SlideShare a Scribd company logo
www.bestfitsolutions.in 1
nmds@bestfitsolutions.in
Feedback on The Draft Digital Personal Data Protection Bill,2022
submitted to MeitY
Nanda Mohan Shenoy D
CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in
EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empaneled CPE Trainer
Director
www.bestfitsolutions.in 2
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
STRUCTURAL ISSUES
www.bestfitsolutions.in 3
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A01
Rationale
1.The word individual is also used in the same Act with a different meaning and context which can be
confusing. Refer 6(2)(b)-(b) “itemised” means presented as a list of individual items
21(3) The Board may authorise conduct of proceedings relating to complaints, by individual Members or
groups of Members.
2.Standardise the wording aligned to international laws which is “Natural Person”
Existing Section
Word ‘Individual’ used in multiple places 15
occasions
Recommended Section
Replace ‘Individual’ with natural persons except in
clauses 6(2)(b)-(b) & 21(3)
Chapter No Clause No
1 Preamble 2(3),2(6),2(8),2(12),2(13),3(3),4(3)(c),4(3)(d)
2 8(4),8(5),8(6),11(2),15,19(3),30(2)
www.bestfitsolutions.in 4
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A02
Rationale
Harm does not include mental harm and is restricted to bodily harm.
Existing Section
“harm”, in relation to a Data Principal, means -
a. any bodily harm; or
b. distortion or theft of identity; or
c. harassment; or
d. prevention of lawful gain or causation of
significant loss;
Recommended Section
“harm”, in relation to a Data Principal, means -
a. any bodily harm or mental harm; or
b. distortion or theft of identity; or
c. harassment; or
d. prevention of lawful gain or causation of
significant loss;
Chapter No Clause No
1 2(10)
www.bestfitsolutions.in 5
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A03
Rationale
Sec 30 is as follows:
(1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner:
(a) section 43A of the IT Act shall be omitted.
Sensitive Personal Data has been for a while and needs to continue as it requires additional protection
Existing Section
Definition of Sensitive personal data is
missing
Recommended Section
“Sensitive Personal data” means personal data
which needs additional safeguards and shall be
as prescribed.
Chapter No Clause No
1 2
www.bestfitsolutions.in 6
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A04
Rationale
The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act 2000
Sec 4 has already mentioned what is writing. For clarity purpose add that definition.
Alternatively substitute “for reasons to be recorded in writing” with “ for reasons to be recorded and
communicated “
Existing Section
Definition of writing needs to be introduced
Recommended Section
"in writing" shall include communication in
electronic form as defined in clause (r) of sub-
section (1) of section 2 of the Information
Technology Act, 2000 read along with Sec 4
Chapter No Clause No
1 2
www.bestfitsolutions.in 7
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A05
Rationale
Bad in law. Not a legal term. Already this is covered in the General Clauses Act 1897 13 A of
Section13. Gender and number. —In all [Central Acts] and Regulations, unless there is anything
repugnant in the subject or context, —
(1) words importing the masculine gender shall be taken to include females; and
(2) words in the singular shall include the plural, and vice versa.
This is contradictory and can be challenged in court and will also restrict it to her
Existing Section
(3) the pronouns “her” and “she” have been used
for an individual, irrespective of gender.
Recommended Section
1. Delete the sub section :
(3) the pronouns “her” and “she” have been
used for an individual, irrespective of gender.
2. All ‘her’ to be replaced by ‘him’ 44
instances
Chapter No Clause No
1 3(3)
www.bestfitsolutions.in 8
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A06
Rationale
The jargons must be standardised Standardisation. Move this section to definitions at the
appropriate place
Existing Section
For the purpose of this sub-section, “profiling”
means any form of processing of personal data
that analyses or predicts aspects concerning the
behaviour, attributes, or interests of a Data
Principal.
Recommended Section
Move the clause as it is to definitions
Chapter No Clause No
1 4(2)(3)
www.bestfitsolutions.in 9
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A07
Rationale
No clarity
1. Personal data is already defined as that of ‘an individual’ in sec 2 and again repeating is redundant
and bad in law
2. Whether it is applicable to physical record or an electronic record.
3. 100 years from when is not mentioned .is it on revolving basis
4. The construction of the sentence itself is not understandable to common man. Need to rephrase.
5. Also explore the possibility of shifting entire 4(3) related to Applicability to the schedule so that there
is flexibility in adding additional as and when required. The IT Act 2000 schedule one is very clear .It
should be in similar lines
Existing Section
personal data about an individual that is
contained in a record that has been in existence
for at least 100 years.
Recommended Section
personal data in the form of an electronic record
which is more than 100 years old ,on a rolling
basis.
Chapter No Clause No
1 4(3)(d)
www.bestfitsolutions.in 10
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A08
Rationale
1. There is lot of difference between colloquial language and written language. The wordings must be changed.
2. “Itemised” does not have clarity
3. The Data Protection Officer and other details clause 7(3) must be shifted here as it should be logically part of
the notice and not consent. Hence the clause shifted here
Existing Section
On or before requesting a Data Principal for her
consent, a Data Fiduciary shall give to the Data
Principal an itemised notice in clear and plain
language containing a description of personal data
