India’s Joint Parliamentary Committee on the Personal Data Protection Bill, 2019 is proposing changes, including expanding the scope of the Data Protection Authority to cover personal as well as non-personal data. The Bill seeks to regulate the use of individual data by the government and private companies and a Data Protection Authority has been envisaged for ensuring compliance. The proposed Act states that the authority will take “prompt and appropriate action in response to the personal data breach in accordance with the provisions of this Act”. For example, the committee has recommended that the word “personal” be omitted “to enlarge the ambit of the authority to look into the data breach.”