SlideShare a Scribd company logo

DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx

Download as PPTX, PDF
Vijay Dalmia
Vijay Dalmia

The Digital Personal Data Protection Act, 2023 (DPDP Act) is a significant development in Indian data protection. Here's a concise overview: **Personal Data and Processing:** - "Personal data" under DPDP Act refers to any data identifying an individual. - "Processing" includes various operations, like collection and storage. **Data Fiduciary and Data Processor:** - "Data Fiduciary" determines data processing purposes. - "Data Processor" processes data on behalf of a Data Fiduciary. **Coverage:** - DPDP Act covers those processing personal data, excluding personal or domestic purposes. **Applicability:** - Applies when processing occurs within or outside India related to offering goods/services within India. **Permitted Processing:** - Personal data can be processed with consent or under legitimate uses outlined in DPDP Act. **Consent:** - Consent should be clear, informed, and obtained through affirmative action. **Notice:** - A notice is mandatory before collecting personal data. - Fresh notice required if processing begins before DPDP Act commencement. **Data Fiduciary Obligations:** - Appoint Data Processor via valid contract. - Ensure data completeness, accuracy, and security. - Erase data when purpose is fulfilled. - Implement technical and security measures. - Report breaches to Data Protection Board. - Establish grievance redressal mechanism. - Publish contact information of Data Protection Officer. **Significant Data Fiduciary:** - Conduct periodic data protection impact assessments. - Appoint Data Protection Officer and independent data auditor. **Data Protection Board:** - An enforcement body established by the Central Government. - Appeals go to Telecom Disputes Settlement and Appellate Tribunal. **Consent Manager:** - Facilitates consent management through an accessible platform. - Registered with Data Protection Board. **Data Principal Rights:** - Right to access personal data. - Right to correction, erasure, and grievance redressal. - Right to nominate and withdraw consent. **Cross-Border Data Transfers:** - Generally allowed, but Central Government can restrict specific countries/territories. **Penalties:** - Non-compliance may result in penalties up to INR 250 Crores (approx. US$ 3,01,00,000). **Compliance Timeframe:** - No specific timeframe provided; companies should proactively prepare for DPDP Act compliance. This summary provides a concise overview of the DPDP Act's key provisions and obligations.

