SlideShare a Scribd company logo
www.bestfitsolutions.in 1
nmds@bestfitsolutions.in
Feedback on The Draft Digital Personal Data Protection Bill,2022
submitted to MeitY
Nanda Mohan Shenoy D
CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in
EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empaneled CPE Trainer
Director
www.bestfitsolutions.in 2
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
STRUCTURAL ISSUES
www.bestfitsolutions.in 3
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A01
Rationale
1.The word individual is also used in the same Act with a different meaning and context which can be
confusing. Refer 6(2)(b)-(b) “itemised” means presented as a list of individual items
21(3) The Board may authorise conduct of proceedings relating to complaints, by individual Members or
groups of Members.
2.Standardise the wording aligned to international laws which is “Natural Person”
Existing Section
Word ‘Individual’ used in multiple places 15
occasions
Recommended Section
Replace ‘Individual’ with natural persons except in
clauses 6(2)(b)-(b) & 21(3)
Chapter No Clause No
1 Preamble 2(3),2(6),2(8),2(12),2(13),3(3),4(3)(c),4(3)(d)
2 8(4),8(5),8(6),11(2),15,19(3),30(2)
www.bestfitsolutions.in 4
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A02
Rationale
Harm does not include mental harm and is restricted to bodily harm.
Existing Section
“harm”, in relation to a Data Principal, means -
a. any bodily harm; or
b. distortion or theft of identity; or
c. harassment; or
d. prevention of lawful gain or causation of
significant loss;
Recommended Section
“harm”, in relation to a Data Principal, means -
a. any bodily harm or mental harm; or
b. distortion or theft of identity; or
c. harassment; or
d. prevention of lawful gain or causation of
significant loss;
Chapter No Clause No
1 2(10)
www.bestfitsolutions.in 5
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A03
Rationale
Sec 30 is as follows:
(1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner:
(a) section 43A of the IT Act shall be omitted.
Sensitive Personal Data has been for a while and needs to continue as it requires additional protection
Existing Section
Definition of Sensitive personal data is
missing
Recommended Section
“Sensitive Personal data” means personal data
which needs additional safeguards and shall be
as prescribed.
Chapter No Clause No
1 2
www.bestfitsolutions.in 6
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A04
Rationale
The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act 2000
Sec 4 has already mentioned what is writing. For clarity purpose add that definition.
Alternatively substitute “for reasons to be recorded in writing” with “ for reasons to be recorded and
communicated “
Existing Section
Definition of writing needs to be introduced
Recommended Section
"in writing" shall include communication in
electronic form as defined in clause (r) of sub-
section (1) of section 2 of the Information
Technology Act, 2000 read along with Sec 4
Chapter No Clause No
1 2
www.bestfitsolutions.in 7
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A05
Rationale
Bad in law. Not a legal term. Already this is covered in the General Clauses Act 1897 13 A of
Section13. Gender and number. —In all [Central Acts] and Regulations, unless there is anything
repugnant in the subject or context, —
(1) words importing the masculine gender shall be taken to include females; and
(2) words in the singular shall include the plural, and vice versa.
This is contradictory and can be challenged in court and will also restrict it to her
Existing Section
(3) the pronouns “her” and “she” have been used
for an individual, irrespective of gender.
Recommended Section
1. Delete the sub section :
(3) the pronouns “her” and “she” have been
used for an individual, irrespective of gender.
2. All ‘her’ to be replaced by ‘him’ 44
instances
Chapter No Clause No
1 3(3)
www.bestfitsolutions.in 8
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A06
Rationale
The jargons must be standardised Standardisation. Move this section to definitions at the
appropriate place
Existing Section
For the purpose of this sub-section, “profiling”
means any form of processing of personal data
that analyses or predicts aspects concerning the
behaviour, attributes, or interests of a Data
Principal.
Recommended Section
Move the clause as it is to definitions
Chapter No Clause No
1 4(2)(3)
www.bestfitsolutions.in 9
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A07
Rationale
No clarity
1. Personal data is already defined as that of ‘an individual’ in sec 2 and again repeating is redundant
and bad in law
2. Whether it is applicable to physical record or an electronic record.
3. 100 years from when is not mentioned .is it on revolving basis
4. The construction of the sentence itself is not understandable to common man. Need to rephrase.
5. Also explore the possibility of shifting entire 4(3) related to Applicability to the schedule so that there
is flexibility in adding additional as and when required. The IT Act 2000 schedule one is very clear .It
should be in similar lines
Existing Section
personal data about an individual that is
contained in a record that has been in existence
for at least 100 years.
Recommended Section
personal data in the form of an electronic record
which is more than 100 years old ,on a rolling
basis.
Chapter No Clause No
1 4(3)(d)
www.bestfitsolutions.in 10
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A08
Rationale
1. There is lot of difference between colloquial language and written language. The wordings must be changed.
2. “Itemised” does not have clarity
3. The Data Protection Officer and other details clause 7(3) must be shifted here as it should be logically part of
the notice and not consent. Hence the clause shifted here
Existing Section
On or before requesting a Data Principal for her
consent, a Data Fiduciary shall give to the Data
Principal an itemised notice in clear and plain
language containing a description of personal data
sought to be collected by the Data Fiduciary and
the purpose of processing of such personal data.
Recommended Section
(1) On or before requesting a Data Principal for her
consent, a Data Fiduciary shall give to the Data
Principal an itemised notice in clear and simple
language containing a description of personal data
sought to be collected by the Data Fiduciary and
the purpose of processing of such personal data.
(a) “itemised” means presented as a list of individual
items grouped topic wise and serially numbered.
(2) The notice shall contain the contact details of a Data
Protection Officer, where applicable, or of any other person
authorised by the Data Fiduciary to respond to any
communication from the Data Principal for the purpose of
exercise of her rights under the provisions of this Act
Chapter No Clause No
2 6(1)
www.bestfitsolutions.in 11
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A09
Rationale
.“In the same document” is not transparency. It needs to be communicated to the
customer. The objective of transparency is not achieved. It could be tricky as data
principal will not have a copy of the notice.
Existing Section
“notice” can be a separate document, or an
electronic form, or a part of the same
document in or through which personal data
is sought to be collected, or in such other
form as may be prescribed.
Recommended Section
“notice” can be in physical form or electronic
form a separate document, or an electronic
form, or a part of the same document in or
through which personal data is sought to be
collected, or in such other form and shall be
communicated to the Data Principal as may
be prescribed.
Chapter No Clause No
2 6 (2)(a)
www.bestfitsolutions.in 12
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A10
Rationale
1. We are talking about digital India and on the other hand talking about photocopies. This
illustration must be redrafted.
2. Refer Point A09 above for deletion of the last sentence
Existing Section
Illustration: ‘A’ contacts a bank to open a regular
