Title Image

Data Protection

Data Protection Bill – Parliamentary panel Finalizes Draft Report

With growing reliance on technology, Personal Data Protection bill has been need of the hour for India. Recently, the Joint Parliamentary Committee has finalized the draft report on Personal Data Protection Bill. It is likely to be placed in the upcoming Winter Session of Lok Sabha with specific recommendations.

Tune into this video, where LawWiser quickly takes you through the update “Parliamentary panel finalizes draft report on a Personal Data Protection Bill”. Watch Prabhjot Singh explaining this recent update.

0

In A Minute – WhatsApp Challenge to New Intermediaries Rule 2021

There is lot of buzz around #WhatsApp challenge before Delhi High Court against certain rules of The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

Watch now and understand it all in the #LawWiser IN A MINUTE powered by Phoenix Legal with their Partner Pranav Srivastava. He shares quick highlights of the case basis which the challenge to the new rules has been made. To get featured in more such conversations, write us on [email protected]

0

Exploring Personal Data Protection- In Conversation

With time we are only going to get more and more reliant on technology for most of the services. That means there will be an increase in the sharing of our personal data with more service providers or platforms.

We only hear that personal data should be shared securely and we have the right to know how it will be utilised. But how many times have we taken care to read the privacy and personal data usage policy?

LawWiser #InConversation with Rajendra Misra, General Counsel, IHCL, discusses what are the key principles and rights concerning personal data protection.

In this video our expert answers –

1.) What are the key principles that apply to the processing of Personal Data protection?

2.) What the key rights individuals have concerning the processing of their Personal Data?

Personal data in India

Personal Data In India is a new law that governs data in the country. The law covers all IT activities, cybercrime, and security and privacy issues.

It provides certain exemptions for certain government agencies and requires them to obtain authorization from the Parliament to collect sensitive personal information.

However, it is unclear what these exemptions are and what type of actions they allow. There are several things to know about the new law before it takes effect.

Draft Personal Protection Bill

The draft Personal Data Protection Bill was introduced in the Indian Parliament on Dec. 11, 2019. It was the subject of intense debate for the past two years. The bill was referred to a joint parliamentary committee for a final report and debated in 2020.

The government is confident that the bill will pass as they have a majority in the two houses of Parliament. The government wants to ensure that the new law is enacted as soon as possible.

The new law will affect almost all businesses in the country. This includes social media and e-commerce and companies based in India or foreign companies dealing with the personal data of individuals in the country.

Small entities have some exemptions, but the new law will impose more stringent conditions for all businesses.

Telecommunication and financial firms already follow some privacy practices. The new law will likely be passed by the end of the year.

This law has two important aspects. It is a vital component of the new Personal Data Protection Bill, and the Act specifies what can happen to a data principal if it is misused. While the law strongly emphasizes protecting citizens’ privacy, there are instances when it does not.

It is called a “data principal,” and digital companies can obtain it to help protect public safety.

In 2010, the government created a committee of experts that looked into protecting personal information. Retd headed the committee. Justice BN Srikrishna. The committee issued a draft of a law that requires companies to comply with the requirements of the law.

Further, the DPA has also mandated that these companies follow certain privacy and confidentiality requirements. It is a significant step in protecting the rights of citizens.

The DPA also addresses the use of geo-location information. The bill also outlines the types of companies that process personal data. It also covers companies incorporated in India and foreign firms that deal with the personal data of individuals in the country.

In addition, the new legislation will protect the privacy of Indian citizens. The new law will be implemented in 2020. The ruling coalition is currently in the process of amending the DPA.

While the new law does not directly affect citizens’ privacy, it will still affect the way personal data is used. While the DPA doesn’t mention privacy, it focuses on personal data by companies that handle sensitive data.

For example, companies may use geo-location information to make personalized advertisements.

It is important to know that this legislation will not have the same effect as the law in the United States. But the changes are certainly a big step forward in the fight against cybercrime.

Key Takeaways

The Personal Data Protection Bill will also protect the rights of individuals and businesses in India. The new law will require companies to inform citizens about the privacy of their data. The bill will apply to companies that have personal data on a global scale

To get featured in more such conversations, write us on [email protected]

0

Quick Guide on UPI Framework and Data Privacy

UPI or the Unified Payments Interface has more than 100 Mn active users in India.

As the popularity of UPI has skyrocketed in the past couple of years, LawWiser had a conversation with Atul Juvle, General Counsel, Compliance Officer, and Company Secretary, Schindler India Pvt Ltd, to understand the UPI framework and discuss implications of data privacy. In this video we explore,

What is UPI?

What is the regulatory framework to control & monitor UPI?

What are the implications of data privacy in the UPI system?

and provide, Suggestions to UPI users.

To get featured in more such conversations, write us on [email protected]

0

Seeking Protection Against Media Trials – In Conversation

A civil suit was filed before Delhi High Court by four Bollywood industry associations and 34 leading production houses, seeking directions against prominent news channels as well as social media platforms to refrain from making or publishing irresponsible, derogatory, and defamatory remarks against the Bollywood film industry.