Law
1 of 23
THE (INDIAN) DIGITAL PERSONAL DATA PROTECTION ACT, 2023 By Vijay Pal Dalmia, Advocate Supreme Court of India & Delhi High Court Email id: vpdalmia@gmail.com Mobile No.: +91 9810081079 LinkedIn: https://www.linkedin.com/in/vpdalmia/ Facebook: https://www.facebook.com/vpdalmia X (Twitter): @vpdalmia
NEED FOR THE DPDP ACT, 2023 01 02 03 04 05 RECOGNITION OF ‘RIGHT TO PRIVACY’ To confer rights on individuals to protect their personal data and place duties on the entities that processes these personal data and to strikes an important balance in protecting users’ rights and promoting innovation in digital businesses. CONFERRING RIGHTS AND DUTIES PROTECTION AND SECURITY To penalise the parties in case of unlawful processing of personal data. IMPOSING PENALTIES Digital transactions have transformed economics as well as social interactions and use of personal data is a common aspect of such transactions. Therefore, protection of personal data has become a need as well as a pre- requisite for the growth of digital economy. GROWTH OF ECONOMY Need for protection and security of personal data of users and to process data for lawful purpose. In the case of Justice K S Puttaswamy (Retd.) & Anr. v. Union of India and Ors., (2017) 10 SCC 1, the Supreme Court recognized the right to privacy as a facet of Article 21 of the Constitution of India, i.e., Protection of Life and Personal Liberty, a Fundamental Right.
DATA FIDUCIARY DATA PRINCIPAL DATA PROCESSOR CONSENT MANAGER DATA PROTECTION OFFICER SIGNIFICANT DATA FIDUCIARY KEY TERMS IN THE DPDP ACT
“Data Fiduciary means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data”. Personal Data means any data about an individual who is identifiable by or in relation to such data. DATA FIDUCIARY [S. 2(i)] DATA FIDUCIARY [S. 2(i)] 6 5 3 2 1 4
“Data Processor means any person who processes personal data on behalf of a Data Fiduciary.” 6 5 3 1 DATA PROCESSOR [S. 2(K)] 4 2
“Data Principal means the individual to whom the personal data relates and where such individual is— (i) a child, includes the parents or lawful guardian of such a child; (ii) a person with disability, includes her lawful guardian, acting on her behalf.” 6 5 2 1 DATA PRINCIPAL [S. 2(j)] 4 3
6 5 4 3 2 1 “Significant Data Fiduciary means any Data Fiduciary or class of Data Fiduciaries as may be notified by the Central Government under section 10.” Significant Data Fiduciary has the additional obligations to appoint Data Protection Officer,, Independent Data Auditor and conduct periodic Data Protection Impact Assessment. 04 SIGNIFICANT DATA FIDUCIARY [S.2(z)]
6 3 2 1 CONSENT MANAGER [S. 2(g)] “Consent Manager means a person registered with the Board, who acts as a single point of contact to enable a Data Principal to give, manage, review and withdraw her consent through an accessible, transparent and interoperable platform.” The role of Consent Manager is to facilitate the Data Principal by managing their consent and is accountable to Data Principal. 4 5
5 3 2 1 DATA PROTECTION OFFICER [S. 2(l) “Data Protection Officer means an individual appointed by the Significant Data Fiduciary under clause (a) of sub-section (2) of section 10.” The Data Protection officer • shall represent the Significant Data Fiduciary • must be based in India • shall be the point of contact for the grievance redressal mechanism 4 6
 The DPDP Act contemplates the establishment of a Data Protection Board, as an enforcement body, by the Central Government. Civil courts are barred from entertaining suits or proceedings for any matter in respect of which the Board is empowered.  Under the DPDP Act, the Data Protection Board has the following powers: 1. To direct any urgent remedial or mitigation measures on receipt of intimation regarding a personal data breach 2. To inquire into such breach 3. Impose penalties for non-compliances 4. Inspect any document 5. Summon and enforce attendance of any person etc.  Appeal can be filed against the order of DPB before Appellate Tribunal within 60 days DPB Telecom Disputes Settlement and Appellate Tribunal Supreme court DATA PROTECTION BOARD OF INDIA
APPLICATION OF THE DPDP ACT S. 3(a) & 3(b) NON-APPLICABILITY OF THE DPDP ACT S. 3(c)  Processing of Personal Digital Data within territory of India, where data collected is in digital form OR in physical form BUT subsequently digitized.  Processing of Personal Digital Data outside the territory of India, if such processing is being done to offer goods or services to Data Principal within the territory of India.  Processing of Personal Data by an individual ONLY for personal or domestic use.  Where the personal data is publicized by the Data Principal himself OR any other person who is under obligation under law to made such personal data publicly available.
GROUNDS FOR PROCESSING DATA Section 4 of the DPDP Act states that a person i.e., a Data Fiduciary can process data of a Data Principal only for a lawful purpose-  for which the Data Principal has given her consent; or  for certain legitimate uses. CONCEPT OF ‘NOTICE Illustration: X, an individual, opens a bank account using the mobile app or website of Y, a bank. To complete the Know-Your-Customer requirements under law for opening of bank account, X opts for processing of her personal data by Y in a live, video-based customer identification process. Y shall accompany or precede the request for the personal data with notice to X, describing the personal data and the purpose of its processing. Consent has to be accompanied by NOTICE under Section 5, informing the Data Principal about the personal data which is to be processed and the purpose of such processing. The Notice should also contain about the information about the right of withdrawing consent and grievance redressal available to Data Principal and the manner in which the complaint can be made to the Board. PROVISIONS OF CHAPTER II
 The DPDP Act under Section 6 provides for free, specific, informed, unambiguous and unconditional CONSENT to be taken by the Data Fiduciary of the Data Principal before processing personal digital data .  Consent taken for a specified purpose needs to be utilized for that purpose ONLY. Illustration: X, an individual, downloads Y, a telemedicine app. Y requests the consent of X for the processing of her personal data for making available telemedicine services, and accessing her mobile phone contact list, and X signifies her consent to both. Since phone contact list is not necessary for making available telemedicine services, her consent shall be limited to the processing of her personal data for making available telemedicine services  Request for consent should- a) Be presented to Data Principal in clear and plain language. b) Contain option to access such request in any language. c) Provide for contact details of Data Protection Officer or any other person authorized by Data Fiduciary to respond to communication of Data Principal in order to able him to exercise his rights. CONSENT PROVISIONS
o Where the consent of the Data Principal has been obtained prior to the commencement of the DPDP Act for processing of her personal data, the Data Fiduciary shall, as soon as it is reasonably practicable, give to the Data Principal a fresh NOTICE. o Data Fiduciary may continue to process the personal data until and unless the Data Principal withdraws her consent. WITHDRAWAL OF CONSENT o Availability of ‘Right to withdraw consent’ with the Data Principal. o However, withdrawal of consent shall NOT affect the legality of processing of the personal data based on such consent before such withdrawal. o Data Fiduciary shall CEASE and cause its Data Processors to CEASE PROCESSING of such personal data. • UNLESS, such processing is necessary according to some provision of law which is for time being is in force. ISSUANCE OF FRESH NOTICE WHERE CONSENT IS OBTAINED PRIOR TO THE COMMENCEMENT OF DPDP ACT
