DATA PROTECTION AND 5G: THE NEED FOR A STRONG DATA PROTECTION

LAW BEFORE THE ROLL OUT OF 5G IN INDIA.

India is taking various steps towards realizing its dream of becoming a truly digital economy.
The vision of the implementation of 5G soon is one of the ambitious and significant aspects of
this whole idea. The launch of 5G will be going to act as a game-changer in the world of
information and technology. It will not only be a golden opportunity to empower the national
economy but will also help in providing better facilities to the citizen and their subscribers.
However, there are some basic questions in the minds of Public, and a group of people is quite
skeptical in this regard. Issues such as what is 5G and what is so unique about it, what will be the
impact of 5G on the telecom sector and the Indian economy as a whole, what will be the legal
hurdles before rolling out the 5G amongst others are being asked regularly. In this article, we
will be dealing with India’s Quest with 5G Technology with particular emphasis on why we need
to have a strong data protection law before the launch of an important and ambitious technology
such as 5G which appears to be a potential game-changer for Indian economy.

WHAT IS 5G?

5G is the 5th generation cellular network technology. It can be seen as a follow up to earlier
cellular technologies such as 2G, 3G and 4G. It will play a key role in transforming the dream of
smart India with smart cities and digital India. 5G promises to provide advanced internet
experience to the users by giving them giga speeds and at an affordable cost range. 5G will not
only do all the current tasks but will also connect a vast network of sensors, autonomous vehicles
and many other technologies by way of sophisticated practices such as artificial intelligence.

INDIA’S PREPAREDNESS FOR 5G CONNECTIVITY

India’s digital economy may reach USD 5 trillion in the next few yearsi. And an important reason
behind it will be the growth of India as the largest selling smartphone country in the world and
the growth in a number of people using the social media along with various other digital services.
These are the main reasons that India as a potential superpower is in the race to become a large
digital economy. Since the year 1995, when mobile service was first launched in India, mobile
networks have been an engine to digital transformation. And now today developed countries
looking to adopt 5G soon, India also appears to be all set to implement the 5G network shortly.
However, before implementing the 5G, we should also consider the challenges that India is
facing currently. Data protection is one of it as the law to regulate the protection of data that
appears to be significant in this high-speed world of 5G. There are ongoing cybercrimes,
hackings, trading and instances selling of personal data to the third party. In an era where
statements such as data are the most valuable asset on the earth is prevalentii. On the same
page, data protection is a burning question in India as well, and various phone operators have
cautioned the government about the security concern over the data protection before
implementing the 5G in India.iii

It is said that data is the 21st-century oil. Data, as we know, has now become an immensely
valuable and precious resource in the world, so processing of any data must be implemented
while understanding national and international security. Not just India, even powerful country
such as the USA recently was in controversy with the case of Cambridge Analytica for stealing
personal dataiv. This controversy was about influencing the behavior of voters in the 2016 USA
presidential election campaign, which created a lot of hue and cry. Even the European Union
adopted the General Data Protection Regulation (GDPR) in the year 2016, which will regulate
data protection in European Union Countries.v However, the same cannot be said about India.
Unfortunately, we are far behind in the race of information and technology, the critical question
today should not be about getting high-speed internet facility but a substantial provision for the
strict data protection law. In this process, Huawei and other 5G operators’ assurances to India for
data protection should be strictly examined.

The digital revolution had a significant impact on India’s GDP and will continue to do so. This
digital revolution, on the one hand, helped an individual to connect to the whole world with the
help of a smartphone and mobile phones while on the other hand there is nothing personal left for
an individual once he enters the digital world. It is also concluded by various reports that online
companies are trying to steal the personal data information for their benefit to know the customer
well and to understand their wants and needs. viAll these require greater scrutiny and a strong
data protection law is the need of the hour.

CONUNDRUM OF DATA PROTECTION LAW IN INDIA:

The apex court of India in the case of K.S. Puttuswamy vs. Union of India vii, held that right to
privacy is a fundamental right under article 21 of the constitution of India. Still, unfortunately,
we do not have proper law for data protection in India. The draft Personal Data Protection Bill is
pending and has not been passed yet in the parliament.viii

After this case, privacy became hullabaloo in India. But, unfortunately, we still do not have
proper laws for data protection in India. Personal data may be used by the criminals and ethical
hackers for their benefits, and there is no provision for prohibiting these types of cybercrime.
After the k.s puttuswamy case THE PERSONAL DATA PROTECTION BILL 2018, drafted by
Retd. Justice BN Sri Krishna has been constituted for this purpose, and its wide range of
provision is the need of an hour but, issues like lack of safety safeguard and the question who
will own the data of individuals were missing in this bill, led to severe criticisms. And instead of
adding the concept of Right to forget, it goes in vain when it implied that, the data collector and
processor can only restrict it or stop it from sharing, but with no concept of erasing it.ix

Again, in December 2019 a sincere effort had made by the ministry of Electronics and
information when they introduced THE PERSONAL DATA PROTECTION BILL 2019, with
the concept of erasure.x But, again with so many exemptions like National security, public order
and friendly relation with foreign state, all efforts proved futile. Justice B.N krishna, who himself
drafted the Data protection Bill 2018, said that the bill can turn India into “Orwellian state”xi.

