Personal Data Protection Bill

Digital Personal Data Protection Law Expected to Be Implemented Within 10 Months: IT Minister

The government is expecting to implement the Digital Personal Data Protection law within 10 months, Union IT Minister Ashwini Vaishnaw said on Wednesday.

The Rajya Sabha on Wednesday passed the Digital Personal Data Protection Bill 2023 with a voice vote amid a walkout by opposition members over the Manipur issue. The Bill, which comes after six years of the Supreme Court declaring ‘Right to Privacy’ as a fundamental right, has provisions to curb the misuse of individuals’ data by online platforms.

“We have started work on implementation. This kind of legislation will require a 6-10 month kind of frame. We will take every step with proper checks and balances. It is a guesstimate. We might do it faster than that,” Vaishnaw said.

Elaborating on the principles, he said the data collected by the citizens should be used as per the law, only for the purpose for which it has been collected and the quantum of data should be limited to the requirement.

Vaishnaw said citizens will have the right to correct their data and it should be stored with entities till the time it is required and protected by putting in place reasonable safeguards.

“The provisions of the bill will apply to data of Indian citizens stored overseas as well. Any person in India, even foreign nationals will get protection under the bill,” he said.

Addressing concerns around changes in the Right to Information Act, he said the Puttaswamy judgement has made the Right to Privacy a fundamental right. Therefore, any personal data can be published only through a legally approved process and in no other form personal information can be shared in any public forum.

During the discussion, YSR Congress Party member V Vijayasai Reddy raised the issue of telephone tapping through software.

Vaishnaw said that phone tapping is not an issue under the DPDP 2023 and it will be covered under the Indian Telecommunication Bill and Digital India Act.

The minister said an independent Data Protection Board (DPB) will be created, which is “digital by design”, and will provide similar access to justice to people across the country in the same way as privileged people in cities like Delhi and Mumbai.

Vaishnaw said that the subject of data privacy comes under the Centre and the bill will evolve over a period of time.

When asked if there will be a state-level DPB, the minister said that bodies like DPB are created at the Union level to check misuse of jurisdiction by rule violators.

AIADMK M Thambidurai had raised the issue of the medical data of politicians getting reported in the media and it should be protected as personal data.

Vaishnaw said that the DPDP 2023 will not overwrite sectoral rules and rules for media will be as per existing related laws.

“However, the healthcare department should not leak someone’s personal data without proper consent,” he said.

He also slammed the opposition for not participating in the discussion over the bill.

“Opposition has no interest in the rights of 140 crore people. They should have also participated and joined everyone in passing the bill,” Vaishnaw said.

Samsung launched the Galaxy Z Fold 5 and Galaxy Z Flip 5 alongside the Galaxy Tab S9 series and Galaxy Watch 6 series at its first Galaxy Unpacked event in South Korea. We discuss the company’s new devices and more on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated – see our ethics statement for details.

Check out our Latest News and Follow us at Facebook

Original Source

New Data Privacy Bill Will Be Ready Soon, Nirmala Sitharaman Reportedly Confirms

India will get a new data privacy bill “soon”, Finance Minister Nirmala Sitharaman confirmed on Wednesday. The Information Technology minister Ashwini Vaishnaw is working on it, said the minister, adding that the new Bill would address every such concern most of the people had on the privacy Bill. Last month, the government withdrew the controversial Personal Data Protection Bill announcing it was working on a new comprehensive law. The 2019 Bill proposed stringent regulations on cross-border data flows and suggested giving the government powers to seek user data from companies.

As per a report by PTI, Sitharaman made remarks about the introduction of new data privacy bill today while speaking at the India Ideas Summit organised by the US-India Business Council.

“We will soon have a new Data Privacy Bill, which will be a product of consultations and will address every such concern most of us had on the privacy Bill,” she reportedly said.

The Personal Data Protection Bill 2019 was withdrawn by the government in August after parliamentary panel’s review of the 2019 bill suggested many amendments. The Union Minister of Electronics and Information Technology Ashwini Vaishnaw had earlier said that the joint committee have recommended 81 amendments in a Bill of 99 sections. There are said to be over 12 more recommendations and a new bill would be presented that would fit into the comprehensive legal framework.