sought to be collected by the Data Fiduciary and
the purpose of processing of such personal data.
Recommended Section
(1) On or before requesting a Data Principal for her
consent, a Data Fiduciary shall give to the Data
Principal an itemised notice in clear and simple
language containing a description of personal data
sought to be collected by the Data Fiduciary and
the purpose of processing of such personal data.
(a) “itemised” means presented as a list of individual
items grouped topic wise and serially numbered.
(2) The notice shall contain the contact details of a Data
Protection Officer, where applicable, or of any other person
authorised by the Data Fiduciary to respond to any
communication from the Data Principal for the purpose of
exercise of her rights under the provisions of this Act
Chapter No Clause No
2 6(1)
www.bestfitsolutions.in 11
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A09
Rationale
.“In the same document” is not transparency. It needs to be communicated to the
customer. The objective of transparency is not achieved. It could be tricky as data
principal will not have a copy of the notice.
Existing Section
“notice” can be a separate document, or an
electronic form, or a part of the same
document in or through which personal data
is sought to be collected, or in such other
form as may be prescribed.
Recommended Section
“notice” can be in physical form or electronic
form a separate document, or an electronic
form, or a part of the same document in or
through which personal data is sought to be
collected, or in such other form and shall be
communicated to the Data Principal as may
be prescribed.
Chapter No Clause No
2 6 (2)(a)
www.bestfitsolutions.in 12
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A10
Rationale
1. We are talking about digital India and on the other hand talking about photocopies. This
illustration must be redrafted.
2. Refer Point A09 above for deletion of the last sentence
Existing Section
Illustration: ‘A’ contacts a bank to open a regular
savings account. The bank asks ‘A’ to furnish
photocopies of proof of address and identity for
KYC formalities. Before collecting the
photocopies, the bank should give notice to ‘A’
stating that the purpose of obtaining the
photocopies is completion of KYC formalities. The
notice need not be a separate document. It can
be printed on the form used for opening the
savings bank account.
Recommended Section
Illustration: ‘A’ contacts a bank to open a
regular savings account. The bank asks ‘A’ to
furnish photocopies of proof of address and
identity for KYC formalities. Before collecting the
proof photocopies, the bank should give notice
to ‘A’ stating that the purpose of obtaining the
photocopies proof is for completion of KYC
formalities and is a legal requirement. The
notice need not be a separate document. It can
be printed on the form used for opening the
savings bank account.
Chapter No Clause No
2 6(2)
www.bestfitsolutions.in 13
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A11
Rationale
1. There is lot of difference between colloquial language and written language. The word ‘plain’ must be
changed.
2. The Data Protection Officer and other details in clause 7(3) must be shifted to Clause 6(1) as it should be
logically part of the notice and not consent.
3. The sections must be standardised. In Section 6 the local language clause is a separate sub section
whereas in 7 is it not hence converted to sub section.
Existing Section
Every request for consent under the provisions of this Act
shall be presented to the Data Principal in a clear and plain
language, along with the contact details of a Data Protection
Officer, where applicable, or of any other person authorised
by the Data Fiduciary to respond to any communication from
the Data Principal for the purpose of exercise of her rights
under the provisions of this Act. The Data Fiduciary shall
give to the Data Principal the option to access such request
for consent in English or any language specified in the
Eighth Schedule to the Constitution of India.
Recommended Section
Every request for consent under the provisions of this Act
shall be presented to the Data Principal in a clear and
simple language, along with the contact details of a Data
Protection Officer, where applicable, or of any other person
authorised by the Data Fiduciary to respond to any
communication from the Data Principal for the purpose of
exercise of her rights under the provisions of this Act.
(4) The Data Fiduciary shall give to the Data Principal the
option to access such request for consent in English or any
language specified in the Eighth Schedule to the
Constitution of India.
Chapter No Clause No
2 7(3)
www.bestfitsolutions.in 14
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A12
Rationale
Bad in law. The word public interest is already defined in 2(18). This is directly contradicting that
definition.
Credit scoring cannot be public interest. Also, public interest is covered specifically in 8(9)(c)
which further adds to the confusion. The public interest word has to be replaced by a better
word to avoid confusion.
Earlier bill used the clause “Reasonable Purposes”
Existing Section
in public interest, including for:
(a) prevention and detection of fraud;
(b) mergers, acquisitions, any other similar combinations,
or corporate restructuring transactions in accordance with
the provisions of applicable laws;
(c) network and information security;
(d) credit scoring;
(e) operation of search engines for processing of publicly
available personal data;
(f) processing of publicly available personal data; and
(g) recovery of debt;
Recommended Section
in the following circumstances, including for:
(a) prevention and detection of fraud;
(b) mergers, acquisitions, any other similar
combinations, or corporate restructuring transactions
in accordance with the provisions of applicable laws;
(c) network and information security;
(d) credit scoring;
(e) operation of search engines for processing of
publicly available personal data;