The some of the legitimate uses provided in the DPDP Act are as under: A. VOLUNTARY PROVISION OF DATA If the users voluntarily provide their personal data to the Data Fiduciary for a specified purpose and has not indicated to the Data Fiduciary that they do not consent to the use of their personal data. B. FOR STATE TO PROVIDE ANY BENEFIT/SUBSIDY TO THE DATA PRINCIPAL For the State or its agencies to perform any function under any law or in the interest of sovereignty and integrity of India or security of the State; or to provide any subsidy, service, benefit, certificate, license, or permit to the Data Principal, where Data Principal has previously consented, or such personal data is already available to the government in digital or non-digital form and is notified by the Central Government. C. FOR FULFILING OBLIGATIONS UNDER THE LAW D. FOR COMPLIANCE OF COURT ORDERS E. DURING THE MEDICAL EMERGENCIES F. DURING THE SPREAD OF EPIDEMIC G. DURING THE DISASTERS H. FOR EMPLOYMENT PURPOSES I. FOR SAFEGUARDING THE EMPLOYER FROM LOSS OR LIABILITY CERTAIN LEGITIMATE USES
GENERAL OBLIGATIONS OF DATA FIDUCIARY • Appointment of Data Processor to process personal data of the Data Principal on his behalf only under a valid contract. • Ensure completeness, accuracy and consistency of the personal data where the data processing is likely to be used to make a decision that affects the Data Principal or disclosed to another Data Fiduciary. • Erase or cause to erase personal data as soon as the purpose has been met and retention is not necessary for legal purposes. • To implement appropriate technical and organizational measures for proper observance of the provisions. • To build reasonable security safeguards to prevent a data breach to protect the personal data in its possession. • Inform the Data Protection Board of India and affected persons in the event of a breach • To establish an effective mechanism for redressal of the grievances. • Publish contact information of Data Protection Officer or any other person acting on behalf of Data Fiduciary.
PROCESSING OF CHILDREN’S PERSONAL DATA • A ‘Child’ has been defined under S. 2(f) as an individual who has not yet completed the age of 18 years. • A Data Fiduciary, before processing any personal data of a ‘child’ or a person with disabilities MUST OBTAIN VERIFIABLE CONSENT of the parent of the child or of the lawful guardian, as the case may be. NOT ALLOWED a) NO processing of personal data which can have DETRIMENTAL EFFECT on the well-being of the child. b) Not to engage in targeted advertising, tracking or behavioral monitoring. EXMEPTION a) If the government is satisfied that a Data Fiduciary has ensured that the processing of personal data of children is done in a manner that is “verifiably safe”, then the government can exempt the fiduciary.
RIGHTS AND DUTIES OF DATA PRINCIPALS [Chapter III] 1. Right to access information about personal data (S. 11) • Right to get summary of personal data which is processed by the data fiduciary and processing activities undertake by such Data Fiduciary. • Right to receive identities of all other Data Fiduciaries and Data Processors with whom the personal data has been shared and any other information. 2. Right to correction, completion, updating and erasure of personal data (S. 12) 3. Right of grievance redressal • Through Data Fiduciary or Consent Manager • The user can escalate their grievance to the Data Protection Board only after exhausting their options with the Data Fiduciary or Consent Manager first. 4. Right to Nominate • In case of his death or personal incapacity to exercise his right of being a Data Principal. 5. Right to withdraw consent Duties of a Data Principal includes: complying with the present provisions and other applicable laws, not to register a false and frivolous complaint, not to suppress material information while providing personal data, to furnish only verifiable information, etc.
CROSS BORDER DATA TRANSFERS • The DPDP Act allows for the cross border transfers of personal data, for processing, by the Data Fiduciaries. However, under Section 16 of the DPDP Act, Central Government can restrict the countries or territories outside India to which the data can be transferred. • As per Section 17 of the DPDP Act, provisions of Chapter II, except sub sections (1) and (5) of Section 8, Chapter III and Section 16 of the DPDP Act will NOT apply for processing of personal data (i.e., exemptions):  For enforcement of legal right or claim  When processing is to be done by any court/tribunal for the performance of any judicial or quasi judicial or supervisory or regulatory function.  For prevention, detection, investigation or prosecution of any offence, etc.  When personal data of Data Principals who are not within the territory of India processed outside India under any contract.  When processing is required for scheme of compromise or arrangement or merger or amalgamation, approved by Court or Tribunal.  For ascertaining the financial information of a person who has defaulted in payment to financial institution EXEMPTIONS PROVIDED UNDER DPDP ACT
OTHER EXEMPTIONS UNDER S. 17(2) & 17(3) OF DPDP ACT  Central Government has the power to exempt any instrumentality of the State, under S. 17(2), from the application of the present law via notification, in the interest of sovereignty and integrity of India, security of the State, friendly relations with foreign States, maintenance of public order or preventing incitement to any cognizable offence relating to any of these, and the processing by Central Government of such personal data furnished to it by the aforesaid instrumentality.  The processing of personal data is also exempted from the application of the present law which is necessary for research, archiving or statistical purposes if the personal data is not to be used to take any decision specific to a Data Principal and such processing is carried on in accordance with standards as may be prescribed.  Having regard to the volume and nature of personal data processed, the Central Government may also notify certain Data Fiduciaries or classes of Data Fiduciaries, including start-ups, as exempt from certain provisions of the law.  Within 5 years from the date of enactment of DPDP Act, the Central Government may notify any provision that will not apply to certain Data Fiduciaries or classes of Data Fiduciaries for a specified period.
PENALTIES • Depending on the nature and significance of contravention, monetary penalties up to INR 250 crores may be levied by the DPB on the conclusion of an inquiry and after giving an opportunity of being heard to the defaulting person. • Several factors shall be taken into account to determine the quantum of penalties including – nature, gravity and duration of breach, type of personal data affected, repetitive nature of breach, mitigation measures, impact of the imposition of monetary penalty, etc. • Penalty up to INR 10000 can be imposed on Data Principal for breach of the duties. • Under the DPDP Act, there is no provision to compensate the affected person as provided under Section 43 A of the Information Technology Act, 2000. • All sums realized by way of penalties shall be credited to the Consolidated Fund of India.
AMENDMENTS AFTER THE ENACTMENT OF THE DPDP ACT, 2023 According to S. 38(2) of the DPDP Act, “in the event of any conflict between a provision of this law and a provision of any other law for the time being in force, the provision of this law shall prevail to the extent of such conflict.” The DPDP Act omitted the following provisions of the Information Technology Act, 2000 after its enactment [S. 44(2)] :- • Section 43A: The said section provides for the compensation for failure to protect sensitive personal data of information. • Section 87(2)(ob): Under the said section, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 were framed. The above Sections of the Information Technology Act, 2000 and IT Rules, 2011 governed the legal framework of data laws in India will be replaced by DPDP Act once the provisions are notified.
For any specific query, please contact: Vijay Pal Dalmia, Advocate Supreme Court of India & Delhi High Court Email id: vpdalmia@gmail.com Mobile No.: +91 9810081079 LinkedIn: https://www.linkedin.com/in/vpdalmia/ Facebook: https://www.facebook.com/vpdalmia X (Twitter): @vpdalmia DISCLAIMER: The content of this presentation is intended to provide a general guide on the subject matter. Vaish Associates Advocates assume no responsibility for any errors which may inadvertently appear. The presentation is circulated with the understanding that the author/ publisher is not rendering any legal or professional advice or opinions on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use. © 2023, jurisnode.com, All rights reserved