The Bill had raised concerns among big technology companies such as Facebook and Google that it could increase their compliance burden and data storage requirements.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Samsung Galaxy Watch5 and Galaxy Watch5 Pro Are Here to Woo Both Fitness Experts & Adventure Seekers

Check out our Latest News and Follow us at Facebook

Original Source

Indian Railways Said to Consider Withdrawing Tender for Consultant to Monetise Customer Data

The Indian Railways has floated a tender to hire a consultant to monetise its passenger and freight customer data with the aim to generate revenue up to Rs 1,000 crore, but sources told PTI it may be withdrawn amid concerns over privacy issues. While many on social media, including advocacy groups have raised concerns over violation of data privacy issues, government sources have clarified that the consultant would advise the Indian Railway Catering and Tourism Corporation (IRCTC) on steps to improve its existing business and plan strategies to monetise future opportunities.

While the Indian Railways has not officially commented on the tender, highly placed sources told PTI it will be withdrawn “considering the fact that the Data Protection Bill has not been finalised”.

According to the tender document, the data to be studied will include information captured by the transporter’s various public facing applications such as “name, age, mobile number, gender, address, e-mail ID, class of journey, payment mode, login or password” and other details.

The IRCTC has more than 10 crore users, of which 7.5 crore are active users.

The document also stated that the consultant, once finalised, will be provided the details of applications and the data collected thereon for conducting the study for ‘Monetization of Digital Data of Indian Railways’.

The consultant shall study the data of passenger, freight and parcel businesses of the Indian Railways such as PRS, NGeT, NTES, UTS, Rail Madad, FOIS, TMS, e-CRM, and PMS, as well as vendor-related data from applications like IREPS, VMS and IPAS.

The document titled ‘The Scope of Work for Project A: For study of Monetization of Digital Data of Indian Railways(IR)’ said the consultant would also be provided access to the digital data systems which generate behavioural data such as flow of passengers, class of journey, frequency of journey, travel time, booking time, age group and gender, payment mode, number of destinations and booking modes.

The objective of the exercise, it said, is for the IRCTC to leverage its data assets and market position to drive strong growth in revenues. This can be achieved by improving customer experience, expanding the portfolio of products being offered to the customers and/or developing new business lines and partnerships, the document stated.

“IRCTC envisages a revenue generation potential of Rs 1,000 crore through Monetization of its Digital Assets. IRCTC wishes to engage a consulting firm to help in identification, design, and development and roll-out of data monetization opportunities,” it said.

While the Railways is yet to officially respond, sources close to the development said the IRCTC does not “sell its data and neither has any intention to do so”. They said the consultant is being hired to advise the IRCTC on steps to improve its existing business and plan out strategies to monetise future businesses. It will also focus on how the IRCTC could adopt new business opportunities.

“IRCTC will also develop new businesses on its own platform and will need assistance from market leaders. IRCTC does not store any financial data of its customers at its end, as at the time of online payment for its various services, control is passed on to the respective payment gateway or bank for the payment,” the sources said.

The document also said that the consultant will study various Acts or laws, including the IT Act, 2000 and its amendments, user data privacy laws, including the General Data Protection Regulation and the current ‘Personal Data Protection Bill, 2018’, and accordingly, propose the business models for monetisation of digital assets.

The consultant would also prepare a roadmap for data monetisation of the digital data collected at various customer-facing and vendor-related applications which include zonal railways, divisions, and other units like CRIS, and PSUs like IRCTC and Railtel.

Tasks listed for the appointed consultant include segregation of monetisable data sets, identification of market potential internationally, and preparation of a roadmap for data monetisation of the digital data.

Internet Freedom Foundation, a Delhi-based non-governmental organisation advocating digital rights and liberties, has raised concerns over the tender and outlined its pitfalls in a series of tweets.

“Hey train travellers, your data will soon be monetised by the govt. and that too, in the absence of a data protection legislation! …A profit maximisation goal will result in greater incentives for data collection, violating principles of data minimisation & purpose limitation. Past experiences from the misuse of Vahan database amplify fears of mass surveillance & security risks,” it said.

“IRCTC, a government-controlled monopoly, must not prioritise perverse commercial interests over the rights and interests of citizens. And given the recent withdrawal of the Data Protection Bill, 2021, such monetisation becomes even more concerning,” the NGO added.

Check out our Latest News and Follow us at Facebook

Original Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.