The Joint Parliamentary Committee has adopted the recommendations of its report for the Personal Data Protection Bill, 2019.
Watch Rupank Sharma briefly sharing key revisions made in the Bill during the current winter session of Parliament.
#staytuned for more such quick updates from LawWiser.
Tune into this video where LawWiser takes you through new updates on “Extension to Joint Committee on the PDP Bill, 2019, to submit the report” and “Striking of Notification under Sec 17(4) Land Acquisition By Supreme Court”.
Watch Prabhjot Singh briefly explain the update on the joint committee getting an extension until the last week of 2021 of the present session to submit its report on this bill.
On the other hand, the Supreme Court in Hamid Ali Khan & Anr vs State of UP & Ors has held some exceptional circumstances for invoking Sec 17(4) of Land Acquisition Act, 1894.
With growing reliance on technology, Personal Data Protection bill has been need of the hour for India. Recently, the Joint Parliamentary Committee has finalized the draft report on Personal Data Protection Bill. It is likely to be placed in the upcoming Winter Session of Lok Sabha with specific recommendations.
Tune into this video, where LawWiser quickly takes you through the update “Parliamentary panel finalizes draft report on a Personal Data Protection Bill”. Watch Prabhjot Singh explaining this recent update.
With time we are only going to get more and more reliant on technology for most of the services. That means there will be an increase in the sharing of our personal data with more service providers or platforms.
We only hear that personal data should be shared securely and we have the right to know how it will be utilised. But how many times have we taken care to read the privacy and personal data usage policy?
LawWiser #InConversation with Rajendra Misra, General Counsel, IHCL, discusses what are the key principles and rights concerning personal data protection.
In this video our expert answers –
1.) What are the key principles that apply to the processing of Personal Data protection?
2.) What the key rights individuals have concerning the processing of their Personal Data?
Personal Data In India is a new law that governs data in the country. The law covers all IT activities, cybercrime, and security and privacy issues.
It provides certain exemptions for certain government agencies and requires them to obtain authorization from the Parliament to collect sensitive personal information.
However, it is unclear what these exemptions are and what type of actions they allow. There are several things to know about the new law before it takes effect.
The draft Personal Data Protection Bill was introduced in the Indian Parliament on Dec. 11, 2019. It was the subject of intense debate for the past two years. The bill was referred to a joint parliamentary committee for a final report and debated in 2020.
The government is confident that the bill will pass as they have a majority in the two houses of Parliament. The government wants to ensure that the new law is enacted as soon as possible.
The new law will affect almost all businesses in the country. This includes social media and e-commerce and companies based in India or foreign companies dealing with the personal data of individuals in the country.
Small entities have some exemptions, but the new law will impose more stringent conditions for all businesses.
Telecommunication and financial firms already follow some privacy practices. The new law will likely be passed by the end of the year.
This law has two important aspects. It is a vital component of the new Personal Data Protection Bill, and the Act specifies what can happen to a data principal if it is misused. While the law strongly emphasizes protecting citizens’ privacy, there are instances when it does not.
It is called a “data principal,” and digital companies can obtain it to help protect public safety.
In 2010, the government created a committee of experts that looked into protecting personal information. Retd headed the committee. Justice BN Srikrishna. The committee issued a draft of a law that requires companies to comply with the requirements of the law.
Further, the DPA has also mandated that these companies follow certain privacy and confidentiality requirements. It is a significant step in protecting the rights of citizens.
The DPA also addresses the use of geo-location information. The bill also outlines the types of companies that process personal data. It also covers companies incorporated in India and foreign firms that deal with the personal data of individuals in the country.
In addition, the new legislation will protect the privacy of Indian citizens. The new law will be implemented in 2020. The ruling coalition is currently in the process of amending the DPA.
While the new law does not directly affect citizens’ privacy, it will still affect the way personal data is used. While the DPA doesn’t mention privacy, it focuses on personal data by companies that handle sensitive data.
For example, companies may use geo-location information to make personalized advertisements.
It is important to know that this legislation will not have the same effect as the law in the United States. But the changes are certainly a big step forward in the fight against cybercrime.
The Personal Data Protection Bill will also protect the rights of individuals and businesses in India. The new law will require companies to inform citizens about the privacy of their data. The bill will apply to companies that have personal data on a global scale
To get featured in more such conversations, write us on editorial@lawwiser.com
UPI or the Unified Payments Interface has more than 100 Mn active users in India.