(f) processing of publicly available personal data; and
(g) recovery of debt;
Chapter No Clause No
2 8(8)
www.bestfitsolutions.in 15
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A13
Rationale
Reasonable security safe guards are very open. No bench mark etc. It can be prescribed by the
authority or by rules., hence the clause “as may be prescribed” to be added.
Existing Section
Every Data Fiduciary and Data Processor
shall protect personal data in its possession
or under its control by taking reasonable
security safeguards to prevent personal data
breach.
Chapter No Clause No
2 9(4) & Schedule 1(1)
Recommended Section
1.Every Data Fiduciary and Data Processor
shall protect personal data in its possession or
under its control by taking reasonable security
safeguards to prevent personal data breach as
may be prescribed
2. The schedule 1(1) also needs to have the
clause “ as may be prescribed”
www.bestfitsolutions.in 16
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A14
Rationale
Independent auditor qualifications, competence etc needs to be defined so “as may be
prescribed” to be added
Existing Section
appoint an Independent Data Auditor who
shall evaluate the compliance of the
Significant Data Fiduciary with provisions of
this Act; and
Chapter No Clause No
2 9(4)
Recommended Section
appoint an Independent Data Auditor, who shall
evaluate the compliance of the Significant Data
Fiduciary with provisions of this Act; and
For the purpose of this section, “Data Auditor”
shall have the necessary qualifications,
competence and independence as may be
prescribed.
www.bestfitsolutions.in 17
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A15
Rationale
How can one data fiduciary show the data of another data fiduciary unless it is a consent manager?
Ambiguous clause.
For example, if I open an account with Bank A, how can Bank B with whom I don’t have any relation , be able
to show the details with another fiduciary?
This can happen only with Consent Manager. It should be a typo error. As a Data Principal, I would like to
know with which all data processers I am sharing my data
Existing Section
The Data Principal shall have the right to
obtain from the Data Fiduciary:
(3) in one place, the identities of all the Data
Fiduciaries with whom the personal data
has been shared along with the categories
of personal data so shared; and
Chapter No Clause No
3 12(3)
Recommended Section
The Data Principal shall have the right to obtain
from the Data Fiduciary:
(3) in one place, the identities of all the Data
Fiduciaries or Data Processors with whom the
personal data has been shared along with the
categories of personal data so shared; and
www.bestfitsolutions.in 18
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A16
Rationale
Typo error and subject to gross misinterpretation. English to be changed and separate sub
section for erasure.Correction is different from erasure
Existing Section
(2) A Data Fiduciary shall, upon receiving a request
for such correction and erasure from a Data
Principal:
(a) correct a Data Principal’s inaccurate or
misleading personal data;
(b) complete a Data Principal’s incomplete personal
data;
(c) update a Data Principal’s personal data;
(d) erase the personal data of a Data Principal that is
no longer necessary for the purpose for which it was
processed unless retention is necessary for a legal
purpose.
Chapter No Clause No
3 13(2)
Recommended Section
2) A Data Fiduciary shall, upon receiving a request for such
correction and erasure from a Data Principal:
(a) correct a Data Principal’s inaccurate or misleading personal
data;
(b) complete a Data Principal’s incomplete personal data;
(c) update a Data Principal’s personal data;
(d)erase the personal data of a Data Principal that is no longer
necessary for the purpose for which it was processed unless
retention is necessary for a legal purpose.
(2) A Data Fiduciary shall, upon receiving a request for erasure
from a Data Principal shall erase the data of the data principal
that is no longer necessary for the purpose for which it was
processed unless retention is necessary for a legal purpose. In
case the data principal is unable to erase the same due to legal
reasons the same shall be communicated back to the Data
Principal
www.bestfitsolutions.in 19
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A17
Rationale
The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT
Act Sec 4 has already mentioned what is writing. For clarity purpose add that definition.
Alternately introduce the definition “in writing “as mentioned above already as per the IT Act
Refer Point A04 above.
Existing Section
for reasons to be recorded in writing
Chapter No Clause No
5 20(2),21(2),(4),(5) & (11),22(1)
Recommended Section
“for reasons to be recorded and
communicated”.
www.bestfitsolutions.in 20
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A18
Rationale
The Bill is only talking about the penalties which will go to a specific fund of Data Protection
authority.
The bill talks about only penalty. Where is the compensation due, as a result of the harm or
loss to the Data Principal? It is totally silent on the same. In case of the IT Act, it was
introduced in 2008. This is very important.
Existing Section
Penalties
Chapter No Clause No
5 25
Recommended Section
Add the relevant Compensation clause
accordingly
www.bestfitsolutions.in 21
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A19
Rationale
Deleting this section without any new clause on sensitive personal data is going to be
dangerous. Personal data needs to be classified as sensitive for certain classes of data.
Sensitive data needs additional protection and penalty for breach of this data needs additional
penalty. Similarly, privacy policy and many other aspects are important
Existing Section
1) The Information Technology Act, 2000 (“IT
Act”) shall be amended in the following
manner:
(a) section 43A of the IT Act shall be omitted;
Chapter No Clause No
6 30(1)(a)
Recommended Section
The following sections must be reworked to
