Schedule II: Standards for Processing by the State and for Specified Purposes
Schedule II sets the baseline standards that must be followed when the State or its instrumentalities process personal data. This is especially important because government bodies in India handle vast volumes of sensitive data — from Aadhaar numbers and tax records to health data, welfare entitlements, and educational records.
The Schedule ensures that while the State can process personal data without always requiring consent (for subsidies, benefits, licences, or permits), such processing must still be carried out with safeguards.
Schedule II is divided into two main parts:
- Part A – Processing by the State under Section 7(b) of the Act
- Part B – Processing for specified purposes under Section 17(2)(b) of the Act
Part A: Standards for Processing by the State (Section 7(b))
When the government processes personal data to deliver subsidies, services, licences, or permits, it must follow prescribed standards:
Purpose Limitation
The processing must be strictly limited to what is necessary for delivering the benefit, service, or authorisation applied for.
If Govind applies for a driving licence, the transport department may process his Aadhaar number, address, and biometrics only for issuing the licence. It cannot use that data later for unrelated profiling.
Data Minimisation
Only the minimum amount of personal data required to complete the service should be collected and processed.
If a farmer named Narayan applies for a fertilizer subsidy, the agriculture department should only collect landholding details and bank account numbers needed to transfer the benefit, not unrelated data such as educational qualifications.
Security Safeguards
The State must apply reasonable security controls such as encryption, secure servers, and restricted access to protect personal data against breaches.
Access and Accountability
Individuals must know whom to contact in case they wish to query or challenge how their data is being processed by a government department.
Part B: Standards for Processing for Specified Purposes (Section 17(2)(b))
The law also permits exemptions for certain specified purposes such as research, statistical analysis, or archiving. In such cases, Schedule II sets the guardrails to prevent misuse:
Anonymisation Wherever Possible
Wherever feasible, data must be anonymised so that individuals cannot be directly identified.
A health research body studying cancer prevalence may process hospital admission data but must anonymise names and addresses so that patients are not identifiable.
Strict Prohibition on Secondary Use
Data collected for research or statistical purposes must not be diverted to commercial exploitation.
If a manufacturing industry association collects workforce data to study employment patterns, it cannot later sell that data to recruitment companies.
Security Obligations Still Apply
Even for exempted purposes, organizations must use adequate security measures to prevent leaks or unauthorized access.
Proportionality of Retention
Data processed for research or archiving must not be kept longer than necessary to achieve the legitimate purpose.
Exemptions under Part B do not waive security, accountability, or proportionality. Anonymisation and prevention of secondary misuse are mandatory safeguards.
Why Schedule II Matters
Government agencies are some of the largest data handlers in India. Without proper standards, the risk of misuse, overreach, or breaches would be enormous.
Schedule II ensures that:
- Citizens continue to receive benefits and services without unnecessary delays caused by repeated consent requirements.
- The State is held to the same standards of security, accountability, and proportionality as private companies.
- Exemptions for research and statistical purposes are not abused, and personal privacy is protected even when explicit consent is not sought.
Example for Context
When ABC Insurance Ltd. applies for a licence to sell policies, the Insurance Regulatory and Development Authority of India (IRDAI) may process company details and director information without explicit consent, but only for the purpose of granting or rejecting the licence.
When the National Statistical Office (NSO) conducts a census, it may collect large amounts of household data but must anonymise it before publishing results.