The story so far:
With the Ministry of Electronics and Information Technology (MeitY) looking to wrap up public consultations on the draft Rules for the Digital Personal Data Protection Act, 2023 by March 5, disability rights activists are trying to get a key provision of the Act amended or dropped, pointing out that it infantilises Persons with Disabilities (PwDs), negates their decision-making capabilities, and comes from a misunderstood notion of how guardianship works for PwDs.
What does this provision state?
Section 9(1), in clubbing children with PwDs, has mandated that even in cases of adult PwDs who have legal guardians, consent for use of any personal data must be obtained from the guardian concerned. While government officials have said that the draft Rules have tried to address the issue by limiting the number of disabilities the provision would apply to, activists and experts maintain that there remain significant challenges in its implementation.
What do the draft Rules say?
The Union government has said that it brought the DPDP Act, 2023 to govern the processing of digital personal data in a way that “recognises both the right of individuals to protect their personal data and the need to process such personal data for lawful purposes and for matters connected therewith or incidental thereto”. Section 9(1) of the Act says, “The Data Fiduciary shall, before processing any personal data of a child or a person with disability who has a lawful guardian obtain verifiable consent of the parent of such child or the lawful guardian, as the case may be, in such manner as may be prescribed.”
The Act’s language defines data fiduciaries as those parties processing the personal data and data principals as the users whose data is being collected. But in Section 2(j)(ii), for PwDs, the Act has included “lawful guardian” within the meaning of data principal.
In the draft Rules notified by the MeitY on January 3this year, the government has proceeded to set out the rules that will govern the Act. In these Rules, Rule 10 deals with the governing of Section 9(1) of the Act. Rule 10(2) says, “A Data Fiduciary, while obtaining verifiable consent from an individual identifying herself as the lawful guardian of a person with disability, shall observe due diligence to verify that such guardian is appointed by a court of law, a designated authority or a local level committee, under the law applicable to guardianship.” In the next sub-section, the Rules provide for considering guardianship under the Rights of Persons with Disabilities Act, 2016 (RPWD Act) and the National Trust for the Welfare of Persons with Autism, Cerebral Palsy, Mental Retardation and Multiple Disabilities Act, 1999 (NT Act).
It also goes on to define PwDs, for whom the consent clause of Section 9(1) would apply to, as: “(i) an individual who has long term physical, mental, intellectual or sensory impairment which, in interaction with barriers, hinders her full and effective participation in society equally with others and who, despite being provided adequate and appropriate support, is unable to take legally binding decisions; And (ii) an individual who is suffering from any of the conditions relating to autism, cerebral palsy, mental retardation or a combination of any two or more of such conditions and includes an individual suffering from severe multiple disability.”
But while the Rule on how to take the consent of the parents of children contains detailed explanations in the form of illustrations that highlight different scenarios and how the consent procedure would work in each, there is no similar illustrations presented for the sub-section that deals with taking consent of the guardian of a person with disability.
This has led disability rights activists and experts alike to question how the consent clause would apply to PwDs, details of procedures for different disabilities and degrees of severity, and whether it would apply uniformly to guardians appointed under different laws.
How do guardianships for PwDs work?
The legal guardianship for PwDs, while not mandatory, is governed by two laws in India — the RPWD Act, 2016 and the NT Act, 1999 — both of which mandate different roles for the guardians appointed under it for adult PwDs.
The NT Act’s guardianship clauses apply to people who are “diagnosed with conditions related to autism, cerebral palsy, intellectual disability (previously categorised as mental retardation), or any combined occurrence of two or more of these conditions”. It provides for full guardianship of the PwD. In contrast, the RPWD Act’s guardianship clauses apply to people “experiencing long-term physical, mental, intellectual, or sensory impairments which, when interacting with various barriers, hinder their full and effective participation in society on an equal basis with others”. This provides for a “limited guardianship”, which allows for support in making specific legal decisions when the individual’s capacity is deemed insufficient.
While the NT Act goes against the principles of the United Nations Convention on the Rights of Persons with Disabilities (UNCRPD) by making “decision-making capacity” a metric for guardianship without adequately defining it, the RPWD Act, drafted to keep up with the UNCRPD, frames guardianship as support to PwDs in exercising their own decision-making rights.
Where does the conflict arise?
A small survey among 91 PwDs by policy thinktank PACTA and Saksham Disability has shown that about 27.4% of them had legal guardians. Amongst those respondents who knew which law their guardianship was governed by, most said theirs were under the RPWD Act’s provision for “limited guardianship”. But despite this, the practicalities of guardianship are different, a report by Saksham and PACTA noted, adding that most of the PwDs with guardians maintained that their legal guardian ends up managing all their affairs. This report, released last month, noted that while the Act and the draft Rules are sound “in theory” if the guardianship is under the RPWD Act, the realities of how this guardianship works would mean that “a guardian is likely to deprive the autonomy and personhood of the individual”.
On the other hand, in cases of guardians appointed under the NT Act, this would be in “direct conflict” with the autonomy of persons with disabilities under the UNCRPD, the report argued.
The report noted that a plain reading of Section 9(1) of the DPDP Act “appears to presume” that just because a PwD might have a legal guardian, this in itself would be indicative of their “inability to take decisions in the digital sphere”.
In addition, it said the law does not consider intersectionality of gender and disability. It cites a situation where a PwD woman may not be able to buy sanitary napkins from an online platform because it may now require their guardian’s consent for them to be able to access the platform itself.
Nipun Malhotra, of the Nipman Foundation, who is leading efforts to lobby the government on these provisions, has said that Section 9(1) of the DPDP Act, 2023 itself has caused enough chaos on how it would apply, to whom, and under what circumstances. As for the government’s attempts to address the issue with the law by limiting the definition of PwDs in the draft Rules, Mr. Malhotra told The Hindu, “Instead of simplifying how it would apply, the definitions have further complicated the issue.” Citing one example of the definition, he explained that “physical impairment” has been included. “But there is no provision for people with just physical disability to have legal guardians. This will only confuse people more.”
What are the concerns being raised?
Given the way the consent clause has been structured for PwDs in the DPDP Act, 2023 and the draft Rules, some of the principal concerns that have emerged include those of what legal obligations would the guardian of a PwD face; how the consent clause can be implemented in cases where guardianship law is in dissonance with the UNCRPD; and whether the legal guardian can opt out of consenting on behalf of the user with respect to specific platforms.
Another issue highlighted by Saksham in their report has been that of concerns among PwDs about what the fate of their personal data will be. For instance, the rights body has posited that to comply with Section 9(1) of the Act, any data fiduciary would have to ask at least two questions: (i) Whether the user has a disability? (ii) Whether the user had a legal guardian. In cases where the answer to the first question is yes but the second is not, the platform will still have data on the person’s disability with no purpose to process it.
Further, Saksham has questioned that if the definition of data principal includes the legal guardian of a PwD, would that then mean that they must take on the full legal responsibility and face penal consequences under the Act? It has been argued that if this is the case, the legal guardian may, at times, be acting in their own interest, instead of the PwD they are caring for. Moreover, experts working in the disability sector have pointed out that beyond all of this, the primary barrier to PwDs’ digital rights remains that of inaccessible platforms and applications. According to a 2023 accessibility evaluation conducted by the Vidhi Centre for Legal Policy of the 10 most used apps, platforms like Paytm, Swiggy, Zomato, and Flipkart had low accessibility scores.
Published – February 27, 2025 08:30 am IST