LawWiser with Tanu Banerjee, Partner, Induslaw and Hormuz Mehta, Partner, J. Sagar Associates, discuss how media trial can affect any industry and ‘Seeking Protection Against Media Trials’

In this video, the experts share insights on –

How this civil suit by Bollywood Producers acts as an example of negative reporting and media trials?

When is the right time to take legal action against such negative reporting?

How do we see negative reporting or media trials impacting other industries?

To get featured in more such conversations, write us on [email protected]

1

Comprehending Data Privacy & Data Security

Data Privacy and Data Security are some of the key issues that every company must be in compliance with. However, these two terms are often used interchangeably by many.

To know the difference and how companies deal with them Lawwiser brings discussion with expert K. Satish Kumar, Global Head – Legal & Chief Data Protection Officer, Ramco Systems,on ‘Comprehending Data Privacy & Data Security’.

Get insights on the following:

1) Data Privacy & its instances. What falls under it?

2) What is Data Security?

3) What are the compliances followed by companies to avoid a breach of information or any such risks?

Stay tuned LawWiser for more such insights

To get featured in more such conversations, write us on [email protected]

0

Deciphering The Chinese Apps Ban & The Impact On Its Businesses

The Government of India has banned many Chinese mobile applications, on the ground that they pose threat to the country’s “sovereignty and security”. The popular ones include top social media platforms such as TikTok, WeChat, Helo, Wework, and PUBG among others.

LawWiser in conversation with Arpita Mukherjee (Head- Legal & Compliance, Fabindia Overseas Pvt Ltd) and Suneeth Katarki (Partner, IndusLaw) decipher the ban on Chinese Apps and discuss as to how this ban would impact the Apps businesses in India in the long term.

Stay tuned LawWiser for more such insights

To get featured in more such conversations, write us on [email protected]

0

Compliance With Data Protection Laws In AMEA Region

Data Protection has been in the limelight whether it is Google, Facebook, Mastercard, and many more such companies. All have proved their part but let us understand the laws in the AMEA region.

LawWiser brings you a Conversation with Ojasvita Srivastava, General Counsel – Securitas Group AMEA.

In our One-on-One Series

In this video, you will understand the Data Protection Laws in the AMEA region. To get featured in more such conversations, write us on [email protected]

What Is Data Protection Compliance?

Data Protection Compliance is the requirement to adhere to laws governing data processing. Before GDPR, the EU was bound by the guidelines set out in Data Protection Directive 95/46/EC that ensure the privacy of individuals about their personal information and their free movement.

Besides GDPR, other data protection laws are important for your business. You should develop a comprehensive data security policy to protect your customers’ personal information.

It should be transparent about the purpose of collecting and using the data. The GDPR is a complicated regulation, and your company will need a dedicated compliance officer to meet these requirements.

The GDPR also applies to third-party vendors. In case you are working with any external partner, make sure they have an adequate security policy in place.

How has the Data Protection Law in India evolved?

In India, the Information Technology Act 2000 governs data. The act covers all IT activities and is designed to ensure privacy. It also imposes obligations on entities handling sensitive personal data and provides compensation in cases of harm. It is one of the most comprehensive laws governing personal data.

GDPR passed the way for data protection. The permission requirement for transferring data is similar to other countries but not as strict as in Singapore, Hong Kong, etc.

One of the most important elements of GDPR compliance is the principle of purpose limitation. This regulation binds companies to only personal process data for specified, legitimate purposes. It means that a company must make it clear to users why they are processing their information.

With the lockdown and pandemic, remote working has increased. Most organizations have data centers for a region.

Strictest compliance for the transfer of personal data:-

1. To seek express permission of individual/ employee/ client

2. Or transfer to a jurisdiction having similarly compliant law as the home jurisdiction

Compliance with GDPR in the Region (EU national’s data)

For EU nationals in another region, companies can comply with the data protection with express permission. Companies need to be compliant with local data protection laws.

Despite the complexity of the new laws, companies need to comply with them. There are numerous regulations for data processing, which can help ensure that your business stays compliant with data protection laws. It also helps to have a designated DPO team responsible for data protection and compliance, and some jurisdictions require the appointment of a DPO.

Methods of Compliance Followed by Different Companies

It is a three-step process:-

1. Study the data protection laws of the country operating.

2. What are the laws where the data center is located.

3. A comprehensive review of the internal process of data protection.

4. Penalties for non-compliance in India are not very strict compared to GDPR.

5. GDPR has high penalties for non-compliance

Bottom Line

While GDPR is not the only privacy law globally, it was the first and most comprehensive. It was designed to completely reflect the new digital age in how we manage our data. The GDPR requires that all companies follow strict data protection laws to avoid fines.

The GDPR is the most important legislation regulating data and preventing misuse. If your business is not up to the task, consider hiring a professional to care for your compliance needs.

0
Call Now ButtonCall us now!