Recommended

PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
India's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadIndia's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadEquiCorp Associates
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in MalaysiaMSC Malaysia Cybercentre @ Bangsar South City
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdfDaviesParker
 
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDaviesParker
 
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdfOverview of the Digital Personal Data Protection DPDP Bill 2023.pdf
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdfEconomic Laws Practice
 
Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Minh Duong
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013Myron Duncan Burton Betshanger
 

Recommended

PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
India's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadIndia's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadEquiCorp Associates
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in MalaysiaMSC Malaysia Cybercentre @ Bangsar South City
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdfDaviesParker
 
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDaviesParker
 
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdfOverview of the Digital Personal Data Protection DPDP Bill 2023.pdf
Overview of the Digital Personal Data Protection DPDP Bill 2023.pdfEconomic Laws Practice
 
Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Asia Counsel Insights May 2023
Asia Counsel Insights May 2023Minh Duong
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013Myron Duncan Burton Betshanger
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdfPriyanka Aash
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...Dr. Oliver Massmann
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
Data privacy act of 2012 presentation
Data privacy act of 2012 presentationData privacy act of 2012 presentation
Data privacy act of 2012 presentationKittelson & Carpo Consulting
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxfarewelldump
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docxgabbarsk3
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
Data Privacy Act.pdf
Data Privacy Act.pdfData Privacy Act.pdf
Data Privacy Act.pdfAntonioJarligoCompra
 
The Popi Act 4 of 2013 - Implications for iSCM
The Popi Act 4 of 2013 - Implications for iSCMThe Popi Act 4 of 2013 - Implications for iSCM
The Popi Act 4 of 2013 - Implications for iSCMMyron Duncan Burton Betshanger
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfDaviesParker
 
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...Vijay Dalmia
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...Dr. Oliver Massmann
 
Digital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptxDigital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptxRohanTyagi57
 
Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Jon Rathbone
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIADR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIADr. Oliver Massmann
 
Enforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through CustomsEnforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through CustomsVijay Dalmia
 
White Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptxWhite Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptxVijay Dalmia
 

More Related Content

Similar to DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx

Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...Dr. Oliver Massmann
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Vijay Dalmia
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxfarewelldump
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docxgabbarsk3
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfDaviesParker
 
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...Vijay Dalmia
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...Dr. Oliver Massmann
 
Digital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptxDigital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptxRohanTyagi57
 
Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Jon Rathbone
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIADR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIADr. Oliver Massmann
 

Similar to DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx (20)

Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill
 
Data privacy act of 2012 presentation
Data privacy act of 2012 presentationData privacy act of 2012 presentation
Data privacy act of 2012 presentation
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptx
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docx
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
 
Data Privacy Act.pdf
Data Privacy Act.pdfData Privacy Act.pdf
Data Privacy Act.pdf
 
The Popi Act 4 of 2013 - Implications for iSCM
The Popi Act 4 of 2013 - Implications for iSCMThe Popi Act 4 of 2013 - Implications for iSCM
The Popi Act 4 of 2013 - Implications for iSCM
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdf
 
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
Reasonable Security Practices And Procedures And Sensitive Personala 24 06 2...
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
 
Digital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptxDigital Personal Data Protection Bill 2023 PPT.pptx
Digital Personal Data Protection Bill 2023 PPT.pptx
 
Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18Gdpr powerpoint 15.01.18
Gdpr powerpoint 15.01.18
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentation
 
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIADR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
DR. OLIVER MASSMANN - PRIVACY LAWS IN ASIA
 

More from Vijay Dalmia

Enforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through CustomsEnforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through CustomsVijay Dalmia
 
White Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptxWhite Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptxVijay Dalmia
 
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptx
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptxTaxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptx
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptxVijay Dalmia
 
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...Vijay Dalmia
 
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...Need for having Security, Email & Internet Usage Policy in Companies - Legal ...
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...Vijay Dalmia
 
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptx
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptxPolice Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptx
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptxVijay Dalmia
 
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia Advocate
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia AdvocatePolice Remand Judicial Remand & Default bail by Vijay Pal Dalmia Advocate
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia AdvocateVijay Dalmia
 
