The Hindu Editorial Analysis
12 April 2021

1) Through a backchannel, steps forward

There are several indications of a backchannel being in place between India and Pakistan since 2020

GS 2: International Relation


Context

  • The absence of evidence, they say, is not the evidence of absence.
  • More than a month after India-Pakistan border commanders agreed to strictly observe all agreements between the two countries, the absence of official acceptance of a backchannel seems far outweighed by indicators that there is, in fact, such a channel in place, approved by the Prime Ministers of both countries.

Several clues

  • The joint statement and employed terms like the resolution of “core issues” indicated both coordination at a diplomatic level and high-level political approval issued by the Director Generals of Military Operations on February 25 was the first clue.
  • The events that followed, including the
    • Scheduling of the much-delayed Indus Water Treaty talks,
    • The granting of sports visas, and
    • The salutary messages between Prime Minister Narendra Modi and Pakistan Prime Minister Imran Khan, strengthened rumors of a backchannel.
  • More recently, the lack of any references to Pakistan in electoral speeches by Mr. Modi and his Cabinet during the ongoing Assembly elections as well as the Ministry of External Affairs (MEA)’s decision not to criticize the obvious U-turn by Mr. Khan on trade are seen as more such clues.

An unbroken chain

  • For those aghast at the prospect, a look at the history of backchannels, or officially sanctioned contacts between nominees from India and Pakistan, is instructional.
  • On one occasion, the Pakistani President did not even know about the arrival of the Indian interlocutor until he found the Indian plane parked next to his on the tarmac in Islamabad.

Learning from the past

  • Prime Minister Modi, by many accounts, initiated contacts even before he assumed office.
    • In early 2014, a Washington-based Rashtriya Swayamsevak Sangh member, Jitendra Tuli, visited Pakistan and reportedly told the Pakistani NSA and other senior officials about a soon-to-be-sent invitation for Prime Minister Sharif from India.
    • By his own account, he suggested that it would be advisable to hold off giving India ‘Most Favored Nation’ status, something the Sharif government had already proposed to do, until after the elections in India.
    • After Mr. Modi invited Mr. Sharif to his swearing-in, the two leaders were believed to have exchanged messages through steel magnate Sajjan Jindal, whose meeting with Mr. Sharif in Murree set off a controversy in Pakistan.
  • Even as official channels faltered, and Foreign Secretary-level talks in Islamabad and then NSA-EAM talks in Delhi were cancelled, other channels were activated.
  • Mr. Doval’s first contact with Pakistan Special Envoy Lt Gen Nasir Janjua in Bangkok as well as Mr. Modi’s surprise visit to Lahore in December 2015 were clearly prefaced by some ‘non-official’ officially sanctioned contact.
  • After the Pathankot attack in 2016, the Doval-Janjua backchannel worked to ease tensions and facilitate the visit of a Pakistani investigative team to the scene of the terrorist attack.
  • After Kulbhushan Jadhav’s arrest, the channel worked until the MEA confirmed publicly in January 2018 that the two officials had met in Bangkok on December 26, the day after Mr. Jadhav’s family was allowed to meet him in Islamabad. “Terror and talks cannot go together but talks on terror can definitely go ahead,” the MEA spokesperson had explained.
  • In 2016, six former Pakistani High Commissioners also travelled to Delhi for a Track-II consultation with nine former Indian High Commissioners, where they met NSA Doval and senior MEA officials, indicating that the present dispensation is not averse to learning from the successes and failures of past channels.

Why a backchannel now?

  • As a result, the latest revelations of a backchannel being in place since 2020 should not be received with much surprise and comes with several instructional messages.
    • To begin with, what appears to be clear is that while friendship and trust between inimical neighbors with a bitter history, such as what India and Pakistan share, may seem impossible, engagement is inevitable.
    • Second, domestic constraints and challenges on other fronts often put the spotlight back on the need for a workable peace on the India-Pakistan front.
    • Pakistan’s dire economic condition and the mounting pressure from the Financial Action Task Force to shut down all terrorist safe havens or face severe sanctions is clearly one imperative for Islamabad’s willingness to engage via the backchannel even after India’s decision on Jammu and Kashmir.
  • For India, the stand-off with the People’s Liberation Army at the Line of Actual Control in Ladakh has made the possibility of a two-front war more real, and fuels the push to reduce tensions with Pakistan.
  • For both Delhi and Islamabad, it is important to be mature parties in the regional engagement with Afghanistan as well, by not providing a conflagration at their boundaries.

