Font size:
Print
Strengthening the TDSAT for Digital Data Protection Appeals
Context:
In early January 2025, the Ministry of Electronics and Information Technology (MeitY) introduced the draft Digital Personal Data Protection Rules, 2025, under the Digital Personal Data Protection Act, 2023.
More on News
- This draft has sparked concerns, particularly regarding the Union government’s authority to appoint members to the Data Protection Board (DPB).
- Given that the DPB performs quasi-judicial functions, the executive’s control over appointments raises questions about the separation of powers and the Board’s independence.
- The draft Rules specify that appeals against the DPB’s decisions must be filed digitally with the Telecom Disputes Settlement and Appellate Tribunal (TDSAT), which is required to resolve them within six months.
- However, the effectiveness of this dispute-resolution mechanism remains uncertain.
- To equip the TDSAT for this role, three key institutional reforms are necessary: appointing a technical member with expertise in data protection, enhancing the Tribunal’s capacity for swift case resolution, and upgrading its technological infrastructure to support digital filings.
Need for a Data Protection Specialist
- First, the TDSAT must include a technical member with expertise in data protection.
- Tribunals are designed to handle sector-specific disputes, with technical members bringing relevant domain knowledge.
- Currently, Section 14C of the Telecom Regulatory Authority of India Act, 1997, requires that a TDSAT member have served as a Secretary to the Government (or equivalent) for at least two years or possess expertise in “technology, telecommunications, industry, commerce, or administration.”
- While this qualification suits telecommunications-related cases, data protection issues introduce distinct challenges.
- Cases may involve legal provisions on consent, access to personal data, data processing, storage, transfer, and unauthorised usage—issues fundamentally different from telecommunications disputes.
- The complexity of data protection laws necessitates specialised knowledge, warranting an amendment to Section 14C of the TRAI Act to mandate the appointment of a technical member with expertise in data protection and privacy.
Addressing the TDSAT’s Caseload
- Second, the TDSAT’s capacity to hear and resolve appeals must be considered before designating it as the appellate body for DPB decisions.
- Interestingly, the original 2018 draft of the Personal Data Protection Bill proposed establishing a dedicated tribunal, as recommended by the Justice B.N. Srikrishna Committee.
- However, in 2022, a revised version suggested filing appeals with High Courts, despite their increasing workload and the trend toward creating specialised tribunals.
- Currently, the TDSAT itself is grappling with an overburdened docket.
- As of February 2025, 3,448 cases remain pending from filings between 2020 and 2025.
- The newly enacted Telecommunications Act will further add to this caseload, making it unrealistic for the Tribunal to consistently resolve DPB-related appeals within six months, as required by the Act.
- In January 2025, the TDSAT had only one technical member on its sole bench, with no judicial member—an issue flagged by the Supreme Court, which has stressed the necessity of judicial members in tribunal benches.
- Expanding the TDSAT’s capacity through increased budget allocations and additional benches would help alleviate this backlog.
Enhancing Digital Infrastructure
- Third, the TDSAT must modernise its technological infrastructure to comply with the Act’s provisions on digital filings.
- Currently, the Tribunal’s website lacks user-friendly navigation and does not inspire public confidence.
- To ensure smooth operations, it must improve access to information on pending and resolved cases and implement an efficient system for digital case management.
- The TRAI Annual Report 2023 mentions the implementation of a new “legal case management system” for the TDSAT, but the extent of its impact remains unclear.
- A robust digital infrastructure is essential to handle the potentially high volume of data protection appeals and their complexities.
Ensuring Accountability and Efficiency
- Additionally, it must be held accountable for its performance.
- One way to achieve this is through the publication of annual reports detailing the number of appeals filed, cases resolved, pending appeals, and key legal issues addressed.
- This information should be categorised by subject matter—such as telecom, broadcasting, and data protection—to ensure transparency and efficiency.
As data protection assumes an increasingly critical role in India’s digital governance, the TDSAT’s ability to manage related appeals effectively will be essential in upholding the rule of law and safeguarding individual rights.
