Blog

Days after putting up the data anonymisation guidelines for public consultation, the government pulled down the draft on September 8, 2022. This is the fourth such ‘pull down’ instance.

Previously, the government withdrew and then reuploaded the amendments to the IT Rules draft, it also updated the data accessibility policy and later the IT Ministry took back the Personal Data Protection Bill.

The data anonymisation guidelines were put up for public consultation on August 30, 2022, and the last date for submitting comments was September 19, 2022.

According to an ET report, ministry officials have claimed that the draft was out without sufficient consultation with experts. The ministry is looking to speak to a wider set of experts and put up a fresh draft for public consultation ‘in a few days’.

The removal issue was first reported by the industry body Internet Freedom Foundation, which claimed to no longer find the consultation documents. 

Contents Of The Existing Data Anonymisation Draft

By anonymising data, users’ identifiable (personal) information is tokenised to ensure that no data is processed from anyone’s end, except the company and certain e-governance projects.

Another draft of Mobile Security Guidelines was also released at the same time, covering entities such as device manufacturers, app developers, network operators and others. The second draft, similar to the data anonymisation guidelines, undertook the usage of sensitive data such as login credentials, passwords, Aadhar numbers and more. 

The timing of the drafts (as the larger personal data protection bill was pulled down), has raised several eyebrows about how the government has been quietly marketing the guidelines, asking for comments and silently pulling back the draft in the case of discrepancies.

For instance, updates in the data accessibility policy were not proactively set forth, and amendments to the IT Rules were also done with a bare minimum textual context.