CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022

admin by admin
November 19, 2022
in Information Security


The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018.

The Digital Personal Data Protection Bill, 2022, as it’s called, aims to secure personal data, while also seeking users’ consent in what the draft claims is “clear and plain language” describing the exact kinds of information that will be collected and for what purpose.

The draft is open for public consultation until December 17, 2022.

India has over 760 million active internet users, necessitating that data generated and used by online platforms are subject to privacy rules to prevent abuse and increase accountability and trust.

“The Bill will establish the comprehensive legal framework governing digital personal data protection in India,” the government said. “The Bill provides for the processing of digital personal data in a manner that recognizes the right of individuals to protect their personal data, societal rights and the need to process personal data for lawful purposes.”

The legislation, in its current form, requires companies (i.e., data processors) to follow sufficient security safeguards to protect user information, alert users in the event of a data breach, and stop retaining users’ data should individuals opt to delete their accounts.

“The storage should be limited to such duration as is necessary for the stated purpose for which personal data was collected,” an explanatory note released by India’s Ministry of Electronics and Information Technology (MeitY) reads.

A failure to take steps to prevent data breaches can incur companies a financial penalty of up to ₹250 crores ($30.6 million). So does a failure on the part of entities to notify users of the breach, effectively taking the total fines to ₹500 crores ($61.3 million).

Users of internet services, for their part, can request companies to share the categories of personal data that have been given out to other third parties, not to mention ask for their data to be erased or updated in cases where such information is deemed “inaccurate or misleading.”

Furthermore, the draft imposes data minimization requirements as well as additional guardrails companies have to adopt in order to prevent unauthorized collection or processing of personal data.

What’s also notable is that the legislation no longer mandates data localization, allowing tech giants to transfer personal data outside of Indian geographical borders to specific countries and territories.

Lastly, the new measure seeks to establish a Data Protection Board, a government-appointed body that will oversee the core of compliance efforts.

That said, the central (aka federal) government is exempted from the provisions of the act “in the interests of sovereignty and integrity of India, security of the State, friendly relations with foreign States, maintenance of public order or preventing incitement to any cognizable offense relating to any of these.”

These vague clauses, in the absence of any data protection mechanism, could grant the government broad powers and effectively facilitate mass surveillance.

“This would give the notified government instrumentalities immunity from the application of the law, which could result in immense violations of citizen privacy,” the Internet Freedom Foundation (IFF) said. “This is because these standards are excessively vague and broad, therefore open to misinterpretation and misuse.”

The latest development comes after a previous version of the law, introduced in December 2021, was rescinded in August 2022 following dozens of amendments and recommendations.

Data protection legislation has been in the works since 2017, when the Supreme Court unanimously reaffirmed the right to privacy as a fundamental right under the Constitution of India, a landmark verdict that was passed following a petition filed by retired High Court Judge K. S. Puttaswamy in 2012.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Considerations for security operations in the cloud

Next Post

Initiateframeworkapproach ~ Future of CIO

Related Posts

Information Security

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

by admin
March 24, 2023
Information Security

Automate the deployment of an NGINX web service using Amazon ECS with TLS offload in CloudHSM

by admin
March 24, 2023
Information Security

AV-Comparatives Anti-Phishing Test | Avast

by admin
March 24, 2023
Information Security

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

by admin
March 23, 2023
Information Security

New Instagram scam uses fake SHEIN gift cards as lure

by admin
March 23, 2023
Next Post

Initiateframeworkapproach ~ Future of CIO

Recommended

Illuminatesilience

March 25, 2023

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

March 24, 2023

Automate the deployment of an NGINX web service using Amazon ECS with TLS offload in CloudHSM

March 24, 2023

AV-Comparatives Anti-Phishing Test | Avast

March 24, 2023

Innateniche

March 24, 2023

The Importance of Sustainable Technology

March 23, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.