savings account. The bank asks ‘A’ to furnish
photocopies of proof of address and identity for
KYC formalities. Before collecting the
photocopies, the bank should give notice to ‘A’
stating that the purpose of obtaining the
photocopies is completion of KYC formalities. The
notice need not be a separate document. It can
be printed on the form used for opening the
savings bank account.
Recommended Section
Illustration: ‘A’ contacts a bank to open a
regular savings account. The bank asks ‘A’ to
furnish photocopies of proof of address and
identity for KYC formalities. Before collecting the
proof photocopies, the bank should give notice
to ‘A’ stating that the purpose of obtaining the
photocopies proof is for completion of KYC
formalities and is a legal requirement. The
notice need not be a separate document. It can
be printed on the form used for opening the
savings bank account.
Chapter No Clause No
2 6(2)
www.bestfitsolutions.in 13
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A11
Rationale
1. There is lot of difference between colloquial language and written language. The word ‘plain’ must be
changed.
2. The Data Protection Officer and other details in clause 7(3) must be shifted to Clause 6(1) as it should be
logically part of the notice and not consent.
3. The sections must be standardised. In Section 6 the local language clause is a separate sub section
whereas in 7 is it not hence converted to sub section.
Existing Section
Every request for consent under the provisions of this Act
shall be presented to the Data Principal in a clear and plain
language, along with the contact details of a Data Protection
Officer, where applicable, or of any other person authorised
by the Data Fiduciary to respond to any communication from
the Data Principal for the purpose of exercise of her rights
under the provisions of this Act. The Data Fiduciary shall
give to the Data Principal the option to access such request
for consent in English or any language specified in the
Eighth Schedule to the Constitution of India.
Recommended Section
Every request for consent under the provisions of this Act
shall be presented to the Data Principal in a clear and
simple language, along with the contact details of a Data
Protection Officer, where applicable, or of any other person
authorised by the Data Fiduciary to respond to any
communication from the Data Principal for the purpose of
exercise of her rights under the provisions of this Act.
(4) The Data Fiduciary shall give to the Data Principal the
option to access such request for consent in English or any
language specified in the Eighth Schedule to the
Constitution of India.
Chapter No Clause No
2 7(3)
www.bestfitsolutions.in 14
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A12
Rationale
Bad in law. The word public interest is already defined in 2(18). This is directly contradicting that
definition.
Credit scoring cannot be public interest. Also, public interest is covered specifically in 8(9)(c)
which further adds to the confusion. The public interest word has to be replaced by a better
word to avoid confusion.
Earlier bill used the clause “Reasonable Purposes”
Existing Section
in public interest, including for:
(a) prevention and detection of fraud;
(b) mergers, acquisitions, any other similar combinations,
or corporate restructuring transactions in accordance with
the provisions of applicable laws;
(c) network and information security;
(d) credit scoring;
(e) operation of search engines for processing of publicly
available personal data;
(f) processing of publicly available personal data; and
(g) recovery of debt;
Recommended Section
in the following circumstances, including for:
(a) prevention and detection of fraud;
(b) mergers, acquisitions, any other similar
combinations, or corporate restructuring transactions
in accordance with the provisions of applicable laws;
(c) network and information security;
(d) credit scoring;
(e) operation of search engines for processing of
publicly available personal data;
(f) processing of publicly available personal data; and
(g) recovery of debt;
Chapter No Clause No
2 8(8)
www.bestfitsolutions.in 15
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A13
Rationale
Reasonable security safe guards are very open. No bench mark etc. It can be prescribed by the
authority or by rules., hence the clause “as may be prescribed” to be added.
Existing Section
Every Data Fiduciary and Data Processor
shall protect personal data in its possession
or under its control by taking reasonable
security safeguards to prevent personal data
breach.
Chapter No Clause No
2 9(4) & Schedule 1(1)
Recommended Section
1.Every Data Fiduciary and Data Processor
shall protect personal data in its possession or
under its control by taking reasonable security
safeguards to prevent personal data breach as
may be prescribed
2. The schedule 1(1) also needs to have the
clause “ as may be prescribed”
www.bestfitsolutions.in 16
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A14
Rationale
Independent auditor qualifications, competence etc needs to be defined so “as may be
prescribed” to be added
Existing Section
appoint an Independent Data Auditor who
shall evaluate the compliance of the
Significant Data Fiduciary with provisions of
this Act; and
Chapter No Clause No
2 9(4)
Recommended Section
appoint an Independent Data Auditor, who shall
evaluate the compliance of the Significant Data
Fiduciary with provisions of this Act; and
For the purpose of this section, “Data Auditor”
shall have the necessary qualifications,
competence and independence as may be
prescribed.
www.bestfitsolutions.in 17
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A15
Rationale
How can one data fiduciary show the data of another data fiduciary unless it is a consent manager?
Ambiguous clause.
For example, if I open an account with Bank A, how can Bank B with whom I don’t have any relation , be able
to show the details with another fiduciary?
This can happen only with Consent Manager. It should be a typo error. As a Data Principal, I would like to
know with which all data processers I am sharing my data
Existing Section
The Data Principal shall have the right to
obtain from the Data Fiduciary:
(3) in one place, the identities of all the Data
Fiduciaries with whom the personal data
has been shared along with the categories
of personal data so shared; and
Chapter No Clause No
3 12(3)
Recommended Section
The Data Principal shall have the right to obtain
from the Data Fiduciary:
(3) in one place, the identities of all the Data
Fiduciaries or Data Processors with whom the
personal data has been shared along with the
categories of personal data so shared; and
www.bestfitsolutions.in 18
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A16
Rationale
Typo error and subject to gross misinterpretation. English to be changed and separate sub
section for erasure.Correction is different from erasure
Existing Section
(2) A Data Fiduciary shall, upon receiving a request
for such correction and erasure from a Data
Principal:
(a) correct a Data Principal’s inaccurate or
misleading personal data;
(b) complete a Data Principal’s incomplete personal
data;
(c) update a Data Principal’s personal data;
(d) erase the personal data of a Data Principal that is
no longer necessary for the purpose for which it was
processed unless retention is necessary for a legal
purpose.
Chapter No Clause No
3 13(2)
Recommended Section
2) A Data Fiduciary shall, upon receiving a request for such
correction and erasure from a Data Principal:
(a) correct a Data Principal’s inaccurate or misleading personal
data;
(b) complete a Data Principal’s incomplete personal data;
(c) update a Data Principal’s personal data;
(d)erase the personal data of a Data Principal that is no longer
necessary for the purpose for which it was processed unless
retention is necessary for a legal purpose.
(2) A Data Fiduciary shall, upon receiving a request for erasure
from a Data Principal shall erase the data of the data principal
