SlideShare a Scribd company logo

Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf

Economic Laws Practice
Economic Laws Practice

On August 3, 2023, the Government of India, introduced the fifth iteration of India's proposed personal data protection legislation, i.e., the Digital Personal Data Protection Bill, 2023 (DPDP Bill) in Parliament. Previously, in December 2022, the Ministry of Electronics and Information Technology had released a draft version of the bill (2022 Draft), inviting public comments thereto. Once in force, the DPDP Bill aims to amend and omit some of the

Services
1 of 5
Download to read offline
Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 1 Overview of the Digital Personal Data Protection (DPDP) Bill, 2023
Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 2 OVERVIEW OF THE DIGITAL PERSONAL DATA PROTECTION (DPDP) BILL, 2023 On August 3, 2023, the Government of India, introduced the fifth iteration of India's proposed personal data protection legislation, i.e., the Digital Personal Data Protection Bill, 2023 (DPDP Bill) in Parliament. Previously, in December 2022, the Ministry of Electronics and Information Technology had released a draft version of the bill (2022 Draft), inviting public comments thereto. Once in force, the DPDP Bill aims to amend and omit some of the key provisions of the Information Technology Act, 2000 (IT Act) and provisions of the Right to Information Act 2005. Summarized below, in a Q&A format, is our note addressing some of the key issues that the 2023 version of the DPDP Bill addresses, as well as some key differences in comparison to the 2022 Draft. What is the legislative scope of the DPDP Bill? Applies: The DPDP Bill applies to personal data1 that is: collected within India (i) through an online mode; and (ii) offline mode but is then digitized; and collected outside India, if this processing is in connection with any activity relating to offering goods or services to data principals 2 within India. Does not apply: The DPDP Bill, presently, does not apply to (i) personal data processed by an individual for personal or domestic purpose; (ii) personal data made available publicly by the data principal himself, to whom such data relates; and if it is made publicly available under an obligation under any law. Notably, the list of data to which the DPDP Bill does not apply has been narrowed in the latest iteration of the Bill compared to the 2022 Draft. Exemptions: Additionally, the DPDP Bill exempts the application of certain provisions relating to the duties of data fiduciaries and the rights of data principals in certain scenarios. These include the investigation of offences, assessing the financial status of defaulters, processing of data of principals outside the territory of India pursuant to any contract by any person based in India. Are data principals required to be provided with prior notice for collection of their personal data? Yes, the DPDP Bill requires that data principals be provided with a notice in clear and plain language which describes the personal data that is sought to be collected, purpose of such collection, details of the way data principals may exercise their rights to withdraw consent and grievance redressal; and details on how data principals may file a complaint with the Data Protection Board (DPB). The notice by the data fiduciaries 3 , as per the DPDP Bill, is required to be either in English or any local Indian language specified under the Eighth Schedule to the Constitution of India (as understood by the data principal). The DPDP Bill also sets out a list of "legitimate uses" for which data may be processed without consent. As opposed to the 2022 Draft, the DPDP Bill does not use the terminology of "deemed consent". Legitimate uses include (i) when a user voluntarily shares her data and does not deny consent for the use of the same; (ii) for the State to perform its function under any law; (iii) court orders; (iv) medical emergency; (v) epidemics; (vi) disasters; (vii) employment. Notably, the DPDP no longer includes the grounds of "public interest" and "fair and reasonable" purpose that were contained in the 2022 Draft. Will the requirement to obtain consent from data principals be applicable retrospectively to cases where the personal data was already collected from data principals? Yes, the DPDP Bill states that the requirement to obtain consent in accordance with the DPDP Bill will be applicable retrospectively where, if data principals have provided their consent to the collection of their personal data prior to commencement [of the DPDP Act], then all data fiduciaries would be required to furnish a notice to such data principals setting out the description of personal data [already] collected from them and the purpose for which such personal data was processed. However, it is pertinent to note that presently, the DPDP Bill does not prescribe a 1 The DPDP Bill defines ‘personal data’ as any data about an individual who is identifiable by or in relation to such data 2 The DPDP Bill defines ‘data principals’ as the individual to whom the personal data relates and where such individual is a child includes the parents or lawful guardian of such a child 3 The DPDP Bill defines ‘data fiduciaries’ as entities determining the purpose and means of processing of personal data
Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 3 timeline within which the data fiduciary is required to comply with the said requirement, but all it requires is that the same be obtained “as soon as reasonably practicable”. What are the obligations of data fiduciary(ies)under the DPDP Bill? The DPDP Bill, much like the 2022 Draft, sets out a specific provision listing all obligations of a data fiduciary and holds the data fiduciary ultimately responsible for processing personal data. The DPDP Bill further requires the data fiduciary(ies) to ensure that all reasonable safeguards are taken to prevent personal data breaches, including for any processing undertaken on its behalf by data processors4 . The DPDP Bill also sets out the concept of a ‘significant data fiduciary(es)’ based on the significant volume and sensitivity of personal data that will be collected by such data fiduciary including risk of harm to data principals. The DPDP Bill requires that such significant data fiduciary is required to comply with additional obligations such as appointment of a data protection officer residing in India, appointment of an independent data auditor, undertake data protection impact assessments and ensure compliance with other measures as may be prescribed. What are the obligations of data fiduciary(ies) when collecting personal data from children? The DPDP Bill states that in case personal data from individuals, who are less than 18 years of age, is proposed to be processed, then a prior verifiable parental consent (including consent of a guardian) shall be required to be obtained. The DPDP Bill also states that data fiduciaries are not permitted to undertake the processing of data which is likely to have a "detrimental impact" on the well-being of the child. This terminology is in contrast to the 2022 Bill which utilizes the concept of "harm". Data fiduciaries are also prohibited from engaging in tracking and behavioural monitoring of children or sending targeted advertisements directed at children. The DPDP Bill further expands on the 2022 Draft by introducing exemptions relating to the processing of the personal data of children. Upon satisfaction that the data processing by the data fiduciary is in a verifiably safe manner, the Central Government may