Data Protection Bill explained in 8 easy points, Check here
What is Data protection bill? How different is the new data protection bill? These queries have been answered in this article
New Delhi: The Data protection bill is to allow the digital market to grow more responsibly in India while safeguarding citizens’ data.
The Bill envisages the creation of a Data Protection Board of India. In the event of a data breach, companies are mandated to promptly inform the Data Protection Board (DPB) and the affected users. Processing data of minors and individuals with guardians must be done only with the consent of guardians, according to the Bill.
Here is Data Protection Bill explained in 8 easy points:
- The Board has the authority to summon and examine individuals under oath, inspect documents of companies handling personal data, and recommend blocking access to intermediaries that repeatedly breach the Bill’s provisions.
- The Data Protection Bill will assess penalties based on the nature and severity of the breach, with potential fines of up to Rs 250 crore for instances of data breaches, failure to protect personal data, or failure to inform the Board and users of a breach.
- The Bill will apply to the processing of digital personal data within India where such data is collected online, or collected offline and is digitised. It will also apply to such processing outside the country, if it is for offering goods or services in India.
- Personal data may be processed only for a lawful purpose upon consent of an individual. Consent may not be required for specified legitimate uses such as voluntary sharing of data by the individual or processing by the state for permits, licences, benefits, and services.
- Data fiduciaries will be obligated to maintain the accuracy of data, keep data secure, and delete data once its purpose has been met.
- The Bill grants certain rights to individuals, including the right to obtain information, seek correction and erasure, and grievance redressal.
- The Centre may exempt government agencies from the application of provisions of the Bill in the interest of specified grounds such as security of the state, public order, and prevention of offences.
- Companies are required to appoint a Data Protection Officer and share their contact details with the users.