As the popularity of UPI has skyrocketed in the past couple of years, LawWiser had a conversation with Atul Juvle, General Counsel, Compliance Officer, and Company Secretary, Schindler India Pvt Ltd, to understand the UPI framework and discuss implications of data privacy. In this video we explore,
What is UPI?
What is the regulatory framework to control & monitor UPI?
What are the implications of data privacy in the UPI system?
and provide, Suggestions to UPI users.
To get featured in more such conversations, write us on editorial@lawwiser.com
Even though the word pandemic and Lockdown has become mundane, because of its consistent use, but what we cannot ignore is the impact it has had on several sectors and industries.
Sports industry is one such sector that has also been on the receiving end of the Lockdown.
LawWiser brings you insights ‘COVID Crisis In Sports Law’ on from the experts:
1. Jahnavi Upadhyay – Partner North India – Legal, Decathlon
2. Vinay Joy – Partner, Khaitan & Co.
3. Sania Husaini – Consulting Editor, LawWiser
In our Know Your Law Series.
In this conversation, you will get to know about Sports Law and how it has been dodging the COVID crisis.
To get featured in more such conversations, write us on editorial@lawwiser.com
Data Protection has been in the limelight whether it is Google, Facebook, Mastercard, and many more such companies. All have proved their part but let us understand the laws in the AMEA region.
LawWiser brings you a Conversation with Ojasvita Srivastava, General Counsel – Securitas Group AMEA.
In our One-on-One Series
In this video, you will understand the Data Protection Laws in the AMEA region. To get featured in more such conversations, write us on editorial@lawwiser.com
What Is Data Protection Compliance?
Data Protection Compliance is the requirement to adhere to laws governing data processing. Before GDPR, the EU was bound by the guidelines set out in Data Protection Directive 95/46/EC that ensure the privacy of individuals about their personal information and their free movement.
Besides GDPR, other data protection laws are important for your business. You should develop a comprehensive data security policy to protect your customers’ personal information.
It should be transparent about the purpose of collecting and using the data. The GDPR is a complicated regulation, and your company will need a dedicated compliance officer to meet these requirements.
The GDPR also applies to third-party vendors. In case you are working with any external partner, make sure they have an adequate security policy in place.
How has the Data Protection Law in India evolved?
In India, the Information Technology Act 2000 governs data. The act covers all IT activities and is designed to ensure privacy. It also imposes obligations on entities handling sensitive personal data and provides compensation in cases of harm. It is one of the most comprehensive laws governing personal data.
GDPR passed the way for data protection. The permission requirement for transferring data is similar to other countries but not as strict as in Singapore, Hong Kong, etc.
One of the most important elements of GDPR compliance is the principle of purpose limitation. This regulation binds companies to only personal process data for specified, legitimate purposes. It means that a company must make it clear to users why they are processing their information.
With the lockdown and pandemic, remote working has increased. Most organizations have data centers for a region.
Strictest compliance for the transfer of personal data:-
1. To seek express permission of individual/ employee/ client
2. Or transfer to a jurisdiction having similarly compliant law as the home jurisdiction
Compliance with GDPR in the Region (EU national’s data)
For EU nationals in another region, companies can comply with the data protection with express permission. Companies need to be compliant with local data protection laws.
Despite the complexity of the new laws, companies need to comply with them. There are numerous regulations for data processing, which can help ensure that your business stays compliant with data protection laws. It also helps to have a designated DPO team responsible for data protection and compliance, and some jurisdictions require the appointment of a DPO.
Methods of Compliance Followed by Different Companies
It is a three-step process:-
1. Study the data protection laws of the country operating.
2. What are the laws where the data center is located.
3. A comprehensive review of the internal process of data protection.
4. Penalties for non-compliance in India are not very strict compared to GDPR.
5. GDPR has high penalties for non-compliance
Bottom Line
While GDPR is not the only privacy law globally, it was the first and most comprehensive. It was designed to completely reflect the new digital age in how we manage our data. The GDPR requires that all companies follow strict data protection laws to avoid fines.
The GDPR is the most important legislation regulating data and preventing misuse. If your business is not up to the task, consider hiring a professional to care for your compliance needs.
Call us now!