exempt such data fiduciary from such obligations when processing data of children above a certain age (as may be notified). What are the obligations of data processors under the DPDP Bill? The DPDP Bill provides that data processors have a duty to protect personal data in their possession or control by taking reasonable security safeguards to prevent breaches. The DPDP Bill also mandates that data processors cease processing personal data on withdrawal of consent. Additionally, once the retention of the personal data is no longer necessary for compliance with any law, the data processor must erase any such personal data. Notably however, primary responsibility for reporting breaches as well as liability for failure to report is placed only on data fiduciaries as opposed to the 2022 Draft. Who has the authority to determine non-compliances and impose penalties under the legislation? The DPDP Bill proposes to establish the DPB5 , which will be an independent body corporate, operating digitally (to the extent possible)6 and be responsible for determining non-compliances under the legislation and imposing penalties. The DPDP Bill gives powers to the DPB to take actions (as prescribed under the DPDP Bill) on receipt of complaints. Compared to the 2022 Draft, the 2023 Bill provides further details concerning the composition of the DPB and membership criteria. The DPDP Bill also provides for an appellate mechanism in the form of an Appellate Tribunal7 i.e. the Telecom Disputes Settlement and Appellate Tribunal, which has the authority to review, repeal or reinforce the orders or directions of the DPB. Aggrieved individuals may approach the Appellate Tribunal within 6 months8 of receiving the DPB's orders or 4 The DPDP Bill defines ‘data processors’ as any person who processes personal data on behalf of a data fiduciary 5 Clause 18, Digital Personal Data Protection Bill, 2023. 6 Clause 28, Digital Personal Data Protection Bill, 2023. 7 Clause 29, Sub-Clause 1, Digital Personal Data Protection Bill, 2023. 8 Clause 29, Sub-Clause 2, Digital Personal Data Protection Bill, 2023.
Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 4 directions. The Tribunal, in turn, shall endeavour to dispose the appeals within 6 months9 . The DPDP Bill clarifies that every order made by the Tribunal will be enforceable akin to a decree made by the civil court10 . Can personal data of data principal be transferred outside India? The DPDP Bill permits cross-border transfer of all personal data, however, the Central Government may notify countries and territories outside India wherein such transfer of personal data is restricted11 . The Bill also stipulates certain situations wherein the cross-border transfer of data may be mandated12 . This is in contrast to the 2022 Draft which permitted transfers only to notified countries and territories. In which case, does the DPDP Bill set out any provision(s) regarding data localization? The DPDP Bill continues to not contain any provisions relating to data localization. However, the provisions on cross- border transfer contained in the DPDP Bill would be subject to other laws governing data transfer in the country.13 Hence more stringent sectoral regulations, such as RBI regulations, will remain applicable, whereby, sectoral data localization is not entirely off the table. How different is the DPDP Bill from its 2022 version in respect of the provisions relating to cross border data transfer? Tabulated below is the comparison between the DPDP Bill and the 2022 version of the data protection bill in relation to cross-border data transfer clauses: S. No. Particulars DPDP Bill (2022)14 DPDP Bill (2023)15 1. 1. Nature of Personal Data allowed to be transferred across borders All personal data All personal data 2. 2. Countries to which cross- border transfer of personal data is permitted Countries or jurisdictions notified by the central government All countries and territories, unless notified otherwise by the Central Government 3. 3. Factors to be considered while notifying eligible countries or entities Any factors that the Central Government may consider necessary Unspecified . The shift from a "whitelist" to a “blacklist” approach in the 2023 Draft Data Protection Bill reflects a significant change in India’s policy on cross-border data transfers. However, the exact implementation and criteria for determining such restricted countries remain to be seen. 9 Clause 29, Sub-Clause 6, Digital Personal Data Protection Bill, 2023. 10 Clause 28, Sub-Clause 7, Digital Personal Data Protection Bill, 2023. 11 Clause 16, Digital Personal Data Protection Bill, 2023. 12 Clause 17, Digital Personal Data Protection Bill, 2023. 13 Clause 16, Sub-Clause 2, Digital Personal Data Protection Bill, 2023. 14 Clause 17, Draft Digital Data Protection Bill, 2023 15 Clause 16 , Draft Digital Data Protection Bill, 2023
Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 5 What are the penalties that are prescribed for non-compliance under the DPDP Bill? The penalties under the DPDP Bill range from up to INR 10,000 to up to INR 250 crores for different offences, with the maximum penalty being lower than the 2022 Draft. The DPDP Bill also sets out the factors that need to be considered while determining the penalty. Unlike the 2022 Draft it appears that only data fiduciaries will be subject to penalties. Notably, clause 37 of the DPDP Bill also empowers the Central Government to advise, in the interests of the general public, blocking access for the public to any information generated, transmitted, received, stored or hosted, in any computer resource that enables such Data Fiduciary to carry on any activity relating to offering of goods or services to data principals within the territory of India. Conclusion The DPDP Bill has undergone some key changes from its 2022 version. Amongst other changes, it provides comprehensive details on the powers and functions of the proposed Data Protection Board of India, provides the Central Government with blocking powers and introduces an appellate mechanism before the Telecom Disputes Settlement and Appellate Tribunal. Notably, the Bill also demonstrates India's business-friendly approach by adopting an open policy towards cross-border data transfers, unlike its previous iteration. Another significant aspect of the DPDP Bill is that it vests the Government with powers to create delegated legislation concerning various aspects of the Bill. This will bring further clarity on issues like the processes for reporting data breaches and other related matters. During the tabling of the Bill, Members of Parliament raised several concerns, including compensation for victims of breaches, protection of the fundamental right to privacy, and the absence of restrictions on government data processing. The Government now faces the task of addressing these questions. After discussion and passing in the Lok Sabha is completed, the Bill will then proceed to the Rajya Sabha for further consideration. Once enacted, the Digital Personal Data Protection Act is expected to be implemented in a staged manner We trust you will find this an interesting read. For any queries or comments on this update, please feel free to contact us at insights@elp-in.com or write to our authors: Sanjay Notani, Partner –SanjayNotani@elp-in.com ; Vinay Butani, Partner- VinayButani@elp-in.com ; Naghm Ghei, Principal Associate - NaghmGhei@elp-in.com; Akash Manwani, Associate- AkashManwani@elp-in.com Disclaimer: The information contained in this document is intended for informational purposes only and does not constitute legal opinion or advice

