A high-level panel of experts has recommended to the Indian government that there should be a complete prohibition on the cross-border transfer of personal critical user data while emphasizing that such data be processed locally.
READ MORE: Local Data Storage is India’s Sovereign, Legal Requirement — Expert
Submitting a comprehensive report on Friday, the committee of experts, under the chairmanship of Justice BN Srikrishna, also recommended a hefty penalty to firms found guilty of the violation.
"Sensitive or critical personal data will include passwords, financial data, health data, official identifier, sex life, sexual orientation, biometric and genetic data, and data that reveals transgender status, intersex status, caste, tribe, religious or political beliefs or affiliations of an individual," the report reads.
We leave our footprint everywhere we leave our data everywhere. Somebody is making money out of it. So lets control it and make sure that the country is empowered and citizen is empowered. That is the objective of this entire exercise: Justice Srikrishna on #DataProtection Report pic.twitter.com/uFsB9CRtlH
— RSPrasad Office (@OfficeOfRSP) July 27, 2018
The committee has further recommended that in case of data misuse, the penalty may extend up to 4 percent of the guilty firm's total worldwide turnover of the preceding financial year.
READ MORE: India Serves Second Notice to Cambridge Analytica, Facebook on Data Leak Issue
The committee was tasked to make the recommendations following reports of enormous misuse of data by global firms, thereby increasing the scrutiny by governments across the world on how companies handle user data.