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...Vijay Dalmia
 
Sanction for prosecution of offences under chapter xii of the income tax act
Sanction for prosecution of offences under chapter xii of the income tax actSanction for prosecution of offences under chapter xii of the income tax act
Sanction for prosecution of offences under chapter xii of the income tax actVijay Dalmia
 
Guide for de-mystifying law of trade mark enfocrement and litigation in india
Guide for de-mystifying law of trade mark enfocrement and litigation in indiaGuide for de-mystifying law of trade mark enfocrement and litigation in india
Guide for de-mystifying law of trade mark enfocrement and litigation in indiaVijay Dalmia
 
IPR Enforcement in India through Criminal Measures - By Vijay Pal Dalmia
IPR Enforcement in India through Criminal Measures - By Vijay Pal DalmiaIPR Enforcement in India through Criminal Measures - By Vijay Pal Dalmia
IPR Enforcement in India through Criminal Measures - By Vijay Pal DalmiaVijay Dalmia
 
Process of criminal trial in india
Process of criminal trial in indiaProcess of criminal trial in india
Process of criminal trial in indiaVijay Dalmia
 
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal Dalmia
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal DalmiaLAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal Dalmia
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal DalmiaVijay Dalmia
 
Types of electronic contracts
Types of electronic contractsTypes of electronic contracts
Types of electronic contractsVijay Dalmia
 
Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour Vijay Dalmia
 
Ipr enforcement in india
Ipr enforcement in indiaIpr enforcement in india
Ipr enforcement in indiaVijay Dalmia
 
Patent law and Indian perspective
Patent law and Indian perspectivePatent law and Indian perspective
Patent law and Indian perspectiveVijay Dalmia
 
Wills in the indian perspective
Wills in the indian perspectiveWills in the indian perspective
Wills in the indian perspectiveVijay Dalmia
 
Law of Tele-medicine in India
Law of Tele-medicine in IndiaLaw of Tele-medicine in India
Law of Tele-medicine in IndiaVijay Dalmia
 
Law of nutritional and supplement food products in India-The Conflict
Law of nutritional and supplement food products in India-The ConflictLaw of nutritional and supplement food products in India-The Conflict
Law of nutritional and supplement food products in India-The ConflictVijay Dalmia
 

More from Vijay Dalmia (20)

Enforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through CustomsEnforcement Of Intellectual Property Rights Through Customs
Enforcement Of Intellectual Property Rights Through Customs
 
White Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptxWhite Collar Crime by Vijay Pal Dalmia.pptx
White Collar Crime by Vijay Pal Dalmia.pptx
 
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptx
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptxTaxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptx
Taxation of Cryptocurrencies – Virtual Digital Assets in India-VPDalmia.pptx
 
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...
Indian Approach On Bitcoins-cryptocurrencies- Blockchain Legal Practical Pe...
 
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...Need for having Security, Email & Internet Usage Policy in Companies - Legal ...
Need for having Security, Email & Internet Usage Policy in Companies - Legal ...
 
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptx
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptxPolice Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptx
Police Remand- Judicial Remand & Default Bail-Vijay Pal Dalmia Advocate.pptx
 
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia Advocate
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia AdvocatePolice Remand Judicial Remand & Default bail by Vijay Pal Dalmia Advocate
Police Remand Judicial Remand & Default bail by Vijay Pal Dalmia Advocate
 
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...
Indian approach on bitcoins, cryptocurrencies and blockchain – legal practica...
 
Sanction for prosecution of offences under chapter xii of the income tax act
Sanction for prosecution of offences under chapter xii of the income tax actSanction for prosecution of offences under chapter xii of the income tax act
Sanction for prosecution of offences under chapter xii of the income tax act
 
Guide for de-mystifying law of trade mark enfocrement and litigation in india
Guide for de-mystifying law of trade mark enfocrement and litigation in indiaGuide for de-mystifying law of trade mark enfocrement and litigation in india
Guide for de-mystifying law of trade mark enfocrement and litigation in india
 
IPR Enforcement in India through Criminal Measures - By Vijay Pal Dalmia
IPR Enforcement in India through Criminal Measures - By Vijay Pal DalmiaIPR Enforcement in India through Criminal Measures - By Vijay Pal Dalmia
IPR Enforcement in India through Criminal Measures - By Vijay Pal Dalmia
 
Process of criminal trial in india
Process of criminal trial in indiaProcess of criminal trial in india
Process of criminal trial in india
 
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal Dalmia
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal DalmiaLAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal Dalmia
LAW OF THE SEMICONDUCTOR INTEGRATED CIRCUITS IN INDIA By Vijay Pal Dalmia
 
Types of electronic contracts
Types of electronic contractsTypes of electronic contracts
Types of electronic contracts
 
Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour Information Technology Policy for Corporates - Need of the Hour
Information Technology Policy for Corporates - Need of the Hour
 
Ipr enforcement in india
Ipr enforcement in indiaIpr enforcement in india
Ipr enforcement in india
 
Patent law and Indian perspective
Patent law and Indian perspectivePatent law and Indian perspective
Patent law and Indian perspective
 
Wills in the indian perspective
Wills in the indian perspectiveWills in the indian perspective
Wills in the indian perspective
 
Law of Tele-medicine in India
Law of Tele-medicine in IndiaLaw of Tele-medicine in India
Law of Tele-medicine in India
 