Recommended

DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDaviesParker
 
Indonesian Legislatives Passes Personal Data Protection Bill.pdf
Indonesian Legislatives Passes Personal Data Protection Bill.pdfIndonesian Legislatives Passes Personal Data Protection Bill.pdf
Indonesian Legislatives Passes Personal Data Protection Bill.pdfAHRP Law Firm
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdfPriyanka Aash
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
KSA PDPL - Personal Data Protection Law.pdf
KSA PDPL - Personal Data Protection Law.pdfKSA PDPL - Personal Data Protection Law.pdf
KSA PDPL - Personal Data Protection Law.pdfDaviesParker
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfDaviesParker
 

Recommended

DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdf
DIGITAL-PERSONAL-DATA-PROTECTION-ACT-2023-WHITEPAPER.pdfDaviesParker
 
Indonesian Legislatives Passes Personal Data Protection Bill.pdf
Indonesian Legislatives Passes Personal Data Protection Bill.pdfIndonesian Legislatives Passes Personal Data Protection Bill.pdf
Indonesian Legislatives Passes Personal Data Protection Bill.pdfAHRP Law Firm
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdfPriyanka Aash
 
Personal data protection bill
Personal data protection bill Personal data protection bill
Personal data protection bill Mathew Chacko
 
KSA PDPL - Personal Data Protection Law.pdf
KSA PDPL - Personal Data Protection Law.pdfKSA PDPL - Personal Data Protection Law.pdf
KSA PDPL - Personal Data Protection Law.pdfDaviesParker
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxssuser36d167
 
Bahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfBahrain-Personal-Data-Protection-Law.pdf
Bahrain-Personal-Data-Protection-Law.pdfDaviesParker
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfDaviesParker
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityEmerson Bryan
 
Data Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General PublicData Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General Publicijtsrd
 
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptxDIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptxVijay Dalmia
 
BigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analyticsbrunomase
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docxgabbarsk3
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database ProtectionSinghania2015
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Dryden Geary
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Nanda Mohan Shenoy
 
India's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadIndia's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadEquiCorp Associates
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
DPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptxDPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptxAshishHans7
 
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWDIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWSpice Route Legal
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored SolutionsMaximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored SolutionsEconomic Laws Practice
 
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier HospitalityEconomic Laws Practice
 

More Related Content

Similar to Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf

Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityEmerson Bryan
 
Data Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General PublicData Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General Publicijtsrd
 
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptxDIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptxVijay Dalmia
 
BigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Inc
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Ashish vishal
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analyticsbrunomase
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docxgabbarsk3
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill Komal Gadia
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database ProtectionSinghania2015
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Dryden Geary
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Nanda Mohan Shenoy
 
