Information Technology published its Report on ‘India’s Preparedness for 5G’. The report has been published at a time when, as noted earlier, India’s state-owned BSNL has just started the process of rolling out 4G for its users - as against the private stakeholders who have been providing 4G services for half a decade now.
The Committee noted that currently, 5G standardisation and deployment are at a nascent stage and technology is considered to likely reign the next decade or more considering its relevance across industry verticals. 5G will extend the use of technologies across new sectors of the economy. However, it also expressed apprehensions that “India is set to miss the 5G bus‘ due to lack of preparedness, spectrum issues, inadequate use-case development, uncertainty around sale of radio waves for 5G, etc.”
In this background, the Committee has made a range of recommendations:
- Allocation of spectrum for 5G: The allocation of new bands of the spectrum is crucial for the rollout of 5G. However, the auction of 5G spectrum is still pending. The Committee noted the concerns of the telecom companies that the reserve price set by the Telecom Regulatory Authority of India for 5G spectrum (Rs. 492 crore per MHz) is exorbitantly high. The Committee observed that considering the financial stress in the sector and that the 5G ecosystem is yet to be developed, a high reserve price may adversely impact the ability of service providers to roll out 5G.
- Promotion of domestic manufacturing and indigenous technology: The Committee observed that India is greatly dependent on the import of telecom equipment. Further, the focus on the softwarisation of network components in 5G (software running on off-the-shelf hardware) provides an opportunity to leverage India’s capacity in software. It observed that the promotion of research and development is necessary for the success of telecom manufacturing in the country. An ecosystem must thus be developed for complete manufacturing rather than just assembly, as manufacturing gives higher value addition.
- Fibre as a national asset: The Committee noted that connectivity through the fibre is an important requirement for the rollout of 5G services. However, only about 30% of the towers are fiberised and less than 7% of households are connected through fibre. The Committee recommended that fibre should be accorded the status of essential national infrastructure. Sharing of fibre infrastructure across government and private players should be promoted.
- Setting up of 5G use case labs: The Committee noted that sufficient use cases for 5G have not been developed in India. It recommended that the development of use case labs should be expedited. It also recommended that the digital readiness of various sectors should be monitored by a cross-sectoral entity like NITI Aayog.
Throughout the Budget Session, we tracked the significant answers to parliamentary questions placed in both the Houses by various Ministers. A few key responses received are:
- On the IT Rules: The MeitY replaced the phrase ‘must enable’ with ‘is required to’ while discussing the IT Rules 2021 in the Lok Sabha. Adopting such an interpretation may imply the increased obligation of Significant Social Media Intermediaries to identify the first originator of the information. (link)
- On Aadhaar Voter-ID linkage: Though the Ministry of Law and Justice stated that Aadhaar will be used to facilitate single entry for electors in the electoral roll and that the two databases are distinct & won’t overlap, the Ministry did not state whether any study or research was conducted to show the manner in which the linkage will be able to reduce the number of bogus voters. (link)
- On regulations for the Ed-tech sector: Instead of enacting a law that regulates Ed-tech companies, the Ministry of Education issued do’s and don’ts for students, parents & schools, putting the burden of prevention of exploitation on the main stakeholders themselves. (link)
- On Internet Shutdowns: The MHA disclosed that no details were available to them on the impact of internet shutdowns. This is despite the recommendations given by the Standing Committee on IT for creating a database and studying the effectiveness of internet shutdowns. (link)
- On cyber security incidents: The MeitY shared CERT-In’s data on cyber security incidents for the past few years, revealing an increasing trend in cyber attacks on infrastructure. The data revealed that around 2,12,485 cyber security incidents occurred in 2022 (up to Feb) while 14,02,809 incidents occurred in 2021. CERT-In’s data revealing that around 48285 cyber security incidents related to government organisations had occurred in 2021 was later shared. (link, link)
- On banning online content: The MIB referred to the IT Rules 2021 in multiple parliamentary responses as a legal basis for blocking or banning online content/ channels. The response referred to the three-tier Grievance Redressal Mechanism and the Code of Ethics under the Rules, despite these provisions being stayed in separate rulings, once by the Bombay High Court and later affirmed by the Madras High Court. (link, link, link, link)
- On the National Digital Health Mission: As of March 23, 2022, a total of 20,81,45,351 Health IDs had been created. Though the National Digital Health Mission (NDHM) and the Health Data Management Policy (HDMP) rightly centre on user autonomy as their guiding principle, it applies a faulty notion of consent. Under the two above-mentioned policies, the mandatory requirement of taking informed consent is limited to the collection and processing of personal data and is not explicitly extended to the creation of a Universal health ID (UHID). Reportedly (see here and here), the central government is automatically generating UHID numbers for all individuals who choose to get COVID-19 vaccines by presenting their Aadhaar numbers, without the consent or knowledge of those individuals. (link)
- On the Personal Data Protection Bill: In response to a question on the Joint Parliamentary Committee (JPC) report on Personal Data Protection Bill (PBPB), 2019, the MeitY in late March 2022, stated that the report and the Bill were under consideration. However, it failed to state any timelines for tabling and passing the Bill in both the Houses, despite several media reports indicating that the MeitY has plans to present the Bill in the upcoming Monsoon session. (link, link)
- On the Draft India Data Accessibility and Use Policy: The MeitY was asked if the Draft India Data Accessibility and Use Policy proposes the sale and monetisation of the data and information collected by various government departments. The question posed to MeitY also pointed out that 12 out of the 13 objectives listed in the Draft Policy are commercial in nature. In response to the question, MeitY clarified that neither does the policy envisage any sale of data or incentive for data collection nor is ‘commercialisation’ the objective of the policy (For a detailed breakdown of the Draft Policy, see here). (link)
For a more comprehensive view of the questions pertaining to the digital rights of citizens, we have charted them in this table.
While the main focus of this session was inevitably on the Budget, the passing of The Criminal Procedure (Identification) Bill, 2022 is a significant event. As mentioned by Home Minister Amit Shah, the Ministry will ensure that the new law will not violate citizens’ privacy and human rights. This would be ensured through the framing of the accompanying rules, guidelines, as well as a Model Vision Manual, which is yet to be published.
Additionally, as discussed earlier, the most recent statements by the Minister for Electronics and Information Technology indicate that the final draft of India’s data protection legislation, whether it be some version of the Personal Data Protection Bill, 2019, or some version of the Data Protection Bill, 2021, or a combination of the two, will be tabled during the Monsoon Session 2022. We hope that:
- Firstly, the government sticks to its statements and presents the Bill during the next session.
- Secondly, when the government finally presents the modified Bill, it conducts comprehensive discussions on the Bill in Parliament and provides its rationale for either accepting or rejecting each of the recommendations of the JPC.
- IFF’s Legislative Brief on Digital Rights for Budget Session 2022. (link)
- Report on ‘India’s Preparedness for 5G’ by the Standing Committee on Communication and Information Technology. (link)
- The Criminal Procedure (Identification) Bill, 2022, as passed by the Lok Sabha. (link)
- Our previous blogpost analysing the Budget 2022-23. (link)
- Harmonised Union Budget Data. (link)
- IFF’s prior legislative briefs on digital rights. (link)
The post was drafted with the assistance of Tejasi Panjiar, Capstone Fellow hosted at IFF and Gyan Tripathi, a fourth-year law student from Symbiosis International (Deemed University), Pune, and reviewed by IFF staffer Rohin Garg.