that is no longer necessary for the purpose for which it was
processed unless retention is necessary for a legal purpose. In
case the data principal is unable to erase the same due to legal
reasons the same shall be communicated back to the Data
Principal
www.bestfitsolutions.in 19
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A17
Rationale
The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT
Act Sec 4 has already mentioned what is writing. For clarity purpose add that definition.
Alternately introduce the definition “in writing “as mentioned above already as per the IT Act
Refer Point A04 above.
Existing Section
for reasons to be recorded in writing
Chapter No Clause No
5 20(2),21(2),(4),(5) & (11),22(1)
Recommended Section
“for reasons to be recorded and
communicated”.
www.bestfitsolutions.in 20
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A18
Rationale
The Bill is only talking about the penalties which will go to a specific fund of Data Protection
authority.
The bill talks about only penalty. Where is the compensation due, as a result of the harm or
loss to the Data Principal? It is totally silent on the same. In case of the IT Act, it was
introduced in 2008. This is very important.
Existing Section
Penalties
Chapter No Clause No
5 25
Recommended Section
Add the relevant Compensation clause
accordingly
www.bestfitsolutions.in 21
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A19
Rationale
Deleting this section without any new clause on sensitive personal data is going to be
dangerous. Personal data needs to be classified as sensitive for certain classes of data.
Sensitive data needs additional protection and penalty for breach of this data needs additional
penalty. Similarly, privacy policy and many other aspects are important
Existing Section
1) The Information Technology Act, 2000 (“IT
Act”) shall be amended in the following
manner:
(a) section 43A of the IT Act shall be omitted;
Chapter No Clause No
6 30(1)(a)
Recommended Section
The following sections must be reworked to
include sensitive data :
Sec 17 -Transfer of data
Sec 9(4)
www.bestfitsolutions.in 22
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A20
Rationale
Linked to the modification in Sec 9(4)
Existing Section
Failure of Data Processor or Data Fiduciary
to take reasonable security safeguards to
prevent personal data breach under sub-
section (4) of section 9 of this Act
Schedule Clause No
1 (1)
Recommended Section
Failure of Data Processor or Data Fiduciary to
take reasonable security safeguards, as may
be prescribed, to prevent personal data breach
under sub-section (4) of section 9 of this Act
www.bestfitsolutions.in 23
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
LANGUAGE ISSUES
www.bestfitsolutions.in 24
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B01
Rationale
Child is already defined by clause 2(3) as
(3) “child” means an individual who has not completed eighteen years of age ?
The word individual should not be repeated
English language framing.
Existing Section
“Data Principal” means the individual to
whom the personal data relates and
where such individual is a child includes
the parents or lawful guardian of such a
child
Chapter No Clause No
1 2(6)
Recommended Section
“Data Principal” means the individual to
whom the personal data relates and in
case of child it shall include the parents or
lawful guardian of such a child.
www.bestfitsolutions.in 25
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B02
Rationale
Typo error. How can false statements be fact ?
Existing Section
“public interest” means in the interest of any
of the following:
(a) sovereignty and integrity of India;
b. security of the State;
c. friendly relations with foreign States;
d. maintenance of public order;
e. preventing incitement to the commission of
any cognizable offence relating to the
preceding sub-clauses; and
f. preventing dissemination of false
statements of fact.
Chapter No Clause No
1 2(18)(f)
Recommended Section
“public interest” means in the interest of any of
the following:
(a) sovereignty and integrity of India;
b. security of the State;
c. friendly relations with foreign States;
d. maintenance of public order;
e. preventing incitement to the commission of
any cognizable offence relating to the
preceding sub-clauses; and
f. preventing dissemination of false statements
or fact.
www.bestfitsolutions.in 26
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B03
Rationale
1.Typo/Spelling mistake as per Indian English it is “digitized”
2. In order to align with the IT Act change the statement. IT Act does not use the
jargon digitized. The correct word shall be electronic record.
Existing Section
(1) The provisions of this Act shall apply
to the processing of digital personal data
within the territory of India where:
(b)such personal data collected offline,
is digitized
Chapter No Clause No
1 4(1)(b)
Recommended Section
(1) The provisions of this Act shall apply to
the processing of digital personal data
within the territory of India where:
(b) such personal data collected in Non
electronic form/Physical Form is
converted to an electronic record.
Interpretation: Electronic Record is
defined in sec 2(t) of the information
technology Act 2000
www.bestfitsolutions.in 27
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B04
Rationale
Offline data is not written English it is colloquial English. As mentioned in Point A04
above, in order to align to IT Act ‘electronic record ‘can make life simpler for everybody.
By this one-word non- automated processing is also covered and need not be mentioned
explicitly.
Offline can be subject to interpretation.
Existing Section
(3) The provisions of this Act shall not
apply to:
(a) non-automated processing of
personal data;
(b) offline personal data;
Chapter No Clause No
1 4(3)(a) & 4(3)(b)
Recommended Section
(3) The provisions of this Act shall not
apply to:
(a) personal data in the form of a non-
electronic record.
Explanation : Electronic Record is as
defined in Sec 2(t) of Information
Technology Act 2000
www.bestfitsolutions.in 28
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B05
Rationale
There is lot of difference between colloquial language and written language. The wordings
must be changed
Existing Section
Where a Data Principal has given her
consent to the processing of her personal
data before the commencement of this Act,
the Data Fiduciary must give to the Data
Principal an itemised notice in clear and plain
language containing a description of personal
data of the Data Principal collected by the
Data Fiduciary and the purpose for which
such personal data has been processed, as
soon as it is reasonably practicable
Chapter No Clause No
2 6(2)
Recommended Section
Where a Data Principal has already given her
consent to the processing of her personal data
before the commencement of this Act, the Data
Fiduciary must give to the Data Principal an
itemised notice in clear and simple language
containing a description of personal data of the
Data Principal collected by the Data Fiduciary
and the purpose for which such personal data
has been processed, as soon as it is
reasonably practicable
www.bestfitsolutions.in 29
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B06
Rationale
English and standardisation
Existing Section
(2)Failure to notify the Board and
affected Data Principals in the event of
a personal data breach, under sub-
section (5) of section 9 of this Act
(3)Non-fulfilment of additional
obligations in relation to Children; under
section 10 of this Act.
(5)Non-compliance with section 16 of
this Act
Schedule No Clause No
1 (2),(3),(5)
Recommended Section
(2)Failure of Data Processor or Data
Fiduciary to notify the Board and affected
Data Principals in the event of a personal
data breach, under sub-section (5) of
section 9 of this Act.
(3)Non-fulfilment of additional obligations
by Data Fiduciary in relation to Children;
under section 10 of this Act.
(5) Non-compliance with section 16 of this
Act by the Data Principal

