Tightening the Rein on Usage of Personal Data

CIOReviewIndia Team | Friday, 06 December 2019, 12:14 IST

Tightening the Rein on Usage of Personal Data      Personal Data Protection Bill was approved by Union Cabinet on Wednesday (4th December 2019), in the presence of Prime Minister Narendra Modi. This bill was earlier introduced in the Parliament in September 2018 by group of people in the leadership of former Supreme Court judge B. N. Srikrishna. In an agreement with European Union’s General Data Protection Regulation, the government introduced draft on personal data protection bill to restrict the use of personal data by government and private companies. Currently there is no law on the use of personal data. The Supreme Court upheld the Right to Privacy considering Fundamental Right in the year 2017.

“We welcome the Cabinet’s decision to pass the bill on personal data protection. As a leading global provider of data protection solutions, Commvault foresees India to be at the epicentre of data protection and data management by 2025. With the exponential rise of smart devices and AI technologies, personal data will continue to remain vulnerable. The data protection bill will not only empower citizens to have command over where their data is stored but will also prevent malpractices of phishing and misuse of personal data,” says Ramesh Mamgai, Area Vice President, India and SAARC Region, Commvault.  

PDP Bill categorizes data into three categories i.e, Critical, Sensitive and General. Critical and Sensitive data can be stored only in India. However, sensitive data can be processed outside India with the permission of higher consent. Sensitive data include information related to -financial, health, transgender status, sexual orientation, biometric, religious or political beliefs. Critical data can be changed by government from time to time. This kind of data can only be processed and stored in India. Data other than critical or sensitive are stated as general data. It has no restriction on where it is stored or processed.  

Companies will be given some time to take action accordingly. Even then some of the agencies will have access to sensitive and personal data in the interest of national security for carrying out investigation of any crime. Violating this law, companies will have to compensate the amount of 5 Crore or 2 percent of company’s worldwide turnover in the case of data breach.

Don't Miss ( 1-5 of 25 )