Law of nutritional and supplement food products in India-The Conflict
Law of nutritional and supplement food products in India-The ConflictLaw of nutritional and supplement food products in India-The Conflict
Law of nutritional and supplement food products in India-The Conflict
 

Recently uploaded

如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书Fir L
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书SD DS
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书Fir sss
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfMilind Agarwal
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书Fir L
 
如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书Fir L
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书Fs Las
 
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptxQUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptxnibresliezel23
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一jr6r07mb
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书SS A
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Dr. Oliver Massmann
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
A Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxA Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxPKrishna18
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 

Recently uploaded (20)

如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
如何办理(UCD毕业证书)加州大学戴维斯分校毕业证学位证书
 
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书 如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
 
Old Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax RegimeOld Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax Regime
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
 
如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书如何办理提赛德大学毕业证(本硕)Teesside学位证书
如何办理提赛德大学毕业证(本硕)Teesside学位证书
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
 
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptxQUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
Legal Alert - Vietnam - First draft Decree on mechanisms and policies to enco...
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
A Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxA Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptx
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 

DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx

  • 1. THE (INDIAN) DIGITAL PERSONAL DATA PROTECTION ACT, 2023 By Vijay Pal Dalmia, Advocate Supreme Court of India & Delhi High Court Email id: vpdalmia@gmail.com Mobile No.: +91 9810081079 LinkedIn: https://www.linkedin.com/in/vpdalmia/ Facebook: https://www.facebook.com/vpdalmia X (Twitter): @vpdalmia
  • 2. NEED FOR THE DPDP ACT, 2023 01 02 03 04 05 RECOGNITION OF ‘RIGHT TO PRIVACY’ To confer rights on individuals to protect their personal data and place duties on the entities that processes these personal data and to strikes an important balance in protecting users’ rights and promoting innovation in digital businesses. CONFERRING RIGHTS AND DUTIES PROTECTION AND SECURITY To penalise the parties in case of unlawful processing of personal data. IMPOSING PENALTIES Digital transactions have transformed economics as well as social interactions and use of personal data is a common aspect of such transactions. Therefore, protection of personal data has become a need as well as a pre- requisite for the growth of digital economy. GROWTH OF ECONOMY Need for protection and security of personal data of users and to process data for lawful purpose. In the case of Justice K S Puttaswamy (Retd.) & Anr. v. Union of India and Ors., (2017) 10 SCC 1, the Supreme Court recognized the right to privacy as a facet of Article 21 of the Constitution of India, i.e., Protection of Life and Personal Liberty, a Fundamental Right.
  • 4. “Data Fiduciary means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data”. Personal Data means any data about an individual who is identifiable by or in relation to such data. DATA FIDUCIARY [S. 2(i)] DATA FIDUCIARY [S. 2(i)] 6 5 3 2 1 4
  • 5. “Data Processor means any person who processes personal data on behalf of a Data Fiduciary.” 6 5 3 1 DATA PROCESSOR [S. 2(K)] 4 2
  • 6. “Data Principal means the individual to whom the personal data relates and where such individual is— (i) a child, includes the parents or lawful guardian of such a child; (ii) a person with disability, includes her lawful guardian, acting on her behalf.” 6 5 2 1 DATA PRINCIPAL [S. 2(j)] 4 3
  • 7. 6 5 4 3 2 1 “Significant Data Fiduciary means any Data Fiduciary or class of Data Fiduciaries as may be notified by the Central Government under section 10.” Significant Data Fiduciary has the additional obligations to appoint Data Protection Officer,, Independent Data Auditor and conduct periodic Data Protection Impact Assessment. 04 SIGNIFICANT DATA FIDUCIARY [S.2(z)]
  • 8. 6 3 2 1 CONSENT MANAGER [S. 2(g)] “Consent Manager means a person registered with the Board, who acts as a single point of contact to enable a Data Principal to give, manage, review and withdraw her consent through an accessible, transparent and interoperable platform.” The role of Consent Manager is to facilitate the Data Principal by managing their consent and is accountable to Data Principal. 4 5
  • 9. 5 3 2 1 DATA PROTECTION OFFICER [S. 2(l) “Data Protection Officer means an individual appointed by the Significant Data Fiduciary under clause (a) of sub-section (2) of section 10.” The Data Protection officer • shall represent the Significant Data Fiduciary • must be based in India • shall be the point of contact for the grievance redressal mechanism 4 6
  • 10.  The DPDP Act contemplates the establishment of a Data Protection Board, as an enforcement body, by the Central Government. Civil courts are barred from entertaining suits or proceedings for any matter in respect of which the Board is empowered.  Under the DPDP Act, the Data Protection Board has the following powers: 1. To direct any urgent remedial or mitigation measures on receipt of intimation regarding a personal data breach 2. To inquire into such breach 3. Impose penalties for non-compliances 4. Inspect any document 5. Summon and enforce attendance of any person etc.  Appeal can be filed against the order of DPB before Appellate Tribunal within 60 days DPB Telecom Disputes Settlement and Appellate Tribunal Supreme court DATA PROTECTION BOARD OF INDIA
