Which act in india focuses on data protection and data privacy?

Introduction The draft Digital Personal Data Protection Bill, 2022 (" DPDPB") was released on November 18, 2022 by the Ministry of Electronics and Information Technology (" MeitY") for public consultation, pursuant to its withdrawal of the draft Personal Data Protection Bill 2019 (" PDPB 2019") in August 2022. MeitY has significantly altered the framework of DPDPB compared to the PDPB 2019, though there are important aspects that MeitY has sidestepped. Meanwhile, one of the most concerning issues with DPDPB is the fact that the provisions cover a basic framework for data protection and privacy, leaving it largely for the Central Government to assess and notify further protections at a later stage, as and when deemed necessary. This not only puts the ambit of governmental scrutiny with a wider reach but also prevents adequate protection of fundamental rights to privacy and protection. This paper provides an overview of the provisions of DPDPB and analyses its impact. Key Definitions Before looking into the intricacies of DPDPB and examining its applicability and exceptions, it is pertinent to note the definitions of certain key terms: • Data: Data is defined as a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by humans or by automated means. • Personal Data: It is defined as the Data concerning an individual who is identifiable by or in relation to such data. Thus, not only Data t...

With the advent of massive data storage and processing technologies like machine learning and artificial intelligence, which can extract meaningful insights for strategic decision-making for organisations, it has become extremely important for them to collect more data from their consumers without any checks. The debate around data privacy If we ask the question, “What is Privacy?”, it will be difficult to answer. One cannot arrive at a specific definition of privacy. The epoch that triggered this event in the first place was the scandal surrounding Data is the new oil Like oil in the 18 th century, data is an undervalued resource in the 21 st century. Like oil, there will be enormous rewards for those who see the basic worth of data and learn how to extract and exploit it. With the advent of massive data storage and processing technologies like machine learning and artificial intelligence, which can extract meaningful insights for strategic decision-making for organisations, it has become extremely important for them to collect more data from their consumers without any checks. With the percolation of internet services in India’s remotest towns and villages and the increasing availability of affordable smartphones, the average citizen’s data usage has grown considerably. As of January 2022, there are approximately It is time for India to act and take inputs from the laws of other countries; the lawmakers drafted the Personal Data Protection Act in 2019 and have now introd...

• radio_button_checkedEnglish • radio_button_uncheckedFrançais • radio_button_uncheckedEspañol • radio_button_uncheckedDeutsch • radio_button_uncheckedPortuguês (Brasil) • home • • group • school • • assessment • event • person_add • store • person_outline • info_outline • domain • send • calendar_today • close search close• Main Menu touch_app • shopping_cart • radio_button_unchecked News Feed • radio_button_unchecked Daily Dashboard • radio_button_unchecked Videos • radio_button_unchecked Privacy Perspectives • radio_button_unchecked The Privacy Advisor • radio_button_unchecked The Privacy Advisor Podcast • radio_button_unchecked Privacy Tracker • radio_button_unchecked Privacy Tech • radio_button_unchecked DPO Confessional • radio_button_unchecked Canada Dashboard Digest • radio_button_unchecked Asia-Pacific Dashboard Digest • radio_button_unchecked Latin America Dashboard Digest • radio_button_unchecked Europe Data Protection Digest • radio_button_unchecked U.S. Privacy Digest • radio_button_unchecked IAPP Westin Research Center • radio_button_unchecked Books • radio_button_unchecked Web Conferences • radio_button_unchecked Advertise • radio_button_unchecked About IAPP Publications menu Daily Dashboard The day’s top stories from around the world Privacy Perspectives Where the real conversations in privacy happen The Privacy Advisor Original reporting and feature articles on the latest privacy developments Privacy Tracker Alerts and legal analysis of legislative trends...

In 2017, the Supreme Court of India pronounced a landmark judgment declaring the right to privacy as a fundamental right under the framework of the right to life (Article 21) as per our Constitution . However, a standalone and comprehensive privacy law does not exist in India. Currently, the Information Technology Act 2000 read with supplementary Rules, acts as the legal cornerstone to ensure the protection of personal information. Lawmakers and regulators progressively recognize the importance of data for economic and technological growth. Hence, 2021 witnessed key developments in the data privacy and personal data protection space across various sectors. In terms of legislation, the Joint Parliamentary Committee's report on the proposed data protection law has given the Data Protection Bill of 2021 a new tone and tenure. The Reserve Bank of India developed restrictions for payment aggregators and lending applications , while the Bureau of Indian Guidelines formulated data privacy standards as an assurance framework for enterprises. The central government also pushed out due-diligence rules for internet intermediaries to regulate. What was 2021 about from a privacy and personal data protection vantage point? These developments result from the meteoric adoption of technology, powered by enormous data sharing networks created by private and public entities. These networks depend on the personal data of individuals. In the absence of adequate privacy safeguards, there is a r...

After two years of deliberation, the Joint Parliamentary Committee (JPC) adopted the final draft of the Personal Data Protection (PDP) bill on November 22. The bill is now set to be tabled in the Indian Parliament’s winter session that started today, on November 29. The groundwork for this bill was laid by an August 2017 judgment by the Supreme Court that identified privacy as a fundamental right. Around the same time, in July 2017, a 10-member committee under retired Supreme Court judge B.N. Srikrishna was set up to examine the need for a data protection law in India and create a framework for it. August 2018: Srikrishna committee submits its report The Srikrishna committee submitted its draft report to IT minister Ravi Shankar Prasad in In August 2018. The committee made several recommendations on how data should be processed by Indian and global companies, emphasised the importance of user consent and suggested a penalty of up to 2-4% of a company's global turnover for non-compliance. The draft suggested that personal data can be processed only for a clearly defined purpose and users should be given the choice to withdraw consent. It also said that critical personal data should only be processed on local servers and all firms must hire a data protection officer. The committee studied data protection laws in Europe, Singapore and Australia to come up with the best practices for data protection in the Indian context. It also December 2019: PDP bill was first tabled in Par...