2) Why the Personal Data Protection Bill matters

The proposed regime under the Bill seeks to be different from the existing regime which does not adequately protect users’ data

GS 3- Cyber Security

Context:

  • The pandemic has forced more people to participate in the digital economy.
  • The recent alleged data breach at MobiKwik could stand to be India’s biggest breach with the data of 9.9 crore users at risk.
  • Robust data protection regimes are necessary to prevent such events and protect users’ interests.

Personal Data Protection Bill, 2019 or “Privacy Bill”, inspired from a previous draft version prepared by a committee headed by retired Justice B N Srikrishna, now under scrutiny by a Joint Parliamentary Committee, could play a big role in providing robust protections to users and their personal data.

 

  • The need for more robust data protection legislation came to the fore in 2017 post the Supreme Court’s landmark judgment in Justice K.S. Puttaswamy (Retd) v. Union of India that established the right to privacy as a fundamental right.
  • It tries to protect individual rights by regulating the collection, movement, and processing of data that is personal, or which can identify the individual.
  • The Bill gives the government powers to authorize the transfer of certain types of personal data overseas and has given exceptions allowing government agencies to collect personal data of citizens.
  • The Bill divides the data into three categories:
     
    • Personal Data: Data from which an individual can be identified like name, address, etc.
    • Sensitive Personal Data: Some types of personal data like financial, health-related, sexual orientation, biometric, genetic, transgender status, caste, religious belief, and more.
      • It needs to be stored only in India and can be processed abroad only under certain conditions including approval of the Data Protection Agency (DPA).
    • Critical Personal Data: Anything that the government at any time can deem critical, such as military or national security data.
      • It must be stored and processed in India only.
  • The bill removes the requirement of data mirroring (in case of personal data). Only individual consent for data transfer abroad is required.
    • Data mirroring is the act of copying data from one location to a storage device in real-time.

No effective protection

  • Personal data in India is mainly governed by the Information Technology Act, 2000, and various other sectoral regulations.
  •  However, this data protection regime falls short of providing effective protection to users and their personal data.
  • For instance, entities could override the protections in the regime by taking users’ consent to processing personal data under broad terms and conditions.
    • This is problematic given that users might not understand the terms and conditions or the implications of giving consent.
  •  Further, the frameworks emphasize data security but do not place enough emphasis on data privacy.
  • The data protection provisions under the IT Act also do not apply to government agencies. This creates a large vacuum for data protection when governments are collecting and processing large amounts of personal data.
  • Finally, the regime seems to have become antiquated and inadequate in addressing risks emerging from new developments in data processing technology.

The upcoming regime

The proposed regime under the Bill seeks to be different from the existing regime in some prominent ways.

  • First, the Bill seeks to apply the data protection regime to both government and private entities across all sectors.
  • Second, the Bill seeks to emphasize data security and data privacy.
    • While entities will have to maintain security safeguards to protect personal data, they will also have to fulfill a set of data protection obligations and transparency and accountability measures that govern how entities can process personal data to uphold users’ privacy and interests.
  • Third, the Bill seeks to give users a set of rights over their personal data and means to exercise those rights.
  • Fourth, the Bill seeks to create an independent and powerful regulator known as the Data Protection Authority (DPA).
    • The DPA will monitor and regulate data processing activities to ensure their compliance with the regime.
    • More importantly, the DPA will give users a channel to seek redress when entities do not comply with their obligations under the regime.

Concerns over the Bill:

  • For instance, under clause 35, the Central government can exempt any government agency from complying with the Bill.
  •  Government agencies will then be able to process personal data without following any safeguard under the Bill. This could create severe privacy risks for users.
  • Similarly, users could find it difficult to enforce various user protection safeguards (such as rights and remedies) in the Bill.
    • For instance, the Bill threatens legal consequences for users who withdraw their consent for a data processing activity.
    • In practice, this could discourage users from withdrawing consent for processing activities they want to opt out of.
  • Additional concerns also emerge for the DPA as an independent effective regulator that can uphold users’ interests.

The way forward

  • The time is ripe for India to have a robust data protection regime.
  •  The Joint Parliamentary Committee that is scrutinizing the Bill has proposed 86 amendments and one new clause to the Bill – although the exact changes are not in the public domain.
  • The Committee is expected to submit its final report in the Monsoon Session of Parliament in 2021.
  • Taking this time to make some changes in the Bill targeted towards addressing various concerns in it could make a stronger and more effective data protection regime.