India's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadIndia's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadEquiCorp Associates
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
DPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptxDPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptxAshishHans7
 
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWDIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWSpice Route Legal
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationsilvereyez11
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataRenato Monteiro
 

Similar to Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf (20)

Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business community
 
Data Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General PublicData Protection Bill 2019 Participative Role of General Public
Data Protection Bill 2019 Participative Role of General Public
 
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptxDIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
DIGITAL PERSONAL DATA PROTECTION ACT 2023-PPT-VPD.pptx
 
BigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance AutomatedBigID Data Sheet: LGPD Compliance Automated
BigID Data Sheet: LGPD Compliance Automated
 
Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)Relationship between data protection and m&a (1)
Relationship between data protection and m&a (1)
 
GDPR and Analytics
GDPR and AnalyticsGDPR and Analytics
GDPR and Analytics
 
Digital personal data protection BILL.docx
Digital personal data protection BILL.docxDigital personal data protection BILL.docx
Digital personal data protection BILL.docx
 
An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill An overview of the Indian Data Privacy Bill
An overview of the Indian Data Privacy Bill
 
An Indian Outline on Database Protection
An Indian Outline on Database ProtectionAn Indian Outline on Database Protection
An Indian Outline on Database Protection
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPR
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPR
 
Practical Guide to GDPR 2017
Practical Guide to GDPR 2017Practical Guide to GDPR 2017
Practical Guide to GDPR 2017
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019Feedback on Personal Data Protection Bill 2019
Feedback on Personal Data Protection Bill 2019
 
India's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road AheadIndia's Data Protection Law 2018- Future Road Ahead
India's Data Protection Law 2018- Future Road Ahead
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
DPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptxDPDP Made Easy PPT.pptx
DPDP Made Easy PPT.pptx
 
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWDIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
 
Managing Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentationManaging Data Protection guide powerpoint presentation
Managing Data Protection guide powerpoint presentation
 
Draft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal DataDraft Bill on the Protection of Personal Data
Draft Bill on the Protection of Personal Data
 

More from Economic Laws Practice

Maximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored SolutionsMaximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored SolutionsEconomic Laws Practice
 
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier HospitalityEconomic Laws Practice
 
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...Economic Laws Practice
 
COP28-Key-Takeaways-and-Implications.pdf
COP28-Key-Takeaways-and-Implications.pdfCOP28-Key-Takeaways-and-Implications.pdf
COP28-Key-Takeaways-and-Implications.pdfEconomic Laws Practice
 
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdf
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdfELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdf
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdfEconomic Laws Practice
 
Competition-Newsletter-Q3-of-2023-Final.pdf
Competition-Newsletter-Q3-of-2023-Final.pdfCompetition-Newsletter-Q3-of-2023-Final.pdf
Competition-Newsletter-Q3-of-2023-Final.pdfEconomic Laws Practice
 
BIS newsletter – September Edition.pdf
BIS newsletter – September Edition.pdfBIS newsletter – September Edition.pdf
BIS newsletter – September Edition.pdfEconomic Laws Practice
 
TradeWatch-Weekly-Bulletin-October-9-2023.pdf
TradeWatch-Weekly-Bulletin-October-9-2023.pdfTradeWatch-Weekly-Bulletin-October-9-2023.pdf
TradeWatch-Weekly-Bulletin-October-9-2023.pdfEconomic Laws Practice
 
TradeWatch-Weekly-Bulletin-September-25-2023.pdf
TradeWatch-Weekly-Bulletin-September-25-2023.pdfTradeWatch-Weekly-Bulletin-September-25-2023.pdf
TradeWatch-Weekly-Bulletin-September-25-2023.pdfEconomic Laws Practice
 
Business-Expenditure-The-Chamber-Journal.pdf
Business-Expenditure-The-Chamber-Journal.pdfBusiness-Expenditure-The-Chamber-Journal.pdf
Business-Expenditure-The-Chamber-Journal.pdfEconomic Laws Practice
 
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdf
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdfIMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdf
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdfEconomic Laws Practice
 
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...Economic Laws Practice
 
Indirect Tax Newsletter – July 2023.pdf
Indirect Tax Newsletter – July 2023.pdfIndirect Tax Newsletter – July 2023.pdf
Indirect Tax Newsletter – July 2023.pdfEconomic Laws Practice
 
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdf
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdfE-invoicing-Whether the relevant provisions of GST law require patchwork.pdf
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdfEconomic Laws Practice
 
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...Economic Laws Practice
 
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...SEBI tightens compliances and disclosures for listed entities - Amends LODR R...
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...Economic Laws Practice
 
TradeWatch-Weekly-Bulletin-May-22-2023.pdf
TradeWatch-Weekly-Bulletin-May-22-2023.pdfTradeWatch-Weekly-Bulletin-May-22-2023.pdf
TradeWatch-Weekly-Bulletin-May-22-2023.pdfEconomic Laws Practice
 

More from Economic Laws Practice (20)

Maximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored SolutionsMaximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
Maximizing Legal Compliance in Hospitality: ELP Law's Tailored Solutions
 
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
"Excellence in Hospitality Law: Economic Laws Practice - Premier Hospitality
 
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...
Efficient Tax Planning: Economic Laws Practice - Your Path to Financial Succe...
 