More Related Content

Similar to Digitial Personal Data Bill 2022 feedback

Answer the Below Question. APA format. 300 words.Textbook .docx
Answer the Below Question. APA format. 300 words.Textbook  .docxAnswer the Below Question. APA format. 300 words.Textbook  .docx
Answer the Below Question. APA format. 300 words.Textbook .docx
nolanalgernon
 
Data Protection: Process Information
Data Protection: Process InformationData Protection: Process Information
Data Protection: Process Information
Cristina Villavicencio
 
Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryption
NeoCertified
 
Capturing Data Requirements
Capturing Data RequirementsCapturing Data Requirements
Capturing Data Requirements
mcomtraining
 
Cjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -nsCjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -ns
Doug Ballee, PMP
 
AI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A GlanceAI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A Glance
Alex G. Lee, Ph.D. Esq. CLP
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Ltd
 
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
vivekkaushik795
 
Jim Barton
Jim BartonJim Barton
Jim Barton
Susan Cox
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr  css non-confidential slide deck2016 01-05 csr  css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
Richard (Dick) Kaufman
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
accacloud
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
jo bitonio
 
The New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie ComplianceThe New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie Compliance
Lewis Silkin
 
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A GlanceAI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
Alex G. Lee, Ph.D. Esq. CLP
 
How to start a E-commerce Business/ppt
How to start a   E-commerce Business/pptHow to start a   E-commerce Business/ppt
How to start a E-commerce Business/ppt
shailukushwah786
 
115 By Robert Smallwood with Randy Kahn,Esq. , and .docx
115  By Robert Smallwood with Randy   Kahn,Esq.   , and .docx115  By Robert Smallwood with Randy   Kahn,Esq.   , and .docx
115 By Robert Smallwood with Randy Kahn,Esq. , and .docx
drennanmicah
 
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyDo You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
ButlerRubin
 
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.comCmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
ULLPTT
 
IT Act 2000 & IT Act 2008
IT Act 2000 & IT Act 2008IT Act 2000 & IT Act 2008

Similar to Digitial Personal Data Bill 2022 feedback (20)

Answer the Below Question. APA format. 300 words.Textbook .docx
Answer the Below Question. APA format. 300 words.Textbook  .docxAnswer the Below Question. APA format. 300 words.Textbook  .docx
Answer the Below Question. APA format. 300 words.Textbook .docx
 
Data Protection: Process Information
Data Protection: Process InformationData Protection: Process Information
Data Protection: Process Information
 
Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryption
 
Capturing Data Requirements
Capturing Data RequirementsCapturing Data Requirements
Capturing Data Requirements
 
Cjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -nsCjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -ns
 
AI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A GlanceAI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A Glance
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
 
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
 
Jim Barton
Jim BartonJim Barton
Jim Barton
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr  css non-confidential slide deck2016 01-05 csr  css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
The New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie ComplianceThe New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie Compliance
 
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A GlanceAI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
 
How to start a E-commerce Business/ppt
How to start a   E-commerce Business/pptHow to start a   E-commerce Business/ppt
How to start a E-commerce Business/ppt
 
115 By Robert Smallwood with Randy Kahn,Esq. , and .docx
115  By Robert Smallwood with Randy   Kahn,Esq.   , and .docx115  By Robert Smallwood with Randy   Kahn,Esq.   , and .docx
115 By Robert Smallwood with Randy Kahn,Esq. , and .docx
 
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & PrivacyDo You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
Do You Wannacry: Your Ethical and Legal Duties Regarding Cybersecurity & Privacy
 
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.comCmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
Cmgt 554 cmgt554 cmgt 554 forecasting and strategic planning -uopstudy.com
 
IT Act 2000 & IT Act 2008
IT Act 2000 & IT Act 2008IT Act 2000 & IT Act 2008
IT Act 2000 & IT Act 2008
 

More from Nanda Mohan Shenoy

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
Nanda Mohan Shenoy
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
Nanda Mohan Shenoy
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
Nanda Mohan Shenoy
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
Nanda Mohan Shenoy
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
Nanda Mohan Shenoy
 
F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6
Nanda Mohan Shenoy
 

More from Nanda Mohan Shenoy (20)

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
 
F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6
 

Recently uploaded

Law-Commission-Report-267-on-Hate-Speech.pdf
Law-Commission-Report-267-on-Hate-Speech.pdfLaw-Commission-Report-267-on-Hate-Speech.pdf
Law-Commission-Report-267-on-Hate-Speech.pdf
bhavenpr
 
Here's the Latest Todd Rokita Grievance That was Filed
Here's the Latest Todd Rokita Grievance  That was FiledHere's the Latest Todd Rokita Grievance  That was Filed
Here's the Latest Todd Rokita Grievance That was Filed
Abdul-Hakim Shabazz
 