  • 11. APPLICATION OF THE DPDP ACT S. 3(a) & 3(b) NON-APPLICABILITY OF THE DPDP ACT S. 3(c)  Processing of Personal Digital Data within territory of India, where data collected is in digital form OR in physical form BUT subsequently digitized.  Processing of Personal Digital Data outside the territory of India, if such processing is being done to offer goods or services to Data Principal within the territory of India.  Processing of Personal Data by an individual ONLY for personal or domestic use.  Where the personal data is publicized by the Data Principal himself OR any other person who is under obligation under law to made such personal data publicly available.
  • 12. GROUNDS FOR PROCESSING DATA Section 4 of the DPDP Act states that a person i.e., a Data Fiduciary can process data of a Data Principal only for a lawful purpose-  for which the Data Principal has given her consent; or  for certain legitimate uses. CONCEPT OF ‘NOTICE Illustration: X, an individual, opens a bank account using the mobile app or website of Y, a bank. To complete the Know-Your-Customer requirements under law for opening of bank account, X opts for processing of her personal data by Y in a live, video-based customer identification process. Y shall accompany or precede the request for the personal data with notice to X, describing the personal data and the purpose of its processing. Consent has to be accompanied by NOTICE under Section 5, informing the Data Principal about the personal data which is to be processed and the purpose of such processing. The Notice should also contain about the information about the right of withdrawing consent and grievance redressal available to Data Principal and the manner in which the complaint can be made to the Board. PROVISIONS OF CHAPTER II
  • 13.  The DPDP Act under Section 6 provides for free, specific, informed, unambiguous and unconditional CONSENT to be taken by the Data Fiduciary of the Data Principal before processing personal digital data .  Consent taken for a specified purpose needs to be utilized for that purpose ONLY. Illustration: X, an individual, downloads Y, a telemedicine app. Y requests the consent of X for the processing of her personal data for making available telemedicine services, and accessing her mobile phone contact list, and X signifies her consent to both. Since phone contact list is not necessary for making available telemedicine services, her consent shall be limited to the processing of her personal data for making available telemedicine services  Request for consent should- a) Be presented to Data Principal in clear and plain language. b) Contain option to access such request in any language. c) Provide for contact details of Data Protection Officer or any other person authorized by Data Fiduciary to respond to communication of Data Principal in order to able him to exercise his rights. CONSENT PROVISIONS
  • 14. o Where the consent of the Data Principal has been obtained prior to the commencement of the DPDP Act for processing of her personal data, the Data Fiduciary shall, as soon as it is reasonably practicable, give to the Data Principal a fresh NOTICE. o Data Fiduciary may continue to process the personal data until and unless the Data Principal withdraws her consent. WITHDRAWAL OF CONSENT o Availability of ‘Right to withdraw consent’ with the Data Principal. o However, withdrawal of consent shall NOT affect the legality of processing of the personal data based on such consent before such withdrawal. o Data Fiduciary shall CEASE and cause its Data Processors to CEASE PROCESSING of such personal data. • UNLESS, such processing is necessary according to some provision of law which is for time being is in force. ISSUANCE OF FRESH NOTICE WHERE CONSENT IS OBTAINED PRIOR TO THE COMMENCEMENT OF DPDP ACT
  • 15. The some of the legitimate uses provided in the DPDP Act are as under: A. VOLUNTARY PROVISION OF DATA If the users voluntarily provide their personal data to the Data Fiduciary for a specified purpose and has not indicated to the Data Fiduciary that they do not consent to the use of their personal data. B. FOR STATE TO PROVIDE ANY BENEFIT/SUBSIDY TO THE DATA PRINCIPAL For the State or its agencies to perform any function under any law or in the interest of sovereignty and integrity of India or security of the State; or to provide any subsidy, service, benefit, certificate, license, or permit to the Data Principal, where Data Principal has previously consented, or such personal data is already available to the government in digital or non-digital form and is notified by the Central Government. C. FOR FULFILING OBLIGATIONS UNDER THE LAW D. FOR COMPLIANCE OF COURT ORDERS E. DURING THE MEDICAL EMERGENCIES F. DURING THE SPREAD OF EPIDEMIC G. DURING THE DISASTERS H. FOR EMPLOYMENT PURPOSES I. FOR SAFEGUARDING THE EMPLOYER FROM LOSS OR LIABILITY CERTAIN LEGITIMATE USES
  • 16. GENERAL OBLIGATIONS OF DATA FIDUCIARY • Appointment of Data Processor to process personal data of the Data Principal on his behalf only under a valid contract. • Ensure completeness, accuracy and consistency of the personal data where the data processing is likely to be used to make a decision that affects the Data Principal or disclosed to another Data Fiduciary. • Erase or cause to erase personal data as soon as the purpose has been met and retention is not necessary for legal purposes. • To implement appropriate technical and organizational measures for proper observance of the provisions. • To build reasonable security safeguards to prevent a data breach to protect the personal data in its possession. • Inform the Data Protection Board of India and affected persons in the event of a breach • To establish an effective mechanism for redressal of the grievances. • Publish contact information of Data Protection Officer or any other person acting on behalf of Data Fiduciary.
  • 17. PROCESSING OF CHILDREN’S PERSONAL DATA • A ‘Child’ has been defined under S. 2(f) as an individual who has not yet completed the age of 18 years. • A Data Fiduciary, before processing any personal data of a ‘child’ or a person with disabilities MUST OBTAIN VERIFIABLE CONSENT of the parent of the child or of the lawful guardian, as the case may be. NOT ALLOWED a) NO processing of personal data which can have DETRIMENTAL EFFECT on the well-being of the child. b) Not to engage in targeted advertising, tracking or behavioral monitoring. EXMEPTION a) If the government is satisfied that a Data Fiduciary has ensured that the processing of personal data of children is done in a manner that is “verifiably safe”, then the government can exempt the fiduciary.