COP28-Key-Takeaways-and-Implications.pdf
COP28-Key-Takeaways-and-Implications.pdfCOP28-Key-Takeaways-and-Implications.pdf
COP28-Key-Takeaways-and-Implications.pdf
 
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdf
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdfELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdf
ELP-Tax-Alert-SC-ruling-on-MFN-clause-.pdf
 
Competition-Newsletter-Q3-of-2023-Final.pdf
Competition-Newsletter-Q3-of-2023-Final.pdfCompetition-Newsletter-Q3-of-2023-Final.pdf
Competition-Newsletter-Q3-of-2023-Final.pdf
 
Climate-newsletter.pdf
Climate-newsletter.pdfClimate-newsletter.pdf
Climate-newsletter.pdf
 
BIS newsletter – September Edition.pdf
BIS newsletter – September Edition.pdfBIS newsletter – September Edition.pdf
BIS newsletter – September Edition.pdf
 
TradeWatch-Weekly-Bulletin-October-9-2023.pdf
TradeWatch-Weekly-Bulletin-October-9-2023.pdfTradeWatch-Weekly-Bulletin-October-9-2023.pdf
TradeWatch-Weekly-Bulletin-October-9-2023.pdf
 
TradeWatch-Weekly-Bulletin-September-25-2023.pdf
TradeWatch-Weekly-Bulletin-September-25-2023.pdfTradeWatch-Weekly-Bulletin-September-25-2023.pdf
TradeWatch-Weekly-Bulletin-September-25-2023.pdf
 
Business-Expenditure-The-Chamber-Journal.pdf
Business-Expenditure-The-Chamber-Journal.pdfBusiness-Expenditure-The-Chamber-Journal.pdf
Business-Expenditure-The-Chamber-Journal.pdf
 
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdf
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdfIMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdf
IMPORTANT JUDGMENTS UNDER SARFAESI ACT, DRBT ACT & IBC.pdf
 
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...
SCOMET-Update-Amendment-to-Appendix-3-List-of-SCOMET-Items-to-Schedule-2-of-I...
 
Indirect Tax Newsletter – July 2023.pdf
Indirect Tax Newsletter – July 2023.pdfIndirect Tax Newsletter – July 2023.pdf
Indirect Tax Newsletter – July 2023.pdf
 
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdf
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdfE-invoicing-Whether the relevant provisions of GST law require patchwork.pdf
E-invoicing-Whether the relevant provisions of GST law require patchwork.pdf
 
FSR-Book-Final.pdf
FSR-Book-Final.pdfFSR-Book-Final.pdf
FSR-Book-Final.pdf
 
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...
MARKET ACCESS BARRIERS IN THE PHARMACEUTICAL SECTOR IN INDIA’S KEY EXPORT DES...
 
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...SEBI tightens compliances and disclosures for listed entities - Amends LODR R...
SEBI tightens compliances and disclosures for listed entities - Amends LODR R...
 
TradeWatch-Weekly-Bulletin-May-22-2023.pdf
TradeWatch-Weekly-Bulletin-May-22-2023.pdfTradeWatch-Weekly-Bulletin-May-22-2023.pdf
TradeWatch-Weekly-Bulletin-May-22-2023.pdf
 
ELP-IDT-Newsletter_April-2023_Final.pdf
ELP-IDT-Newsletter_April-2023_Final.pdfELP-IDT-Newsletter_April-2023_Final.pdf
ELP-IDT-Newsletter_April-2023_Final.pdf
 

Recently uploaded

DIGHA CALL GIRL 92628/1154 DIGHA CALL GI
DIGHA CALL GIRL 92628/1154 DIGHA CALL GIDIGHA CALL GIRL 92628/1154 DIGHA CALL GI
DIGHA CALL GIRL 92628/1154 DIGHA CALL GINiteshKumar82226
 
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.riyadelhic riyadelhic
 
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Availablenitugupta1209
 
Call Girls In Naraina (Delhi) +91-9667422720 Escorts Service
Call Girls In Naraina (Delhi) +91-9667422720 Escorts ServiceCall Girls In Naraina (Delhi) +91-9667422720 Escorts Service
Call Girls In Naraina (Delhi) +91-9667422720 Escorts ServiceLipikasharma29
 
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe NoidaCall Girls In Sector 94 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe NoidaDelhi Escorts Service
 
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...aakahthapa70
 
RAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CALRAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CALNiteshKumar82226
 
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579Best VIP Call Girls Noida Sector 23 Call Me: 8700611579
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579diyaspanoida
 
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNiteshKumar82226
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...aakahthapa70
 
JABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KJABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KNiteshKumar82226
 
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...Pooja Nehwal
 
KAKINADA CALL GIRL 92628/71154 KAKINADA C
KAKINADA CALL GIRL 92628/71154 KAKINADA CKAKINADA CALL GIRL 92628/71154 KAKINADA C
KAKINADA CALL GIRL 92628/71154 KAKINADA CNiteshKumar82226
 
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712Delhi Escorts Service
 
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...Delhi Escorts Service
 
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...aakahthapa70
 

Recently uploaded (20)

DIGHA CALL GIRL 92628/1154 DIGHA CALL GI
DIGHA CALL GIRL 92628/1154 DIGHA CALL GIDIGHA CALL GIRL 92628/1154 DIGHA CALL GI
DIGHA CALL GIRL 92628/1154 DIGHA CALL GI
 
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket DelhiCall Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
 
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.
Call Now ☎9870417354|| Call Girls in Dwarka Escort Service Delhi N.C.R.
 