include sensitive data :
Sec 17 -Transfer of data
Sec 9(4)
www.bestfitsolutions.in 22
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Structural Issues – A20
Rationale
Linked to the modification in Sec 9(4)
Existing Section
Failure of Data Processor or Data Fiduciary
to take reasonable security safeguards to
prevent personal data breach under sub-
section (4) of section 9 of this Act
Schedule Clause No
1 (1)
Recommended Section
Failure of Data Processor or Data Fiduciary to
take reasonable security safeguards, as may
be prescribed, to prevent personal data breach
under sub-section (4) of section 9 of this Act
www.bestfitsolutions.in 23
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
LANGUAGE ISSUES
www.bestfitsolutions.in 24
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B01
Rationale
Child is already defined by clause 2(3) as
(3) “child” means an individual who has not completed eighteen years of age ?
The word individual should not be repeated
English language framing.
Existing Section
“Data Principal” means the individual to
whom the personal data relates and
where such individual is a child includes
the parents or lawful guardian of such a
child
Chapter No Clause No
1 2(6)
Recommended Section
“Data Principal” means the individual to
whom the personal data relates and in
case of child it shall include the parents or
lawful guardian of such a child.
www.bestfitsolutions.in 25
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B02
Rationale
Typo error. How can false statements be fact ?
Existing Section
“public interest” means in the interest of any
of the following:
(a) sovereignty and integrity of India;
b. security of the State;
c. friendly relations with foreign States;
d. maintenance of public order;
e. preventing incitement to the commission of
any cognizable offence relating to the
preceding sub-clauses; and
f. preventing dissemination of false
statements of fact.
Chapter No Clause No
1 2(18)(f)
Recommended Section
“public interest” means in the interest of any of
the following:
(a) sovereignty and integrity of India;
b. security of the State;
c. friendly relations with foreign States;
d. maintenance of public order;
e. preventing incitement to the commission of
any cognizable offence relating to the
preceding sub-clauses; and
f. preventing dissemination of false statements
or fact.
www.bestfitsolutions.in 26
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B03
Rationale
1.Typo/Spelling mistake as per Indian English it is “digitized”
2. In order to align with the IT Act change the statement. IT Act does not use the
jargon digitized. The correct word shall be electronic record.
Existing Section
(1) The provisions of this Act shall apply
to the processing of digital personal data
within the territory of India where:
(b)such personal data collected offline,
is digitized
Chapter No Clause No
1 4(1)(b)
Recommended Section
(1) The provisions of this Act shall apply to
the processing of digital personal data
within the territory of India where:
(b) such personal data collected in Non
electronic form/Physical Form is
converted to an electronic record.
Interpretation: Electronic Record is
defined in sec 2(t) of the information
technology Act 2000
www.bestfitsolutions.in 27
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B04
Rationale
Offline data is not written English it is colloquial English. As mentioned in Point A04
above, in order to align to IT Act ‘electronic record ‘can make life simpler for everybody.
By this one-word non- automated processing is also covered and need not be mentioned
explicitly.
Offline can be subject to interpretation.
Existing Section
(3) The provisions of this Act shall not
apply to:
(a) non-automated processing of
personal data;
(b) offline personal data;
Chapter No Clause No
1 4(3)(a) & 4(3)(b)
Recommended Section
(3) The provisions of this Act shall not
apply to:
(a) personal data in the form of a non-
electronic record.
Explanation : Electronic Record is as
defined in Sec 2(t) of Information
Technology Act 2000
www.bestfitsolutions.in 28
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B05
Rationale
There is lot of difference between colloquial language and written language. The wordings
must be changed
Existing Section
Where a Data Principal has given her
consent to the processing of her personal
data before the commencement of this Act,
the Data Fiduciary must give to the Data
Principal an itemised notice in clear and plain
language containing a description of personal
data of the Data Principal collected by the
Data Fiduciary and the purpose for which
such personal data has been processed, as
soon as it is reasonably practicable
Chapter No Clause No
2 6(2)
Recommended Section
Where a Data Principal has already given her
consent to the processing of her personal data
before the commencement of this Act, the Data
Fiduciary must give to the Data Principal an
itemised notice in clear and simple language
containing a description of personal data of the
Data Principal collected by the Data Fiduciary
and the purpose for which such personal data
has been processed, as soon as it is
reasonably practicable
www.bestfitsolutions.in 29
Mr Nanda Mohan Shenoy
CDPSE, CISA ,CAIIB
Language Issues – B06
Rationale
English and standardisation
Existing Section
(2)Failure to notify the Board and
affected Data Principals in the event of
a personal data breach, under sub-
section (5) of section 9 of this Act
(3)Non-fulfilment of additional
obligations in relation to Children; under
section 10 of this Act.
(5)Non-compliance with section 16 of
this Act
Schedule No Clause No
1 (2),(3),(5)
Recommended Section
(2)Failure of Data Processor or Data
Fiduciary to notify the Board and affected
Data Principals in the event of a personal
data breach, under sub-section (5) of
section 9 of this Act.
(3)Non-fulfilment of additional obligations
by Data Fiduciary in relation to Children;
under section 10 of this Act.
(5) Non-compliance with section 16 of this
Act by the Data Principal

