Menu
………………………….
Right to Privacy has been the integral right to every citizen of India given under the Constitution of India. Personal data has been the most sought-after data in recent years. The personal data such as our names, contact details, email ID, address etc. that we share on various platforms and applications are the confidential information that the respective platforms and applications should keep secured, however, in absence of any strict law, such data is being used or shared with other processors for various unwarranted reasons.
“Have you ever got a call from a Credit Card Service Provider or Loan Facilitator or Person impersonating as a Banker offering you Loan or Credit Card etc” If yes, then please be aware that your Personal Data has been leaked / Sold / Shared Without Your Consent by someone with whom you had shared such data consciously.
India had introduced Information Technology Act in Year 2000 which laid down foundation guidelines for Information Technology, Security Procedures, Data Sharing, Data Storage etc. With the advancement of technology usage in everyone’s day-today lives, there came the need for having a separate law which should specifically deal with the Personal Data and its related controls one should exercise
The Digital Personal Data Protection Act, 2023 has its roots from way back in Year 2019, when the first Draft Bill was introduced in Rajya Sabha. The same went into various discussions and iterations and later on re-introduced as Digital Personal Data Protection Bill 2022 which became the Law on 11th August 2023 after having assent of Honorable President of India.
The Digital Personal Data Protection Act, 2023 deals with various Personal Data related aspects which needs to be taken care of by the Data Fiduciary (One who is taking Personal Data from Individuals) or Data Processors (One who is processing Personal Data on behalf of Data Fiduciary).
The situation of sharing and processing of Personal Data is explained through an example below –
Mr. A (Individual) wants to create his account on an e-commerce website named XYZ Fashions (owned by company XYZ Pvt Ltd). For creating the account, the application asks Mr. A, his name, phone number, email, residential address.
XYZ Fashions creates the account of Mr. A in the application based on the information shared by him.
In the above transaction, following are the important guidelines under the Digital Personal Data Protection Act, 2023:
Hefty Penalties upto Rs. 250 Crore have been laid down for non-compliance with the Provisions of this Act, thus, it is imperative for the Data Fiduciaries to implement the required control procedures and ensure compliance with the Act at all times.
This act is to be read and understood not only by Data Fiduciaries, but also by Data Principals. Data Principals should be aware about their Rights and Duties while sharing their Personal Data with anyone. Also, there are provisions through which Data Principals can withdraw their Consent or Request to Erase their Personal Data held by Data Fiduciaries.
For more details: https://www.linkedin.com/1-Comply
Disclaimer: The information contained in this Article is intended solely for personal non-commercial use of the user who accepts full responsibility of its use. The information in the article is general in nature and should not be considered to be legal, tax, accounting, consulting or any other professional advice. We make no representation or warranty of any kind, express or implied regarding the accuracy, adequacy, reliability or completeness of any information on our page/article.