Impact of Extraterritorial Applicability of PDP Bill, 2019 on Banking Sector

By Yamini Jain and Gaurav Karwa

Introduction

Deriving its essence from Article 3(2) of the General Data Protection Regulations (GDPR), Section 2(A) of the Personal Data Protection Bill, 2019 [PDPB] makes a provision of its extraterritorial application over data fiduciaries and data principals present beyond the territory of India. Section 2(A)(b) of PDPB makes an extraordinary provision pertaining to its applicability on all such data fiduciaries incorporated under the laws of India and brings all their foreign branches within its purview. In this light, understanding the impact of the extra-territorial application of the PDPB on multinational banks based in India that process sensitive personal data becomes particularly important. In this article, the authors aim to highlight various issues and problems arising out of extraterritorial application on multinational organizations and particularly those related to  the banking sector. The authors explain the distinct meaning of the extra-territorial application of the PDPB, whether such application is in conflict with other laws, and other major issues in data localization, cloud servers, etc.

Continue reading “Impact of Extraterritorial Applicability of PDP Bill, 2019 on Banking Sector”