More Related Content

What's hot

RGPD ! Etes vous en conformité ?
RGPD ! Etes vous en conformité ?RGPD ! Etes vous en conformité ?
RGPD ! Etes vous en conformité ?
OlivierDEKETER
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Training privacy by design
Training privacy by designTraining privacy by design
Training privacy by design
Tommy Vandepitte
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
grahamwell
 
Data Ownership and Privacy
Data Ownership and PrivacyData Ownership and Privacy
Data Ownership and Privacy
Gerard Sylvester
 
Integrating Social Media with Records Management
Integrating Social Media with Records ManagementIntegrating Social Media with Records Management
Integrating Social Media with Records Management
SOLOMON M KAMINDA
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
Vicky Dallas
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
DipanjanDey12
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
sp_krishna
 
Privacy in India: Legal issues
Privacy in India: Legal issuesPrivacy in India: Legal issues
Privacy in India: Legal issues
Sagar Rahurkar
 
Determination of trade secret status
Determination of trade secret statusDetermination of trade secret status
Determination of trade secret status
Rajalingam Balakrishnan
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
Caroline Boscher
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
SaimaRafiq
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
amirhannan
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
Tinuiti
 
Pdpa(kewal)
Pdpa(kewal)Pdpa(kewal)
Pdpa(kewal)
Kewal Pradhan
 
Pdpa presentation
Pdpa presentationPdpa presentation
Pdpa presentation
Alan Teh
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
Altacit Global
 