  • 18. RIGHTS AND DUTIES OF DATA PRINCIPALS [Chapter III] 1. Right to access information about personal data (S. 11) • Right to get summary of personal data which is processed by the data fiduciary and processing activities undertake by such Data Fiduciary. • Right to receive identities of all other Data Fiduciaries and Data Processors with whom the personal data has been shared and any other information. 2. Right to correction, completion, updating and erasure of personal data (S. 12) 3. Right of grievance redressal • Through Data Fiduciary or Consent Manager • The user can escalate their grievance to the Data Protection Board only after exhausting their options with the Data Fiduciary or Consent Manager first. 4. Right to Nominate • In case of his death or personal incapacity to exercise his right of being a Data Principal. 5. Right to withdraw consent Duties of a Data Principal includes: complying with the present provisions and other applicable laws, not to register a false and frivolous complaint, not to suppress material information while providing personal data, to furnish only verifiable information, etc.
  • 19. CROSS BORDER DATA TRANSFERS • The DPDP Act allows for the cross border transfers of personal data, for processing, by the Data Fiduciaries. However, under Section 16 of the DPDP Act, Central Government can restrict the countries or territories outside India to which the data can be transferred. • As per Section 17 of the DPDP Act, provisions of Chapter II, except sub sections (1) and (5) of Section 8, Chapter III and Section 16 of the DPDP Act will NOT apply for processing of personal data (i.e., exemptions):  For enforcement of legal right or claim  When processing is to be done by any court/tribunal for the performance of any judicial or quasi judicial or supervisory or regulatory function.  For prevention, detection, investigation or prosecution of any offence, etc.  When personal data of Data Principals who are not within the territory of India processed outside India under any contract.  When processing is required for scheme of compromise or arrangement or merger or amalgamation, approved by Court or Tribunal.  For ascertaining the financial information of a person who has defaulted in payment to financial institution EXEMPTIONS PROVIDED UNDER DPDP ACT
  • 20. OTHER EXEMPTIONS UNDER S. 17(2) & 17(3) OF DPDP ACT  Central Government has the power to exempt any instrumentality of the State, under S. 17(2), from the application of the present law via notification, in the interest of sovereignty and integrity of India, security of the State, friendly relations with foreign States, maintenance of public order or preventing incitement to any cognizable offence relating to any of these, and the processing by Central Government of such personal data furnished to it by the aforesaid instrumentality.  The processing of personal data is also exempted from the application of the present law which is necessary for research, archiving or statistical purposes if the personal data is not to be used to take any decision specific to a Data Principal and such processing is carried on in accordance with standards as may be prescribed.  Having regard to the volume and nature of personal data processed, the Central Government may also notify certain Data Fiduciaries or classes of Data Fiduciaries, including start-ups, as exempt from certain provisions of the law.  Within 5 years from the date of enactment of DPDP Act, the Central Government may notify any provision that will not apply to certain Data Fiduciaries or classes of Data Fiduciaries for a specified period.
  • 21. PENALTIES • Depending on the nature and significance of contravention, monetary penalties up to INR 250 crores may be levied by the DPB on the conclusion of an inquiry and after giving an opportunity of being heard to the defaulting person. • Several factors shall be taken into account to determine the quantum of penalties including – nature, gravity and duration of breach, type of personal data affected, repetitive nature of breach, mitigation measures, impact of the imposition of monetary penalty, etc. • Penalty up to INR 10000 can be imposed on Data Principal for breach of the duties. • Under the DPDP Act, there is no provision to compensate the affected person as provided under Section 43 A of the Information Technology Act, 2000. • All sums realized by way of penalties shall be credited to the Consolidated Fund of India.
  • 22. AMENDMENTS AFTER THE ENACTMENT OF THE DPDP ACT, 2023 According to S. 38(2) of the DPDP Act, “in the event of any conflict between a provision of this law and a provision of any other law for the time being in force, the provision of this law shall prevail to the extent of such conflict.” The DPDP Act omitted the following provisions of the Information Technology Act, 2000 after its enactment [S. 44(2)] :- • Section 43A: The said section provides for the compensation for failure to protect sensitive personal data of information. • Section 87(2)(ob): Under the said section, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 were framed. The above Sections of the Information Technology Act, 2000 and IT Rules, 2011 governed the legal framework of data laws in India will be replaced by DPDP Act once the provisions are notified.
  • 23. For any specific query, please contact: Vijay Pal Dalmia, Advocate Supreme Court of India & Delhi High Court Email id: vpdalmia@gmail.com Mobile No.: +91 9810081079 LinkedIn: https://www.linkedin.com/in/vpdalmia/ Facebook: https://www.facebook.com/vpdalmia X (Twitter): @vpdalmia DISCLAIMER: The content of this presentation is intended to provide a general guide on the subject matter. Vaish Associates Advocates assume no responsibility for any errors which may inadvertently appear. The presentation is circulated with the understanding that the author/ publisher is not rendering any legal or professional advice or opinions on specific facts or matters and, accordingly, assume no liability whatsoever in connection with its use. © 2023, jurisnode.com, All rights reserved