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available
9811611494,Low Rate Call Girls In Connaught Place Delhi 24hrs Available
 
Independent Call Girl Service In Goa 9316020077 Call Girl In Goa By Goa ...
Independent Call Girl Service In Goa 9316020077 Call Girl In Goa By Goa ...Independent Call Girl Service In Goa 9316020077 Call Girl In Goa By Goa ...
Independent Call Girl Service In Goa 9316020077 Call Girl In Goa By Goa ...
 
Call Girls In Naraina (Delhi) +91-9667422720 Escorts Service
Call Girls In Naraina (Delhi) +91-9667422720 Escorts ServiceCall Girls In Naraina (Delhi) +91-9667422720 Escorts Service
Call Girls In Naraina (Delhi) +91-9667422720 Escorts Service
 
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe NoidaCall Girls In Sector 94 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 94 Noida 9711911712 Escorts ServiCe Noida
 
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
Call Girls In {{Connaught Place Delhi}}96679@38988 Indian Russian High Profil...
 
RAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CALRAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
RAJKOT CALL GIRLS 92628/71154 RAJKOT CAL
 
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579Best VIP Call Girls Noida Sector 23 Call Me: 8700611579
Best VIP Call Girls Noida Sector 23 Call Me: 8700611579
 
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
 
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
Call Girls In {{Laxmi Nagar Delhi}} 9667938988 Indian Russian High Profile Es...
 
JABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR KJABALPUR CALL GIRL 92628/71154 JABALPUR K
JABALPUR CALL GIRL 92628/71154 JABALPUR K
 
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...
Call US Pooja📞 9892124323 ✅Call Girls In Mira Road ( Mumbai ) secure service...
 
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
9953056974 Call Girls In Ashok Nagar, Escorts (Delhi) NCR.
 
KAKINADA CALL GIRL 92628/71154 KAKINADA C
KAKINADA CALL GIRL 92628/71154 KAKINADA CKAKINADA CALL GIRL 92628/71154 KAKINADA C
KAKINADA CALL GIRL 92628/71154 KAKINADA C
 
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 90, (Gurgaon) Call Us. 9711911712
 
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...
100% Real Call Girls In Hazrat Nizamuddin Railway Station Delhi | Just Call 9...
 
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
 
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up NightCall Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
Call Girls In Goa For Fun 9316020077 By Goa Call Girls For Pick Up Night
 