Hindu Marriage Act hhhjjdsruog, 1955.pdf
Hindu Marriage Act hhhjjdsruog, 1955.pdfHindu Marriage Act hhhjjdsruog, 1955.pdf
Hindu Marriage Act hhhjjdsruog, 1955.pdf
mayurpandit108
 
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdfMd_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
bhavenpr
 
Court Fee Punjab Haryana High Court Chandigarh
Court Fee Punjab Haryana High Court ChandigarhCourt Fee Punjab Haryana High Court Chandigarh
Court Fee Punjab Haryana High Court Chandigarh
Satish Mishra LegalSeva
 
ArtEZ biyezheng degree offer diploma Transcript
ArtEZ biyezheng degree offer diploma TranscriptArtEZ biyezheng degree offer diploma Transcript
ArtEZ biyezheng degree offer diploma Transcript
qpeqmso
 
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
Dr. Oliver Massmann
 
Internal Audit report 80-81 Third Quarter Final.docx
Internal Audit report 80-81 Third Quarter Final.docxInternal Audit report 80-81 Third Quarter Final.docx
Internal Audit report 80-81 Third Quarter Final.docx
NIRAJANSHAHI2
 
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdfbharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
ayushikhemani01
 
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
SunilVethody2
 
Westminster degree offer diploma Transcript
Westminster degree offer diploma TranscriptWestminster degree offer diploma Transcript
Westminster degree offer diploma Transcript
pehqgou
 
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie LondonDallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
ReggieLondon Lawyer
 
California Baptist University degree Cert diploma offer
California Baptist University degree Cert diploma offerCalifornia Baptist University degree Cert diploma offer
California Baptist University degree Cert diploma offer
epqyxu
 
Untitled document criminal history page.pdf
Untitled document criminal history page.pdfUntitled document criminal history page.pdf
Untitled document criminal history page.pdf
braydenstoch777
 
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
Bayu Triaswara
 
Wintec biyezheng degree offer diploma Transcript
Wintec biyezheng degree offer diploma TranscriptWintec biyezheng degree offer diploma Transcript
Wintec biyezheng degree offer diploma Transcript
qpeqmso
 
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
Paisley Law LLC
 
UNTEC biyezheng degree offer diploma Transcript
UNTEC biyezheng degree offer diploma TranscriptUNTEC biyezheng degree offer diploma Transcript
UNTEC biyezheng degree offer diploma Transcript
qpeqmso
 
RUG biyezheng degree offer diploma Transcript
RUG biyezheng degree offer diploma TranscriptRUG biyezheng degree offer diploma Transcript
RUG biyezheng degree offer diploma Transcript
qpeqmso
 
BCU degree offer diploma Transcript
BCU degree offer diploma TranscriptBCU degree offer diploma Transcript
BCU degree offer diploma Transcript
pehqgou
 

Recently uploaded (20)

Law-Commission-Report-267-on-Hate-Speech.pdf
Law-Commission-Report-267-on-Hate-Speech.pdfLaw-Commission-Report-267-on-Hate-Speech.pdf
Law-Commission-Report-267-on-Hate-Speech.pdf
 
Here's the Latest Todd Rokita Grievance That was Filed
Here's the Latest Todd Rokita Grievance  That was FiledHere's the Latest Todd Rokita Grievance  That was Filed
Here's the Latest Todd Rokita Grievance That was Filed
 
Hindu Marriage Act hhhjjdsruog, 1955.pdf
Hindu Marriage Act hhhjjdsruog, 1955.pdfHindu Marriage Act hhhjjdsruog, 1955.pdf
Hindu Marriage Act hhhjjdsruog, 1955.pdf
 
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdfMd_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
Md_Rahim_Ali_v_State_of_Assam_and_ors-1.pdf
 
Court Fee Punjab Haryana High Court Chandigarh
Court Fee Punjab Haryana High Court ChandigarhCourt Fee Punjab Haryana High Court Chandigarh
Court Fee Punjab Haryana High Court Chandigarh
 
ArtEZ biyezheng degree offer diploma Transcript
ArtEZ biyezheng degree offer diploma TranscriptArtEZ biyezheng degree offer diploma Transcript
ArtEZ biyezheng degree offer diploma Transcript
 
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
 
Internal Audit report 80-81 Third Quarter Final.docx
Internal Audit report 80-81 Third Quarter Final.docxInternal Audit report 80-81 Third Quarter Final.docx
Internal Audit report 80-81 Third Quarter Final.docx
 
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdfbharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
bharatiya-nagarik-suraksha-sanhita-crpc-98066507 (1).pdf
 
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
Bindu Vethody is Committed to Protecting the Rights of Individuals and Ensuri...
 
Westminster degree offer diploma Transcript
Westminster degree offer diploma TranscriptWestminster degree offer diploma Transcript
Westminster degree offer diploma Transcript
 
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie LondonDallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
 
California Baptist University degree Cert diploma offer
California Baptist University degree Cert diploma offerCalifornia Baptist University degree Cert diploma offer
California Baptist University degree Cert diploma offer
 
Untitled document criminal history page.pdf
Untitled document criminal history page.pdfUntitled document criminal history page.pdf
Untitled document criminal history page.pdf
 
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
Bayu triaswara : Whats is Federal Court of Australia, New South Wales Registr...
 
