The Union government’s Cabinet Committee on Security recently gave clearance to the Home Ministry’s NATGRID project. The project aims to allow investigation and law enforcement agencies to access real-time information from data stored with agencies such as the Income Tax Department, banks, insurance companies, Indian Railways, credit card transactions, and more. NATGRID, like a number of other government initiatives (UIDAI), is being established through governmental notifications rather than legislation passed in Parliament. The examination of this issue requires an assessment of the benefits of legislation vis-a-vis government notifications. Government notifications can be issued either under a specific law, or independent of a parent law, provided that the department issuing such notification has the power to do so. Rules, regulations which are notified have the advantage of flexibility since they can be changed without seeking Parliamentary approval. This advantage of initiating projects or establishing institutions through government notifications is also potentially of detriment to the system of checks and balances that a democracy rests on. For, while legislation takes a longer time to be enacted (it is discussed, modified and debated in Parliament before being put to vote), this also enables elected representatives to oversee various dimensions of such projects. In the case of NATGRID, the process would provide Parliamentarians the opportunity to debate the conditions under which private individual information can be accessed, what information may be accessed, and for what purpose. This time consuming process is in fact of valuable import to projects such as NATGRID which have a potential impact on fundamental rights. Finally, because changing a law is itself a rigorous process, the conditions imposed on the access to personal information attain a degree of finality and cannot be ignored or deviated from. Government rules and regulations on the other hand, can be changed by the concerned department as and when it deems necessary. Though even governmental action can be challenged if it infringes fundamental rights, well-defined limits within laws passed by Parliament can help provide a comprehensive set of rules which would prevent their infringement in the first place. The Parliamentary deliberative process in framing a law is thus even more important than the law itself. This is especially so in cases of government initiatives affecting justiciable rights. This deliberative process, or the potential scrutiny of government drafted legislation on the floor of Parliament ensures that limitations on government discretion are clearly laid down, and remedies to unauthorised acts are set in stone. This also ensures that the authority seeking to implement the project is The other issue pertains to the legal validity of the project itself. Presently, certain departmental agencies maintain databases of personal information which helps them provide essential services, or maintain law and order. The authority to maintain such databases flows from the laws which define their functions and obligations. So the power of maintaining legal databases is implicit because of the nature of functions these agencies perform. However, there is no implicit or explicit authorization to the convergence of these independent databases. One may argue that the government is not legally prevented from interlinking databases. However, the absence of a legal challenge to the creation of NATGRID does not take away from the importance of establishing such a body through constitutionally established deliberative processes. Therefore, the question to be asked is not whether NATGRID is legally or constitutionally valid, but whether it is important for Parliament to oversee the establishment of NATGRID. In October 2010, the Ministry of Personnel circulated an “Approach paper for a legislation on privacy”. The paper states: “Data protection can only be ensured under a formal legal system that prescribes the rights of the individuals and the remedies available against the organization that breaches these rights. It is imperative, if the aim is to create a regime where data is protected in this country, that a clear legislation is drafted that spells out the nature of the rights available to individuals and the consequences that an organization will suffer if it breaches these rights.” As the lines above exemplify, it is important for a robust democracy to codify rights and remedies when such rights may be potentially affected. The European Union and the USA, along with a host of other countries have comprehensive privacy laws, which also lay down conditions for access to databases, and the limitations of such use. The UIDAI was established as an executive authority, and still functions without statutory mandate. However, a Bill seeking to establish the body statutorily has been introduced, and its contents are being debated in the Parliamentary Standing Committee on Finance and the Bill has also been deliberated on by civil society at large. A similar approach is imperative in the case of NATGRID to uphold the sovereign electorate’s right to oversee institutions that may affect it in the future.
Recently, there have been instances of certain collective investment schemes (CISs) attempting to circumvent regulatory oversight. In addition, some market participants have not complied with Securities and Exchange Board of India's (SEBI) orders of payment of penalty and refund to investors. In August, the Securities Laws (Amendment) Bill, 2013 was introduced in the Lok Sabha to amend the Securities and Exchange Board of India Act, 1992 (the SEBI Act, 1992), the Securities Contract (Regulation) Act, 1956 (SCRA, 1956) and the Depositories Act, 1996. The Bill replaced the Securities Laws (Amendments) Ordinance, 2013. The Bill makes the following key amendments: a) Definition of Collective Investment Schemes The SEBI Act, 1992 defines CISs as schemes in which the funds of investors are pooled, yield profits or income and are managed on behalf of investors. It also exempts certain types of investments which are regulated by other authorities. The Bill introduces a proviso to the definition of CIS. This proviso deems any scheme or arrangement to be a CIS if it meets all three of the following conditions: (a) funds are pooled, (b) it is not registered with SEBI, or it is not exempted by SEBI Act, 1992, and (c) it has a corpus of Rs 100 crore or more. These provisions could potentially lead to some schemes not conventionally defined as CIS to fall under the definition. For instance, partnership firms operating in the investment business or real estate developers accepting customer advances could be termed as CISs. SEBI has been given the power to specify conditions under which any scheme or arrangement can be defined as a CIS. This raises the question of whether this is excessive delegation of legislative powers - usually the parent act defines the entities to be regulated and the details are entrusted to the regulator. b) Disgorgement (repayment) of unfair gains/ averted losses SEBI has in the past issued orders directing market participants to refund i) profits made or ii) losses averted, through unfair actions. The Bill deems SEBI to have always had the power to direct a market participant to disgorge unfair gains made/losses averted, without approaching a court. This power to order disgorgement without approaching a court is in contrast with the provisions of the recently passed Companies Bill, 2011 and the draft Indian Financial Code (IFC) which require an order from a court/tribunal for disgorgement of unfair gains. Further, the Bill specifies that the disgorged amount shall be credited to the Investor Education and Protection Fund (IEPF), and shall be used in accordance with SEBI regulations. The Bill does not explicitly provide the first right on the disgorged funds to those who suffered wrongful losses due to the unfair actions, unlike the draft IFC. c) Investigation and prosecution The Bill empowers the SEBI chairman to authorise search and seizure operations on a suspect’s premises. This does away with the current requirement of permission from a Judicial Magistrate. This provision removes the usual safeguards regarding search and seizure as seen in the Code of Criminal Procedure, 1973, the recently passed Companies Bill, 2011 and the draft Indian Financial Code. The Bill also empowers an authorised SEBI officer to, without approaching a court, attach a person’s bank accounts and property and even arrest and detain the person in prison for non-compliance of a disgorgement order or penalty order. Most regulators and authorities, with the exception of the Department of Income Tax, do not have powers to such an extent. d) Other Provisions of the Bill The Bill retrospectively validates consent guidelines issued by SEBI in 2007 under which SEBI can settle non-criminal cases through consent orders, i.e., parties can make out-of-court settlements through payment of fine/compensation. The United States Securities and Exchange Commission settles over 90% of non-criminal cases by consent orders. The Bill retrospectively validates the exchange of information between SEBI and foreign securities regulators through MoUs. The Bill sets up special courts to try cases relating to offences under the SEBI Act, 1992. For a PRS summary of the Bill, here.