Let us discuss some major pitfalls in the Data protection Bill 2019, and they are following:

1. The section 35 of this bill gives government untrammeled power, so that the government
can do anything for accessing personal data and even no procedure has been laid down
for accessing the personal data, is one of the major pitfalls in this bill.
2. The provision for processing of personal data without consent by state can be accepted
but, processing of personal data without consent for the purpose of employment is a
highly debatable issue. And can become a major challenge to tackle when any crucial
data stolen by employees under the section 13, which the ground for proceeding of
personal data without consent in employment.
 3. The previous bill presented by the B.N Krishna committee has laid down the procedure
for formation of DPA (Data protection Authority), in which the members are also from
people outside not just the executive. Whereas, the chapter IX of the 2019, bill talks
about the establishment of DPA (Data protection Authority), further section 42 of this bill
talks about composition and member in DPA which shall be appointed by central
government and no independent, transparent committee turning the concept of
appointment into arbitrariness the 2019, in this way is 2019 bill, is a undemocratic and
disheartening stepdown from even the previous draft.

Though the draft given to the joint parliamentary committee for their suggestion, which should
seriously consider this problem. Data protection laws are much needed before the 5G technology
and in this data protection bill will be crucial for the protection of data. This law will be covering
territorial and extraterritorial cases and processing of personal data only in India. Hence, before
next G in the telecom sector comes, we all need strict data protection law.

CRITICAL ANALYSIS AND CONCLUDING REMARKS

Although Companies such as Nokia and Huawei have advocated the rolling out of 5G as soon as
possible citing the architecture of 5G as much more secure compared to earlier technologies
because of its distinctive architecture, it is also said that the encryption of 5G could only be
broken through quantum computers which in itself is a thing of future. However, it is essential to
note that every revolution requires a regulation which this revolution of 5G will also need.
Therefore the concerns raised by the experts concerning security holds more value over the
arguments of companies who are in favour of fast-rolling of 5G. In our opinion, every concern of
every stakeholder should be addressed before taking any major decision in this regard. In a
global scenario where there already is a bitter rivalry going on between USA and China over role
of Huawei in this whole saga where the proposition is with respect to 5G and data protection xii.
India should keep its cards closed, and India should play safe and bring in the data protection bill
first. Once the data protection bill is enacted concerns such as data portability, data localizations
and any breach of data security will automatically fall under its ambit which will be the law of
the land — therefore paving the way for smooth rolling of 5G technology.
i
Investment key to India becoming USD 5- trillion economy in five years: CEA, THE ECONOMIC TIMES (Mar. 5, 2020,
3:30 PM), https://economictimes.indiatimes.com/news/economy/finance/investment-key-to-india-becoming-usd-5-trillion-
economy-in-five-years-cea/articleshow/71322635.cms.
ii
The world’s most valuable resource is no longer oil, but data, The Economist (Mar. 5, 2020, 3:35 PM),
https://www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource-is-no-longer-oil-but-data.
iii
Security concerns should be addressed before adopting 5G: Airtel , THE ECONOMIC TIMES (Mar. 10, 2020, 3:35 PM),
https://economictimes.indiatimes.com/industry/telecom/telecom-news/security-concerns-should-be-addressed-before-
adopting-5g-airtel/articleshow/70529210.cms?from=mdr.
iv
Issie Lapowsky, How Cambridge Analytica Sparked the Great Privacy Awakening, Wired (Mar. 5, 2020, 5:35 PM),
https://www.wired.com/story/cambridge-analytica-facebook-privacy-awakening/ .
v
The History of the General Data Protection Regulation, European Data Protection Supervisor, (Mar. 15, 2020, 5:35 PM),
https://edps.europa.eu/data-protection/data-protection/legislation/history-general-data-protection-regulation_en .
vi
Jathan Sadowski, Companies are making money from our personal data – but at what cost? The Guardian (Mar. 16, 2020,
3:35 PM), https://www.theguardian.com/technology/2016/aug/31/personal-data-corporate-use-google-amazon.
vii
(2017) 10 SCC 1.
viii
The personal Data protection Bill, 2019, PRS LEGISLATIVE RESEARCH (Mar. 6, 2020, 3:35 PM),
https://www.prsindia.org/billtrack/personal-data-protection-bill-2019.
ix
PERSONAL DATA PROTECTION BILL 2018, Sec. 27.
x
PERSONAL DATA PROTECTION BILL 2019, Sec. 18.
xi
Megha Mandavia, Personal Data Protection Bill can turn India into ‘Orwellian State’: Justice BN Srikrishna, The
Economic Times( Mar. 7, 2020, 3:35 PM) https://economictimes.indiatimes.com/news/economy/policy/personal-data-
protection-bill-can-turn-india-into-orwellian-state-justice-bn-srikrishna/articleshow/72483355.cms?from=mdr .
xii
HIROYUKI AKITA, US is losing the 5G war to China, NIKKEI ASIAN REVIEW (Mar. 10, 2020, 3:35 PM),
https://asia.nikkei.com/Spotlight/Comment/US-is-losing-the-5G-war-to-China.