Overview of the Digital Personal Data Protection DPDP Bill 2023.pdf

  • 1. Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 1 Overview of the Digital Personal Data Protection (DPDP) Bill, 2023
  • 2. Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 2 OVERVIEW OF THE DIGITAL PERSONAL DATA PROTECTION (DPDP) BILL, 2023 On August 3, 2023, the Government of India, introduced the fifth iteration of India's proposed personal data protection legislation, i.e., the Digital Personal Data Protection Bill, 2023 (DPDP Bill) in Parliament. Previously, in December 2022, the Ministry of Electronics and Information Technology had released a draft version of the bill (2022 Draft), inviting public comments thereto. Once in force, the DPDP Bill aims to amend and omit some of the key provisions of the Information Technology Act, 2000 (IT Act) and provisions of the Right to Information Act 2005. Summarized below, in a Q&A format, is our note addressing some of the key issues that the 2023 version of the DPDP Bill addresses, as well as some key differences in comparison to the 2022 Draft. What is the legislative scope of the DPDP Bill? Applies: The DPDP Bill applies to personal data1 that is: collected within India (i) through an online mode; and (ii) offline mode but is then digitized; and collected outside India, if this processing is in connection with any activity relating to offering goods or services to data principals 2 within India. Does not apply: The DPDP Bill, presently, does not apply to (i) personal data processed by an individual for personal or domestic purpose; (ii) personal data made available publicly by the data principal himself, to whom such data relates; and if it is made publicly available under an obligation under any law. Notably, the list of data to which the DPDP Bill does not apply has been narrowed in the latest iteration of the Bill compared to the 2022 Draft. Exemptions: Additionally, the DPDP Bill exempts the application of certain provisions relating to the duties of data fiduciaries and the rights of data principals in certain scenarios. These include the investigation of offences, assessing the financial status of defaulters, processing of data of principals outside the territory of India pursuant to any contract by any person based in India. Are data principals required to be provided with prior notice for collection of their personal data? Yes, the DPDP Bill requires that data principals be provided with a notice in clear and plain language which describes the personal data that is sought to be collected, purpose of such collection, details of the way data principals may exercise their rights to withdraw consent and grievance redressal; and details on how data principals may file a complaint with the Data Protection Board (DPB). The notice by the data fiduciaries 3 , as per the DPDP Bill, is required to be either in English or any local Indian language specified under the Eighth Schedule to the Constitution of India (as understood by the data principal). The DPDP Bill also sets out a list of "legitimate uses" for which data may be processed without consent. As opposed to the 2022 Draft, the DPDP Bill does not use the terminology of "deemed consent". Legitimate uses include (i) when a user voluntarily shares her data and does not deny consent for the use of the same; (ii) for the State to perform its function under any law; (iii) court orders; (iv) medical emergency; (v) epidemics; (vi) disasters; (vii) employment. Notably, the DPDP no longer includes the grounds of "public interest" and "fair and reasonable" purpose that were contained in the 2022 Draft. Will the requirement to obtain consent from data principals be applicable retrospectively to cases where the personal data was already collected from data principals? Yes, the DPDP Bill states that the requirement to obtain consent in accordance with the DPDP Bill will be applicable retrospectively where, if data principals have provided their consent to the collection of their personal data prior to commencement [of the DPDP Act], then all data fiduciaries would be required to furnish a notice to such data principals setting out the description of personal data [already] collected from them and the purpose for which such personal data was processed. However, it is pertinent to note that presently, the DPDP Bill does not prescribe a 1 The DPDP Bill defines ‘personal data’ as any data about an individual who is identifiable by or in relation to such data 2 The DPDP Bill defines ‘data principals’ as the individual to whom the personal data relates and where such individual is a child includes the parents or lawful guardian of such a child 3 The DPDP Bill defines ‘data fiduciaries’ as entities determining the purpose and means of processing of personal data
  • 3. Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 3 timeline within which the data fiduciary is required to comply with the said requirement, but all it requires is that the same be obtained “as soon as reasonably practicable”. What are the obligations of data fiduciary(ies)under the DPDP Bill? The DPDP Bill, much like the 2022 Draft, sets out a specific provision listing all obligations of a data fiduciary and holds the data fiduciary ultimately responsible for processing personal data. The DPDP Bill further requires the data fiduciary(ies) to ensure that all reasonable safeguards are taken to prevent personal data breaches, including for any processing undertaken on its behalf by data processors4 . The DPDP Bill also sets out the concept of a ‘significant data fiduciary(es)’ based on the significant volume and sensitivity of personal data that will be collected by such data fiduciary including risk of harm to data principals. The DPDP Bill requires that such significant data fiduciary is required to comply with additional obligations such as appointment of a data protection officer residing in India, appointment of an independent data auditor, undertake data protection impact assessments and ensure compliance with other measures as may be prescribed. What are the obligations of data fiduciary(ies) when collecting personal data from children? The DPDP Bill states that in case personal data from individuals, who are less than 18 years of age, is proposed to be processed, then a prior verifiable parental consent (including consent of a guardian) shall be required to be obtained. The DPDP Bill also states that data fiduciaries are not permitted to undertake the processing of data which is likely to have a "detrimental impact" on the well-being of the child. This terminology is in contrast to the 2022 Bill which utilizes the concept of "harm". Data fiduciaries are also prohibited from engaging in tracking and behavioural monitoring of children or sending targeted advertisements directed at children. The DPDP Bill further expands on the 2022 Draft by introducing exemptions relating to the processing of the personal data of children. Upon satisfaction that the data processing by the data fiduciary is in a verifiably safe manner, the Central Government may exempt such data fiduciary from such obligations when processing data of children above a certain age (as may be notified). What are the obligations of data processors under the DPDP Bill? The DPDP Bill provides that data processors have a duty to protect personal data in their possession