The right to privacy is a fundamental right in India and the MeitY (Ministry of Electronics and Information Technology) has recently issued a press release to define and explain the Digital Personal Data Protection Bill (DPDP Bill).
This bill was introduced to safeguard personal data, promote privacy, and empower individuals. So, in this blog, we will talk about all the features of this DPDP Bill 2023.
The Digital Personal Data Protection Bill (DPDP) is a legislative proposal and an Act of Parliament of India that manages personal data. This bill aims to protect individuals’ privacy by establishing rules and responsibilities for data fiduciaries, ensuring consent-based data processing.
Moreover, the bill has also introduced a Data Protection Board (DPB) to oversee compliance and impose penalties for data breaches and non-compliance.
The bill offers several features that aim to protect personal data and enhance privacy in the digital age. Here are the key features of DPDB:
The DPDP Bill is all about protecting your personal data, especially online. If a company from another country is offering services to people in India and collects data, this law applies to them too. But, if you’re using your personal data for private or home reasons, or if you have made it public due to any reason, this law doesn’t count.
Companies can use your data for things that are allowed by law, as long as they ask for your permission. They have to explain what they’ll do with your data and what rights you have.
One of the features of the bill is that the Digital Personal Data Protection Bill respects the rights of people whose data are being used. These people have rights to data principles, and they can see their data, fix mistakes, delete their data, and more. The companies or people using this data (Data Fiduciaries) must follow these rules while keeping the data safe and accurate.
The bill has introduced the concept of user consent. This means that your data can be accessed only with your permission, that too for legitimate purposes.
The bill also ordered the data fiduciaries to issue a notification to users before accessing their data or seeking consent. Moreover, the companies can only ask for data for lawful purposes. Users have the right to withdraw or deny their consent at any point in time.
The Bill also launched a Data Protection Board (DPB) in response to the need for a separate entity to handle personal data. The DPB will monitor and track the use of personal data and take immediate action in any data breach incident. Moreover, they can impose penalties and take legal action against non-compliant fiduciaries.
Data Fiduciaries are organizations or companies that are responsible for managing personal information. The bill states that they must follow certain rules to protect individuals’ personal data. They need to get clear permission from individuals, explain why they are collecting the data, make sure the information is accurate, keep it safe, and follow the data protection laws. These guidelines help keep people’s information private and make sure data is used in a fair and open way.
Moreover, data Fiduciaries must use strong security measures to protect data and inform people if there’s a data breach and they should delete personal data when it’s no longer needed.
Cross-border personal data transfer means moving someone’s personal information from one country to another. It involves dealing with different laws, rules, and security measures to keep the data safe and in line with privacy laws as it goes from one place to another.
The Central Government can set rules on how and where this data is stored when it’s sent across borders. This helps keep people’s data safe no matter where it goes.
The DPDP Bill has the right to impose fines for not following the rules. If Data Fiduciaries fail to protect data properly and there’s a breach, they could be fined up to Rs 250 Crores.
Moreover, if any entity hides the information about the breach, or does not follow rules for children’s data, they could be fined up to Rs 200 Crores. Here’s an image of a total breakdown of fees:
The Digital Personal Data Protection Bill is like a guard that prevents your personal information from theft on the internet in India. It tells who is responsible for data, when and how they can use it, and what happens if they don’t follow the rules. This law will give you more control over your data and make sure that companies are careful with it.
Profitability lies at the heart of any and every commercial venture. Without it, it is… Read More
Booking confirmation vouchers are the unsung heroes of travel planning. Like Wi-Fi, they’re invisible when… Read More
Homeopathy has consistently proven to be an effective alternative, especially when conventional treatments fall short.… Read More
In the age of digital disruption, 89% of enterprises rely on multi-cloud strategies to stay… Read More
Filing GST returns often seems like trying to solve Rubik's Cube, and that too… Read More
Compliance with taxes is like shadow-chasing game. Chartered accountants are always under stress. It… Read More
