The curious case of automated decision-making in IndiaA comparative analysis of automated decision-making under the General Data Protection Regulation in the European Union and the Personal Data Protection Bill in India

India is on the cusp of enacting legislation on data protection. India drafted its Personal Data Protection Bill (PDPB), considering the various data protection legislations across the globe, including the General Data Protection Regulation (GDPR) in the European Union (EU). The GDPR stands as a torchbearer in data protection legislation. In EU law, the GDPR is the Regulation on data protection and privacy as well as the transfer of personal data, providing individuals control of their data and streamlining business use of data. One of the rights of data subjects under the GDPR is the right against automated decision-making. The GDPR provides that an individual has the right that their data is not subject to automatic decision-making. There is a need for human intervention to prevent any unintended discrimination. One of the principles that is different in the PDPB is the absence of such a right. The arguments presented in the documents préparatoires state that the Bill recognises privacy by design and is monitored by the data processing authority. If discrimination has ensued due to lawful yet discriminatory automated processing, individuals are always at liberty to go to courts for a breach of fiduciary duties. It is important to highlight and research this crucial difference as the globe moves to an online realm where the personal touch in the physical world is replaced by algorithms making decisions based on the data collected from users. This paper analyses the right against automated decision-making in detail and then examines why India argued not to provide such a right. The two contrasting perspectives would provide an insight into the vast ocean of data protection. As the PDPB seeks to stand as the torchbearer for the global south, this research would also help in comprehending the presence or absence of such a right signal for businesses across the globe.