Source: The post is based on the article “Transfer of personal data under UN treaty will be under domestic laws: India” published in The Hindu on 14th September 2023
What is the News?
United Nations member states are negotiating the UN Cybercrime Convention to counter cybercrimes.
This convention has been under negotiation for three years and is expected to be ratified at the UN General Assembly in 2024.
What is India’s stand on the negotiations on the UN Cybercrime Convention?
Firstly, India has proposed changes in provisions related to the transfer of “personal data” in the Draft UN Cybercrime Convention.
They suggested that the transfer of personal data under the convention should be governed by domestic laws rather than other international laws.
– Note: India’s Digital Personal Data Protection Act says that personal data can be processed “in the interest of sovereignty and integrity of India or security of the state” for “fulfilling any obligation under law”.
The Act requires firms to disclose to users the identity of other firms to which their data would be entrusted for processing, but they are explicitly exempted from disclosing or sharing of such data in the case of lawful interception of data.
Secondly, India has asked for the deletion of a clause encouraging state parties to establish bilateral or multilateral arrangements to facilitate the transfer of personal data.
Thirdly, India has agreed to the clause in the convention that state parties may transfer personal data to a third country only with the prior written authorisation of the original transferring state party.