Four years ago India received the landmark Puttaswamy judgment, which enshrined the right to privacy for the world's largest democracy. Since then, through various iterations, the government of India has attempted to devise an act that can adequately ensure the privacy of its more than 760 million active internet users. Versions of the Personal Data Protection Bill were proposed in 2018 and 2019, each receiving extensive scrutiny from experts across the country and alarming tech giants with requirements such as data localization. After receiving 81 amendments from the Joint Parliamentary Committee, the bill was withdrawn in August 2022, amid promises of a new bill that fits into India's comprehensive legal framework. The new bill, proposed by the Ministry of Electronics and Information Technology, frames both the rights and duties of the "Digital Nagrik" (digital citizen) and the obligation to the lawful use of collected data. Drawing upon best practices from places like Singapore, Australia, and the European Union, the bill is based on the following principles: • Lawfulness, fairness, and transparency. • Purpose limitation. • Data minimization. • Accuracy. • Storage limitation. • Accountability. As the name suggests, the scope of the Digital Personal Data Protection Bill is restricted to processing digital personal data within the territory of India. As such, all offline personal data and anything not digitized will be exempt from the purview of this legislation. Such a s...

With the advent of massive data storage and processing technologies like machine learning and artificial intelligence, which can extract meaningful insights for strategic decision-making for organisations, it has become extremely important for them to collect more data from their consumers without any checks. The debate around data privacy If we ask the question, “What is Privacy?”, it will be difficult to answer. One cannot arrive at a specific definition of privacy. The epoch that triggered this event in the first place was the scandal surrounding Data is the new oil Like oil in the 18 th century, data is an undervalued resource in the 21 st century. Like oil, there will be enormous rewards for those who see the basic worth of data and learn how to extract and exploit it. With the advent of massive data storage and processing technologies like machine learning and artificial intelligence, which can extract meaningful insights for strategic decision-making for organisations, it has become extremely important for them to collect more data from their consumers without any checks. With the percolation of internet services in India’s remotest towns and villages and the increasing availability of affordable smartphones, the average citizen’s data usage has grown considerably. As of January 2022, there are approximately It is time for India to act and take inputs from the laws of other countries; the lawmakers drafted the Personal Data Protection Act in 2019 and have now introd...

K&S Partners | Introduction On 2nd September, 2020, the Ministry of Electronics and Information Technology (MEITY), Government of India invoking its power under section 69A of the Information Technology Act read with the relevant provisions of the Information Technology (Procedure and Safeguards for Blocking of Access of Information by Public) Rules 2009 and in view of the emergent nature of threats, blocked 118 mobile apps. As per the notification issued by MEITY, these apps were engaged in activities which are prejudicial to sovereignty and integrity of India, defence of India, security of State and public order. Further, MEITY had received many complaints from various sources including several reports about misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India. The compilation of this data, its mining and profiling by elements hostile to national security and defence of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which required emergency measures. This move by MEITY was to safeguard the interests of crores of Indian mobile and internet users. This decision is a targeted move to ensure safety, security and sovereignty of Indian cyberspace. This decision by MEITY has yet again opened up the discussion on the urgent need to have strong Data Protection La...

After two years of deliberation, the Joint Parliamentary Committee (JPC) adopted the final draft of the Personal Data Protection (PDP) bill on November 22. The bill is now set to be tabled in the Indian Parliament’s winter session that started today, on November 29. The groundwork for this bill was laid by an August 2017 judgment by the Supreme Court that identified privacy as a fundamental right. Around the same time, in July 2017, a 10-member committee under retired Supreme Court judge B.N. Srikrishna was set up to examine the need for a data protection law in India and create a framework for it. August 2018: Srikrishna committee submits its report The Srikrishna committee submitted its draft report to IT minister Ravi Shankar Prasad in In August 2018. The committee made several recommendations on how data should be processed by Indian and global companies, emphasised the importance of user consent and suggested a penalty of up to 2-4% of a company's global turnover for non-compliance. The draft suggested that personal data can be processed only for a clearly defined purpose and users should be given the choice to withdraw consent. It also said that critical personal data should only be processed on local servers and all firms must hire a data protection officer. The committee studied data protection laws in Europe, Singapore and Australia to come up with the best practices for data protection in the Indian context. It also December 2019: PDP bill was first tabled in Par...

Introduction The draft Digital Personal Data Protection Bill, 2022 (" DPDPB") was released on November 18, 2022 by the Ministry of Electronics and Information Technology (" MeitY") for public consultation, pursuant to its withdrawal of the draft Personal Data Protection Bill 2019 (" PDPB 2019") in August 2022. MeitY has significantly altered the framework of DPDPB compared to the PDPB 2019, though there are important aspects that MeitY has sidestepped. Meanwhile, one of the most concerning issues with DPDPB is the fact that the provisions cover a basic framework for data protection and privacy, leaving it largely for the Central Government to assess and notify further protections at a later stage, as and when deemed necessary. This not only puts the ambit of governmental scrutiny with a wider reach but also prevents adequate protection of fundamental rights to privacy and protection. This paper provides an overview of the provisions of DPDPB and analyses its impact. Key Definitions Before looking into the intricacies of DPDPB and examining its applicability and exceptions, it is pertinent to note the definitions of certain key terms: • Data: Data is defined as a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by humans or by automated means. • Personal Data: It is defined as the Data concerning an individual who is identifiable by or in relation to such data. Thus, not only Data t...