The Supreme Court of India in 2017, in the case of Justice K. S. Puttaswamy vs Union of India, proclaimed privacy as a fundamental right and highlighted the need for a sturdy and robust legal structure in India with regard to data protection. Further in 2018, the European Union laid down certain limits on organizations concerning the processing and managing of personal data by means of the General Data Protection Regulation. Following several data breaches by various business organizations in India, Justice B.N. Srikrishna Committee was created in 2018 to fill this gap in Indian laws with respect to data protection. The committee submitted its report and proposed the Personal Data Protection Bill, 2018 to the Ministry of Electronics and Information Technology. Recently, a spin-off version of this bill called Personal Data Protection Bill, 2019 was passed by the Lok Sabha. However, this bill has been facing severe global criticism ever since its formation. This paper attempts to discuss the key features of the bill, its loopholes, its distinction from EU’s General Data Protection Regulation and further suggests some changes that can be introduced in the bill to promote the right to privacy of an individual in its real sense. This paper also elaborates on the dangers of the blanket powers to access citizens’ personal information conferred upon the Indian government by the bill.