Say no to DNA based surveillance: On the report on the DNA Bill

As a follow up to our analysis and outreach on the Report of the Standing Committee on the DNA Bill, 2019, we have written to the Department of Biotechnology. In our letter, we highlighted our concerns regarding privacy and surveillance, and asked that the Bill be redrafted.

03 March, 2021
6 min read



As a follow up to our analysis and outreach on the Report of the Standing Committee on the DNA Technology (Use and Application) Regulation Bill, 2019, we have written to the Department of Biotechnology. In our letter, we highlighted our concerns regarding privacy and surveillance, and asked that the Bill be redrafted.


On February 3rd, 2021, the Standing Committee submitted its report on the DNA Technology (Use and Application) Regulation Bill, 2019 to Parliament. Along with the report were two dissent notes filed by the honourable members MP Asaddudin Owaisi and MP Benoy Viswam. Both dissent notes detailed concerns that had not been adequately addressed, including certain issues the Committee had itself acknowledged.

The sensitive nature of DNA data necessitates extreme caution with regards to the large scale processing of data, and thus we believe that such concerns cannot be effectively disregarded. To this end, we had made an explainer on the Report, analysing both the Bill and the recommendations to the Committee. We also wrote to the MPs who had filed dissent notes, thanking them for pointing out the issues with the Bill.

Reliability, privacy, and data protection

One of the key issues is the nature of DNA technology itself. The use of DNA samples to determine culpability has faced questions over its effectiveness - while its usefulness has been acknowledged, the unrestricted use of DNA as incontrovertible (due to notions of its infallibility) has been criticised as unscientific. In Jitendra v. State of MP, the Madhya Pradesh High Court admitted the casual nature of DNA based inferences and did not acknowledge the presence of DNA material as direct evidence of culpability. Furthermore, as acknowledged by the Committee as well, a significant lack of capacity pervades the india DNA technology landscape, which further hinders the quality of DNA analysis. This has been acknowledged by the legal system as well, as seen in Rajiv Singh v. State of Bihar where the Supreme Court dismissed improperly analysed DNA evidence.

Another important issue is the invasion of privacy. The Supreme Court’s judgement in Justice K. S. Puttaswamy (Retd.) and Anr. vs Union Of India And Ors. enshrined the right to privacy as fundamental and provided 5 key standards which would have to be met when affecting the right to privacy: legality, a legitimate state aim, necessary for the specified objective, proportionality, and the existence of procedural safeguards. The DNA profiling of citizens through a DNA data bank may fail these standards, as such a move may disproportionately affect citizens’ right to privacy. This stems from the Bill’s reliance on archaic notions of privacy, given that it was drafted before the Puttaswamy judgement. Indeed, even basic standards of consent may be overridden, as clause 21 of the Bill allows bodily substances to be obtained from a person without consent if the appropriate magistrate believes that analysing said substances may confirm or disprove culpability. Apart from the vaguely worded definitions that confer significant discretionary powers, such provisions constitute a gross violation of an individual’s right to privacy.

The absence of a robust data protection law provides further space for the misuses of DNA data by state or potentially even private actors. Standards timelines for data retention have also not been mentioned - existing laws such as the Habitual Offenders Act specify timelines for data collection, retention, and deletion - while no data protection obligations have been explicitly imposed on DNA testing laboratories. Additionally, the majority view of the Committee seems to be that privacy and data security concerns have been adequately addressed: when responding to member Asaddudin Owaisi’s dissent note, the chairman Jairam Ramesh stated that he did not “see the connection” between the DNA bill and the Personal Data Protection Bill, 2019 since “the Bill deals with as different universe of data”, and that the Data Protection Authority proposed by the latter should not have powers of oversight over the DNA regulatory board.

Discretionary powers and capacity building

The amount of discretionary powers granted under the Bill have also not been adequately addressed. For example, clause 54 of the Bill allows the government to supersede the board through a simple notification. Such a provision could be misused to increase the scope of powers beyond what may be necessary or proportionate, while also contravening the Supreme Court’s judgement in Dr.Subramanian Swamy vs Director, Cbi & Anr, which clarified that the excessive delegation of legislative powers to a statutory authority would make a law susceptible to being stuck down. Clauses 56 and 57 are similarly extravagant in their granting of powers; the former allows the Centre to amend schedule, thereby allowing it to potentially expand the Bill beyond the scope of its original intention and thus violating the principle of purpose limitation, while the latter bars the operations of the DNA regulatory board from judicial review. Once again, it is disconcerting that the Committee failed to acknowledge such concerns and accepted these clauses without modification.