Wintec biyezheng degree offer diploma Transcript
Wintec biyezheng degree offer diploma TranscriptWintec biyezheng degree offer diploma Transcript
Wintec biyezheng degree offer diploma Transcript
 
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
PERSONAL INJURY LAW: EVERYTHING YOU NEED TO KNOW IN 2024
 
UNTEC biyezheng degree offer diploma Transcript
UNTEC biyezheng degree offer diploma TranscriptUNTEC biyezheng degree offer diploma Transcript
UNTEC biyezheng degree offer diploma Transcript
 
RUG biyezheng degree offer diploma Transcript
RUG biyezheng degree offer diploma TranscriptRUG biyezheng degree offer diploma Transcript
RUG biyezheng degree offer diploma Transcript
 
BCU degree offer diploma Transcript
BCU degree offer diploma TranscriptBCU degree offer diploma Transcript
BCU degree offer diploma Transcript
 

Digitial Personal Data Bill 2022 feedback

  • 1. www.bestfitsolutions.in 1 nmds@bestfitsolutions.in Feedback on The Draft Digital Personal Data Protection Bill,2022 submitted to MeitY Nanda Mohan Shenoy D CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empaneled CPE Trainer Director
  • 2. www.bestfitsolutions.in 2 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB STRUCTURAL ISSUES
  • 3. www.bestfitsolutions.in 3 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A01 Rationale 1.The word individual is also used in the same Act with a different meaning and context which can be confusing. Refer 6(2)(b)-(b) “itemised” means presented as a list of individual items 21(3) The Board may authorise conduct of proceedings relating to complaints, by individual Members or groups of Members. 2.Standardise the wording aligned to international laws which is “Natural Person” Existing Section Word ‘Individual’ used in multiple places 15 occasions Recommended Section Replace ‘Individual’ with natural persons except in clauses 6(2)(b)-(b) & 21(3) Chapter No Clause No 1 Preamble 2(3),2(6),2(8),2(12),2(13),3(3),4(3)(c),4(3)(d) 2 8(4),8(5),8(6),11(2),15,19(3),30(2)
  • 4. www.bestfitsolutions.in 4 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A02 Rationale Harm does not include mental harm and is restricted to bodily harm. Existing Section “harm”, in relation to a Data Principal, means - a. any bodily harm; or b. distortion or theft of identity; or c. harassment; or d. prevention of lawful gain or causation of significant loss; Recommended Section “harm”, in relation to a Data Principal, means - a. any bodily harm or mental harm; or b. distortion or theft of identity; or c. harassment; or d. prevention of lawful gain or causation of significant loss; Chapter No Clause No 1 2(10)
  • 5. www.bestfitsolutions.in 5 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A03 Rationale Sec 30 is as follows: (1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner: (a) section 43A of the IT Act shall be omitted. Sensitive Personal Data has been for a while and needs to continue as it requires additional protection Existing Section Definition of Sensitive personal data is missing Recommended Section “Sensitive Personal data” means personal data which needs additional safeguards and shall be as prescribed. Chapter No Clause No 1 2
  • 6. www.bestfitsolutions.in 6 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A04 Rationale The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act 2000 Sec 4 has already mentioned what is writing. For clarity purpose add that definition. Alternatively substitute “for reasons to be recorded in writing” with “ for reasons to be recorded and communicated “ Existing Section Definition of writing needs to be introduced Recommended Section "in writing" shall include communication in electronic form as defined in clause (r) of sub- section (1) of section 2 of the Information Technology Act, 2000 read along with Sec 4 Chapter No Clause No 1 2
  • 7. www.bestfitsolutions.in 7 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A05 Rationale Bad in law. Not a legal term. Already this is covered in the General Clauses Act 1897 13 A of Section13. Gender and number. —In all [Central Acts] and Regulations, unless there is anything repugnant in the subject or context, — (1) words importing the masculine gender shall be taken to include females; and (2) words in the singular shall include the plural, and vice versa. This is contradictory and can be challenged in court and will also restrict it to her Existing Section (3) the pronouns “her” and “she” have been used for an individual, irrespective of gender. Recommended Section 1. Delete the sub section : (3) the pronouns “her” and “she” have been used for an individual, irrespective of gender. 2. All ‘her’ to be replaced by ‘him’ 44 instances Chapter No Clause No 1 3(3)
  • 8. www.bestfitsolutions.in 8 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A06 Rationale The jargons must be standardised Standardisation. Move this section to definitions at the appropriate place Existing Section For the purpose of this sub-section, “profiling” means any form of processing of personal data that analyses or predicts aspects concerning the behaviour, attributes, or interests of a Data Principal. Recommended Section Move the clause as it is to definitions Chapter No Clause No 1 4(2)(3)
  • 9. www.bestfitsolutions.in 9 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A07 Rationale No clarity 1. Personal data is already defined as that of ‘an individual’ in sec 2 and again repeating is redundant and bad in law 2. Whether it is applicable to physical record or an electronic record. 3. 100 years from when is not mentioned .is it on revolving basis 4. The construction of the sentence itself is not understandable to common man. Need to rephrase. 5. Also explore the possibility of shifting entire 4(3) related to Applicability to the schedule so that there is flexibility in adding additional as and when required. The IT Act 2000 schedule one is very clear .It should be in similar lines Existing Section personal data about an individual that is contained in a record that has been in existence for at least 100 years. Recommended Section personal data in the form of an electronic record which is more than 100 years old ,on a rolling basis. Chapter No Clause No 1 4(3)(d)
  • 10. www.bestfitsolutions.in 10 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A08 Rationale 1. There is lot of difference between colloquial language and written language. The wordings must be changed. 2. “Itemised” does not have clarity 3. The Data Protection Officer and other details clause 7(3) must be shifted here as it should be logically part of the notice and not consent. Hence the clause shifted here Existing Section On or before requesting a Data Principal for her consent, a Data Fiduciary shall give to the Data Principal an itemised notice in clear and plain language containing a description of personal data sought to be collected by the Data Fiduciary and the purpose of processing of such personal data. Recommended Section (1) On or before requesting a Data Principal for her consent, a Data Fiduciary shall give to the Data Principal an itemised notice in clear and simple language containing a description of personal data sought to be collected by the Data Fiduciary and the purpose of processing of such personal data. (a) “itemised” means presented as a list of individual items grouped topic wise and serially numbered. (2) The notice shall contain the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act Chapter No Clause No 2 6(1)
  • 11. www.bestfitsolutions.in 11 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A09 Rationale .“In the same document” is not transparency. It needs to be communicated to the customer. The objective of transparency is not achieved. It could be tricky as data principal will not have a copy of the notice. Existing Section “notice” can be a separate document, or an electronic form, or a part of the same document in or through which personal data is sought to be collected, or in such other form as may be prescribed. Recommended Section “notice” can be in physical form or electronic form a separate document, or an electronic form, or a part of the same document in or through which personal data is sought to be collected, or in such other form and shall be communicated to the Data Principal as may be prescribed. Chapter No Clause No 2 6 (2)(a)