or control by taking reasonable security safeguards to prevent breaches. The DPDP Bill also mandates that data processors cease processing personal data on withdrawal of consent. Additionally, once the retention of the personal data is no longer necessary for compliance with any law, the data processor must erase any such personal data. Notably however, primary responsibility for reporting breaches as well as liability for failure to report is placed only on data fiduciaries as opposed to the 2022 Draft. Who has the authority to determine non-compliances and impose penalties under the legislation? The DPDP Bill proposes to establish the DPB5 , which will be an independent body corporate, operating digitally (to the extent possible)6 and be responsible for determining non-compliances under the legislation and imposing penalties. The DPDP Bill gives powers to the DPB to take actions (as prescribed under the DPDP Bill) on receipt of complaints. Compared to the 2022 Draft, the 2023 Bill provides further details concerning the composition of the DPB and membership criteria. The DPDP Bill also provides for an appellate mechanism in the form of an Appellate Tribunal7 i.e. the Telecom Disputes Settlement and Appellate Tribunal, which has the authority to review, repeal or reinforce the orders or directions of the DPB. Aggrieved individuals may approach the Appellate Tribunal within 6 months8 of receiving the DPB's orders or 4 The DPDP Bill defines ‘data processors’ as any person who processes personal data on behalf of a data fiduciary 5 Clause 18, Digital Personal Data Protection Bill, 2023. 6 Clause 28, Digital Personal Data Protection Bill, 2023. 7 Clause 29, Sub-Clause 1, Digital Personal Data Protection Bill, 2023. 8 Clause 29, Sub-Clause 2, Digital Personal Data Protection Bill, 2023.
  • 4. Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 4 directions. The Tribunal, in turn, shall endeavour to dispose the appeals within 6 months9 . The DPDP Bill clarifies that every order made by the Tribunal will be enforceable akin to a decree made by the civil court10 . Can personal data of data principal be transferred outside India? The DPDP Bill permits cross-border transfer of all personal data, however, the Central Government may notify countries and territories outside India wherein such transfer of personal data is restricted11 . The Bill also stipulates certain situations wherein the cross-border transfer of data may be mandated12 . This is in contrast to the 2022 Draft which permitted transfers only to notified countries and territories. In which case, does the DPDP Bill set out any provision(s) regarding data localization? The DPDP Bill continues to not contain any provisions relating to data localization. However, the provisions on cross- border transfer contained in the DPDP Bill would be subject to other laws governing data transfer in the country.13 Hence more stringent sectoral regulations, such as RBI regulations, will remain applicable, whereby, sectoral data localization is not entirely off the table. How different is the DPDP Bill from its 2022 version in respect of the provisions relating to cross border data transfer? Tabulated below is the comparison between the DPDP Bill and the 2022 version of the data protection bill in relation to cross-border data transfer clauses: S. No. Particulars DPDP Bill (2022)14 DPDP Bill (2023)15 1. 1. Nature of Personal Data allowed to be transferred across borders All personal data All personal data 2. 2. Countries to which cross- border transfer of personal data is permitted Countries or jurisdictions notified by the central government All countries and territories, unless notified otherwise by the Central Government 3. 3. Factors to be considered while notifying eligible countries or entities Any factors that the Central Government may consider necessary Unspecified . The shift from a "whitelist" to a “blacklist” approach in the 2023 Draft Data Protection Bill reflects a significant change in India’s policy on cross-border data transfers. However, the exact implementation and criteria for determining such restricted countries remain to be seen. 9 Clause 29, Sub-Clause 6, Digital Personal Data Protection Bill, 2023. 10 Clause 28, Sub-Clause 7, Digital Personal Data Protection Bill, 2023. 11 Clause 16, Digital Personal Data Protection Bill, 2023. 12 Clause 17, Digital Personal Data Protection Bill, 2023. 13 Clause 16, Sub-Clause 2, Digital Personal Data Protection Bill, 2023. 14 Clause 17, Draft Digital Data Protection Bill, 2023 15 Clause 16 , Draft Digital Data Protection Bill, 2023
  • 5. Data Privacy & Protection: Update August 2023 © Economic Laws Practice Page | 5 What are the penalties that are prescribed for non-compliance under the DPDP Bill? The penalties under the DPDP Bill range from up to INR 10,000 to up to INR 250 crores for different offences, with the maximum penalty being lower than the 2022 Draft. The DPDP Bill also sets out the factors that need to be considered while determining the penalty. Unlike the 2022 Draft it appears that only data fiduciaries will be subject to penalties. Notably, clause 37 of the DPDP Bill also empowers the Central Government to advise, in the interests of the general public, blocking access for the public to any information generated, transmitted, received, stored or hosted, in any computer resource that enables such Data Fiduciary to carry on any activity relating to offering of goods or services to data principals within the territory of India. Conclusion The DPDP Bill has undergone some key changes from its 2022 version. Amongst other changes, it provides comprehensive details on the powers and functions of the proposed Data Protection Board of India, provides the Central Government with blocking powers and introduces an appellate mechanism before the Telecom Disputes Settlement and Appellate Tribunal. Notably, the Bill also demonstrates India's business-friendly approach by adopting an open policy towards cross-border data transfers, unlike its previous iteration. Another significant aspect of the DPDP Bill is that it vests the Government with powers to create delegated legislation concerning various aspects of the Bill. This will bring further clarity on issues like the processes for reporting data breaches and other related matters. During the tabling of the Bill, Members of Parliament raised several concerns, including compensation for victims of breaches, protection of the fundamental right to privacy, and the absence of restrictions on government data processing. The Government now faces the task of addressing these questions. After discussion and passing in the Lok Sabha is completed, the Bill will then proceed to the Rajya Sabha for further consideration. Once enacted, the Digital Personal Data Protection Act is expected to be implemented in a staged manner We trust you will find this an interesting read. For any queries or comments on this update, please feel free to contact us at insights@elp-in.com or write to our authors: Sanjay Notani, Partner –SanjayNotani@elp-in.com ; Vinay Butani, Partner- VinayButani@elp-in.com ; Naghm Ghei, Principal Associate - NaghmGhei@elp-in.com; Akash Manwani, Associate- AkashManwani@elp-in.com Disclaimer: The information contained in this document is intended for informational purposes only and does not constitute legal opinion or advice