The lack of capacity for operationalising DNA testing infrastructure and conducting widespread training of DNA professionals, prosecutors, and even judges also has a significant cost. The estimates of Rs 20 crore as an initial capital investment plus Rs 5 crore per annum for conducting the relevant activities are quite steep, and indeed likely underestimate the actual cost that would be incurred. In an economy ravaged by the pandemic and with government revenues shrinking, government expenditure may be better directed towards more urgent issues, especially for an endeavour that has faced concerns from several concerns and may significantly infringe upon the privacy of citizens.

Surveillance and DNA profiling

The most dangerous outcome that may result from improper usage of DNA technology is the discriminatory DNA profiling of citizens, as has been admitted by the Committee itself. The nature of DNA data necessitates extreme precautions with respect to its processing, as well as additional safeguards to protect against biases. The very methods of analysis have also been questioned, as the statistical modelling algorithms used in DNA analysis have been found to embed judgements of those who created them. At the very least, such concerns should promote an approach towards DNA testing that does not promote DNA evidence as infallible.

This is even more important in the Indian context since, as has been pointed out in the dissent notes filed by the members of the Committee, the Indian justice system disproportionately incarcerates minorities and marginalised communities. Data from the National Crime Records Bureau states that as of September 2020, 16.6% of convicts, 18.7% of undertrials, and 35.8% of detenues are muslim, even though muslims make up only 14.2% of the population. Similarly, 21.7% of convicts, 21% of undertrials, and 18.15% of detenues are dalits, even though dalits make up only 16.6% of the population. The Committee itself mentioned the case of a false encounter in which innocents who were thought to be militants were killed. In such a situation, the use of DNA technologies may lead to the targeting of different segments of society. The use of wide ranging crimes indices, which in the view of some members are unnecessary and possess the potential for abuse, further stokes concerns about group-based profiling. Yet again, despite the concerns raised by members (including the chairman), the Committee recommended the retention of the provision.

We advocate for a complete redraft!

While it is encouraging that the Committee acknowledged many of these very concerns, it is unfortunate that it recommended keeping such provisions and asked the government to assuage these concerns on the floor of the Parliament. We believe that the honourable Committee should have provided concrete recommendations on all issues it deemed important, since accepting or rejecting the recommendations of the reports will anyways be the prerogative of the government. Furthermore, precedents exist for the redrafting of a bill on the basis of a report by a parliamentary committee. Such a move would be in keeping with our democratic ethos.

In light of the above concerns, we ask that the Bill be redrafted. In the first instance, the Bill must be reviewed to ensure that it is consistent with the proportionality standards laid down in the Puttaswamy judgement. The provisions of the Bill must also be harmonised with the relevant provisions of the Personal Data Protection Bill, 2019. Both such tasks must be carried by the proposed Data Protection Authority (or any future data authority). The scope of the Bill must also be reduced to preclude the collection of crime scene indices as well as the data of suspects and undertrials, and the allowed uses of DNA data must be restricted. DNA data must also be barred from use in civil proceedings.

Furthermore, overrides to the obligation of consent must be rethought, while any discretionary powers that may be provided to the government under the Bill must be reduced in scope, and the appropriate provisions must be codified. Finally, a mechanism for providing remedies to those whose data is used in an unlawful way must be specified.

Important Documents

  1. IFF's letter to the Department of Biotechnolgoy regarding the Report of the Standing Committee on the DNA Bill (link)
  2. IFF's explainer on the DNA Bill Report (link)
  3. The Standing Committee's report on The DNA Technology (Use And Application) Regulation Bill, 2019 (link)
  4. IFF's legislator's brief on the DNA Technology Regulation Bill, 2018 (link)
  5. Apar Gupta's written testimony to the Standing Committee's report on The DNA Technology (Use And Application) Regulation Bill, 2019 (link)
  6. IFF's submissions on the DNA Technology (Use and Application) Regulation, 2019 to the Parliamentary Standing Committee on Science and Technology, Environment, Forests and Climate Change (link)

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

No place for tech: How digital interventions in NREGA are undermining rural social security

Mandatory digital ‘solutions’ introduced in the NREGA scheme by union and state governments, like Aadhaar-based payments, mobile monitoring apps, facial authentication and surveillance tools, are impinging on workers’ statutory rights and poking holes in the rural social security net.

8 min read

Into IT Standing Committee’s review of action taken by MeitY following its recommendations on citizen data security and privacy

This post breaks down the 55th report of the Standing Committee on Communications and IT, in which the Committee assesses the extent to which its recommendations on citizen data security and privacy were accepted and acted upon by the Ministry of Electronics and IT.

11 min read

Statement: Reportedly, IT Ministry looks to block Proton Mail on request of Tamil Nadu

Reportedly, the E2EE email service Proton Mail has received communication from MeitY regarding a potential block under S.69-A IT Act, at the request of the TN police over a hoax bomb threat sent to private schools in Chennai. 

1 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!