  • 12. www.bestfitsolutions.in 12 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A10 Rationale 1. We are talking about digital India and on the other hand talking about photocopies. This illustration must be redrafted. 2. Refer Point A09 above for deletion of the last sentence Existing Section Illustration: ‘A’ contacts a bank to open a regular savings account. The bank asks ‘A’ to furnish photocopies of proof of address and identity for KYC formalities. Before collecting the photocopies, the bank should give notice to ‘A’ stating that the purpose of obtaining the photocopies is completion of KYC formalities. The notice need not be a separate document. It can be printed on the form used for opening the savings bank account. Recommended Section Illustration: ‘A’ contacts a bank to open a regular savings account. The bank asks ‘A’ to furnish photocopies of proof of address and identity for KYC formalities. Before collecting the proof photocopies, the bank should give notice to ‘A’ stating that the purpose of obtaining the photocopies proof is for completion of KYC formalities and is a legal requirement. The notice need not be a separate document. It can be printed on the form used for opening the savings bank account. Chapter No Clause No 2 6(2)
  • 13. www.bestfitsolutions.in 13 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A11 Rationale 1. There is lot of difference between colloquial language and written language. The word ‘plain’ must be changed. 2. The Data Protection Officer and other details in clause 7(3) must be shifted to Clause 6(1) as it should be logically part of the notice and not consent. 3. The sections must be standardised. In Section 6 the local language clause is a separate sub section whereas in 7 is it not hence converted to sub section. Existing Section Every request for consent under the provisions of this Act shall be presented to the Data Principal in a clear and plain language, along with the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act. The Data Fiduciary shall give to the Data Principal the option to access such request for consent in English or any language specified in the Eighth Schedule to the Constitution of India. Recommended Section Every request for consent under the provisions of this Act shall be presented to the Data Principal in a clear and simple language, along with the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act. (4) The Data Fiduciary shall give to the Data Principal the option to access such request for consent in English or any language specified in the Eighth Schedule to the Constitution of India. Chapter No Clause No 2 7(3)
  • 14. www.bestfitsolutions.in 14 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A12 Rationale Bad in law. The word public interest is already defined in 2(18). This is directly contradicting that definition. Credit scoring cannot be public interest. Also, public interest is covered specifically in 8(9)(c) which further adds to the confusion. The public interest word has to be replaced by a better word to avoid confusion. Earlier bill used the clause “Reasonable Purposes” Existing Section in public interest, including for: (a) prevention and detection of fraud; (b) mergers, acquisitions, any other similar combinations, or corporate restructuring transactions in accordance with the provisions of applicable laws; (c) network and information security; (d) credit scoring; (e) operation of search engines for processing of publicly available personal data; (f) processing of publicly available personal data; and (g) recovery of debt; Recommended Section in the following circumstances, including for: (a) prevention and detection of fraud; (b) mergers, acquisitions, any other similar combinations, or corporate restructuring transactions in accordance with the provisions of applicable laws; (c) network and information security; (d) credit scoring; (e) operation of search engines for processing of publicly available personal data; (f) processing of publicly available personal data; and (g) recovery of debt; Chapter No Clause No 2 8(8)
  • 15. www.bestfitsolutions.in 15 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A13 Rationale Reasonable security safe guards are very open. No bench mark etc. It can be prescribed by the authority or by rules., hence the clause “as may be prescribed” to be added. Existing Section Every Data Fiduciary and Data Processor shall protect personal data in its possession or under its control by taking reasonable security safeguards to prevent personal data breach. Chapter No Clause No 2 9(4) & Schedule 1(1) Recommended Section 1.Every Data Fiduciary and Data Processor shall protect personal data in its possession or under its control by taking reasonable security safeguards to prevent personal data breach as may be prescribed 2. The schedule 1(1) also needs to have the clause “ as may be prescribed”
  • 16. www.bestfitsolutions.in 16 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A14 Rationale Independent auditor qualifications, competence etc needs to be defined so “as may be prescribed” to be added Existing Section appoint an Independent Data Auditor who shall evaluate the compliance of the Significant Data Fiduciary with provisions of this Act; and Chapter No Clause No 2 9(4) Recommended Section appoint an Independent Data Auditor, who shall evaluate the compliance of the Significant Data Fiduciary with provisions of this Act; and For the purpose of this section, “Data Auditor” shall have the necessary qualifications, competence and independence as may be prescribed.
  • 17. www.bestfitsolutions.in 17 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A15 Rationale How can one data fiduciary show the data of another data fiduciary unless it is a consent manager? Ambiguous clause. For example, if I open an account with Bank A, how can Bank B with whom I don’t have any relation , be able to show the details with another fiduciary? This can happen only with Consent Manager. It should be a typo error. As a Data Principal, I would like to know with which all data processers I am sharing my data Existing Section The Data Principal shall have the right to obtain from the Data Fiduciary: (3) in one place, the identities of all the Data Fiduciaries with whom the personal data has been shared along with the categories of personal data so shared; and Chapter No Clause No 3 12(3) Recommended Section The Data Principal shall have the right to obtain from the Data Fiduciary: (3) in one place, the identities of all the Data Fiduciaries or Data Processors with whom the personal data has been shared along with the categories of personal data so shared; and
  • 18. www.bestfitsolutions.in 18 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A16 Rationale Typo error and subject to gross misinterpretation. English to be changed and separate sub section for erasure.Correction is different from erasure Existing Section (2) A Data Fiduciary shall, upon receiving a request for such correction and erasure from a Data Principal: (a) correct a Data Principal’s inaccurate or misleading personal data; (b) complete a Data Principal’s incomplete personal data; (c) update a Data Principal’s personal data; (d) erase the personal data of a Data Principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. Chapter No Clause No 3 13(2) Recommended Section 2) A Data Fiduciary shall, upon receiving a request for such correction and erasure from a Data Principal: (a) correct a Data Principal’s inaccurate or misleading personal data; (b) complete a Data Principal’s incomplete personal data; (c) update a Data Principal’s personal data; (d)erase the personal data of a Data Principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. (2) A Data Fiduciary shall, upon receiving a request for erasure from a Data Principal shall erase the data of the data principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. In case the data principal is unable to erase the same due to legal reasons the same shall be communicated back to the Data Principal
