Digital Data Protection Bill: Check top 6 principles

Digital Personal Data Protection Bill frames out the rights and duties of the citizen on one hand and the Obligations to use collected data lawfully.

The Digital Data Protection Bill, which the Central government is working on, is likely to be introduced in the upcoming Budget Session of 2023-24.

The Bill is currently in its draft stage and has been placed in the public domain for consultation.

The Digital Personal Data Protection Bill is legislation that frames out the rights and duties of the citizen (Digital Nagrik) on one hand and the Obligations to use collected data lawfully of the Data Fiduciary on the other hand. The bill is based on the following principles around the Data Economy:

The first principle is that the collection and usage of personal data by organisations must be done in a manner that is lawful, protect the data of the individuals concerned and is transparent to individuals.

The second principle of Purpose and Storage limitation is that the personal data is used only for the purposes for which it was collected and only stored for the duration as is necessary for the purpose that it was collected.

The third principle of data minimisation is that only collection of data will be limited to only those personnel that is required for the purpose specified. The fourth principle is Data protection and Accountability is that the responsibility of processing the data is with the person who collects the Data and the Data collected will be stored in a secure manner with no unauthorised use of the data or personal data breach.

The fifth principle is Personal data collected will be stored in an accurate manner. Reasonable effort is being made to ensure that the personal data of the individual is accurate and kept up to date. That the individual will have the right to inspect his/her data and/or delete/modify it as required.

The sixth principle is mandatory reporting of breaches and fair, transparent and equitable adjudication of breaches of Fiduciary obligations by a Data Protection Board.

These principles have been used as the basis for personal data protection laws in various jurisdictions. The actual implementation of such laws has allowed the emergence of a more nuanced understanding of personal data protection wherein individual rights, public interest and Ease of doing business, especially for startups are balanced.

In the Monsoon Session of Parliament on August 3, 2022, the Union government had withdrawn the Data Protection Bill with the aim of bringing a comprehensive legislature. Union Telecom and IT minister Ashwini Vaishnaw had said that the joint parliamentary committee which went through the original draft suggested 88 amendments to a bill of 91 sections, which led the government to decide that there was “no option” but to withdraw the original Bill completely.

In November, the government brought another draft of the Digital Data Protection Bill and put it for public consultation.

Presently, there are over 76 crores (760 million) active internet users (Digital Nagriks) and over the next coming years this is expected to touch 120 crores (1.2 Billion).

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *