The Prayas ePathshala

Exams आसान है !

29 November 2022 – The Indian Express

Facebook
LinkedIn
WhatsApp

Data Regulation in India

What are the Seven Principles of the 2022 Bill?

  • The use of personal data by organisations must always be done in a way that is legal, fair to the individuals concerned, and transparent to the individuals.
  • Second, personal data can only be used for the purposes for which it was collected.
  • Data minimization is discussed in the third tenet.
  • The importance of appropriate data collection is emphasised in the fourth principle.
  • The fifth principle specifies that personal data should only be kept for a defined period of time and cannot be “stored constantly by default.”
  • The sixth principle states that there should be sufficient safeguards to ensure that “no unauthorised acquisition or processing of personal data” takes place.
  • The eighth principle said that “the person who determines the purpose and means of the processing of personal data should be responsibility for such processing.”

What Makes Up the Basic Elements of the Digital Personal Data Protection Bill?

Data Principal and Data Fiduciary:

  • The individual whose data is being collected is referred to as the “Data Principal.”
  • If a child is under the age of 18, their parents or guardians are referred to as their “Data Principals.”
  • Any person, company, government agency, or other organisation that chooses the “purpose and means of the processing of an individual’s personal data” is a data fiduciary.
  • Personal data is defined as “any data that permits the identification of an individual.”
  • The phrase “complete range of operations that may be carried out on personal data” is used to define processing.
  • Fiduciary Information of Importance Data fiduciaries deal with a lot of private data. The federal government will decide who fits into this category based on a number of factors.
  • Both a “Data protection officer” and an objective data auditor will be required to be employed by these organisations. a person’s rights Access to Information: The bill mandates that everyone must have access to “basic information” in each of the eight languages included in the Indian Constitution’s schedules.
  • Individuals must consent before personal data is processed. Additionally, each subject must be aware of the categories of personal data that a data fiduciary aims to collect as well as the reasons behind such collection and further processing, according to the right to consent.
  • People also have the choice to withdraw their consent from a data fiduciary.
  • Data principals have the right to ask that any information that the data fiduciary has obtained be updated or deleted.
  • Right to Elect: Data Principals will also have the option of appointing a representative to act on their behalf in the event of their death or incapacity when exercising these rights.
  • Data Protection Board: The Bill also recommends setting up a Data Protection Board to make sure the law is followed.
  • If consumers feel that the Data Fiduciary has not given them a sufficient response, they may complain to the Data Protection Board.
  • Cross-border Data Transfer: The law authorises the storage and transfer of data to “certain recognised nations and territories” across international borders, provided that they have a sufficient data security environment and that the government has access to such data from within India.
  • Data fiduciary penalties Organizations that suffer data breaches or neglect to notify users when breaches occur may be subject to hefty legal penalties.
  • Financing penalties will range from 50 to 500 crores.
  • For the main information If a person registers for an online service using false identification or makes unfounded complaints, they could be fined up to Rs 10,000.
  • Exemptions: The government may exempt some firms from adhering to the bill’s requirements depending on the number of users and the volume of personal data the institution processes.
  • When implementing this, consideration was given to the businesspeople in the country who had complained that the Personal Data Protection Bill, 2019 was too “compliance intensive.”
  • National security-related exemptions from the previous 2019 edition have been preserved.
  • The Centre has been given the authority to exempt its agencies from complying with the Bill’s requirements in the interest of upholding India’s sovereignty and integrity, the country’s security, friendly relations with other countries, maintaining public order, or preventing incitement to any cognisable offence.

The Digital Personal Data Protection Bill’s effects:

  • The revised Bill significantly relaxes the contentious necessity of local data storage within India’s borders, in contrast to the previous Bill’s controversial provision.
  • It has a somewhat forgiving attitude toward the requirement of data localization and permits data flow to a select number of global sites, which is anticipated to promote international trade agreements.
  • The right to posthumous privacy of the data principal was ignored by the PDP Bill, 2019, despite the proposal of the Joint Parliamentary Committee.
  • What modifications have been made to the data protection regulations in India?
  • Justice K. S. Puttaswamy (Retd) v. Union of India, 2017: In Justice K. S. Puttaswamy (Retd) v. Union of India, a nine-judge Supreme Court panel ruled in August 2017 that Indians have a basic right to privacy under Article 21 of the Constitution, which is safeguarded by the law.
  • 2017 B.N. Srikrishna Committee Under the leadership of Justice B. N. Srikrishna, the government established a data protection expert group in August 2017. In July 2018, the committee’s report and a draught data protection law were both submitted.
  • The establishment of a Data Protection Authority, the right to be forgotten, data localization, and restrictions on data processing and gathering are just a few of the several proposals made in the report to tighten India’s privacy laws.
  • Information technology intermediary guidelines and the digital media ethical code for 2021:
  • In compliance with IT Rules, social media platforms need to be more cautious about the content they host (2021).

Select Course