  • 19. www.bestfitsolutions.in 19 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A17 Rationale The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act Sec 4 has already mentioned what is writing. For clarity purpose add that definition. Alternately introduce the definition “in writing “as mentioned above already as per the IT Act Refer Point A04 above. Existing Section for reasons to be recorded in writing Chapter No Clause No 5 20(2),21(2),(4),(5) & (11),22(1) Recommended Section “for reasons to be recorded and communicated”.
  • 20. www.bestfitsolutions.in 20 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A18 Rationale The Bill is only talking about the penalties which will go to a specific fund of Data Protection authority. The bill talks about only penalty. Where is the compensation due, as a result of the harm or loss to the Data Principal? It is totally silent on the same. In case of the IT Act, it was introduced in 2008. This is very important. Existing Section Penalties Chapter No Clause No 5 25 Recommended Section Add the relevant Compensation clause accordingly
  • 21. www.bestfitsolutions.in 21 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A19 Rationale Deleting this section without any new clause on sensitive personal data is going to be dangerous. Personal data needs to be classified as sensitive for certain classes of data. Sensitive data needs additional protection and penalty for breach of this data needs additional penalty. Similarly, privacy policy and many other aspects are important Existing Section 1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner: (a) section 43A of the IT Act shall be omitted; Chapter No Clause No 6 30(1)(a) Recommended Section The following sections must be reworked to include sensitive data : Sec 17 -Transfer of data Sec 9(4)
  • 22. www.bestfitsolutions.in 22 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A20 Rationale Linked to the modification in Sec 9(4) Existing Section Failure of Data Processor or Data Fiduciary to take reasonable security safeguards to prevent personal data breach under sub- section (4) of section 9 of this Act Schedule Clause No 1 (1) Recommended Section Failure of Data Processor or Data Fiduciary to take reasonable security safeguards, as may be prescribed, to prevent personal data breach under sub-section (4) of section 9 of this Act
  • 23. www.bestfitsolutions.in 23 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB LANGUAGE ISSUES
  • 24. www.bestfitsolutions.in 24 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B01 Rationale Child is already defined by clause 2(3) as (3) “child” means an individual who has not completed eighteen years of age ? The word individual should not be repeated English language framing. Existing Section “Data Principal” means the individual to whom the personal data relates and where such individual is a child includes the parents or lawful guardian of such a child Chapter No Clause No 1 2(6) Recommended Section “Data Principal” means the individual to whom the personal data relates and in case of child it shall include the parents or lawful guardian of such a child.
  • 25. www.bestfitsolutions.in 25 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B02 Rationale Typo error. How can false statements be fact ? Existing Section “public interest” means in the interest of any of the following: (a) sovereignty and integrity of India; b. security of the State; c. friendly relations with foreign States; d. maintenance of public order; e. preventing incitement to the commission of any cognizable offence relating to the preceding sub-clauses; and f. preventing dissemination of false statements of fact. Chapter No Clause No 1 2(18)(f) Recommended Section “public interest” means in the interest of any of the following: (a) sovereignty and integrity of India; b. security of the State; c. friendly relations with foreign States; d. maintenance of public order; e. preventing incitement to the commission of any cognizable offence relating to the preceding sub-clauses; and f. preventing dissemination of false statements or fact.
  • 26. www.bestfitsolutions.in 26 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B03 Rationale 1.Typo/Spelling mistake as per Indian English it is “digitized” 2. In order to align with the IT Act change the statement. IT Act does not use the jargon digitized. The correct word shall be electronic record. Existing Section (1) The provisions of this Act shall apply to the processing of digital personal data within the territory of India where: (b)such personal data collected offline, is digitized Chapter No Clause No 1 4(1)(b) Recommended Section (1) The provisions of this Act shall apply to the processing of digital personal data within the territory of India where: (b) such personal data collected in Non electronic form/Physical Form is converted to an electronic record. Interpretation: Electronic Record is defined in sec 2(t) of the information technology Act 2000
  • 27. www.bestfitsolutions.in 27 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B04 Rationale Offline data is not written English it is colloquial English. As mentioned in Point A04 above, in order to align to IT Act ‘electronic record ‘can make life simpler for everybody. By this one-word non- automated processing is also covered and need not be mentioned explicitly. Offline can be subject to interpretation. Existing Section (3) The provisions of this Act shall not apply to: (a) non-automated processing of personal data; (b) offline personal data; Chapter No Clause No 1 4(3)(a) & 4(3)(b) Recommended Section (3) The provisions of this Act shall not apply to: (a) personal data in the form of a non- electronic record. Explanation : Electronic Record is as defined in Sec 2(t) of Information Technology Act 2000
  • 28. www.bestfitsolutions.in 28 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B05 Rationale There is lot of difference between colloquial language and written language. The wordings must be changed Existing Section Where a Data Principal has given her consent to the processing of her personal data before the commencement of this Act, the Data Fiduciary must give to the Data Principal an itemised notice in clear and plain language containing a description of personal data of the Data Principal collected by the Data Fiduciary and the purpose for which such personal data has been processed, as soon as it is reasonably practicable Chapter No Clause No 2 6(2) Recommended Section Where a Data Principal has already given her consent to the processing of her personal data before the commencement of this Act, the Data Fiduciary must give to the Data Principal an itemised notice in clear and simple language containing a description of personal data of the Data Principal collected by the Data Fiduciary and the purpose for which such personal data has been processed, as soon as it is reasonably practicable
  • 29. www.bestfitsolutions.in 29 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B06 Rationale English and standardisation Existing Section (2)Failure to notify the Board and affected Data Principals in the event of a personal data breach, under sub- section (5) of section 9 of this Act (3)Non-fulfilment of additional obligations in relation to Children; under section 10 of this Act. (5)Non-compliance with section 16 of this Act Schedule No Clause No 1 (2),(3),(5) Recommended Section (2)Failure of Data Processor or Data Fiduciary to notify the Board and affected Data Principals in the event of a personal data breach, under sub-section (5) of section 9 of this Act. (3)Non-fulfilment of additional obligations by Data Fiduciary in relation to Children; under section 10 of this Act. (5) Non-compliance with section 16 of this Act by the Data Principal