IPR & CYBER SECURITY.pptx
IPR & CYBER SECURITY.pptxIPR & CYBER SECURITY.pptx
IPR & CYBER SECURITY.pptx
MTES Junior College
 
WB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillWB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection Bill
TrustArc
 

What's hot (20)

RGPD ! Etes vous en conformité ?
RGPD ! Etes vous en conformité ?RGPD ! Etes vous en conformité ?
RGPD ! Etes vous en conformité ?
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Training privacy by design
Training privacy by designTraining privacy by design
Training privacy by design
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Data Ownership and Privacy
Data Ownership and PrivacyData Ownership and Privacy
Data Ownership and Privacy
 
Integrating Social Media with Records Management
Integrating Social Media with Records ManagementIntegrating Social Media with Records Management
Integrating Social Media with Records Management
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
Privacy & Data Protection
Privacy & Data ProtectionPrivacy & Data Protection
Privacy & Data Protection
 
Privacy in India: Legal issues
Privacy in India: Legal issuesPrivacy in India: Legal issues
Privacy in India: Legal issues
 
Determination of trade secret status
Determination of trade secret statusDetermination of trade secret status
Determination of trade secret status
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
 
Pdpa(kewal)
Pdpa(kewal)Pdpa(kewal)
Pdpa(kewal)
 
Pdpa presentation
Pdpa presentationPdpa presentation
Pdpa presentation
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
IPR & CYBER SECURITY.pptx
IPR & CYBER SECURITY.pptxIPR & CYBER SECURITY.pptx
IPR & CYBER SECURITY.pptx
 
WB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection BillWB-2022-01-25-India Data Protection Bill
WB-2022-01-25-India Data Protection Bill
 

Similar to Digitial Personal Data Bill 2022 feedback

Feedback on Non Personal Data Governance Framework
Feedback  on Non Personal Data Governance FrameworkFeedback  on Non Personal Data Governance Framework
Feedback on Non Personal Data Governance Framework
Nanda Mohan Shenoy
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010
Tyrone Grandison
 
Updated mca queries
Updated mca queries Updated mca queries
Updated mca queries
Avisek Kundu
 
Ms 425 electronic banking and it in banks (1)
Ms 425   electronic banking and it in banks (1)Ms 425   electronic banking and it in banks (1)
Ms 425 electronic banking and it in banks (1)
smumbahelp
 
Business Analysis Healthcare Online & Classroom Training
Business Analysis Healthcare Online & Classroom Training Business Analysis Healthcare Online & Classroom Training
Business Analysis Healthcare Online & Classroom Training
Vibloo
 
Answer the Below Question. APA format. 300 words.Textbook .docx
Answer the Below Question. APA format. 300 words.Textbook  .docxAnswer the Below Question. APA format. 300 words.Textbook  .docx
Answer the Below Question. APA format. 300 words.Textbook .docx
nolanalgernon
 
Data Protection: Process Information
Data Protection: Process InformationData Protection: Process Information
Data Protection: Process Information
Cristina Villavicencio
 
Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryption
NeoCertified
 
Capturing Data Requirements
Capturing Data RequirementsCapturing Data Requirements
Capturing Data Requirements
mcomtraining
 
Cjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -nsCjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -ns
Doug Ballee, PMP
 
AI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A GlanceAI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A Glance
Alex G. Lee, Ph.D. Esq. CLP
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Ltd
 
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
vivekkaushik795
 
Jim Barton
Jim BartonJim Barton
Jim Barton
Susan Cox
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr  css non-confidential slide deck2016 01-05 csr  css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
Richard (Dick) Kaufman
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
accacloud
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
jo bitonio
 
The New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie ComplianceThe New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie Compliance
Lewis Silkin
 
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A GlanceAI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
Alex G. Lee, Ph.D. Esq. CLP
 

Similar to Digitial Personal Data Bill 2022 feedback (20)

Feedback on Non Personal Data Governance Framework
Feedback  on Non Personal Data Governance FrameworkFeedback  on Non Personal Data Governance Framework
Feedback on Non Personal Data Governance Framework
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010
 
Updated mca queries
Updated mca queries Updated mca queries
Updated mca queries
 
Ms 425 electronic banking and it in banks (1)
Ms 425   electronic banking and it in banks (1)Ms 425   electronic banking and it in banks (1)
Ms 425 electronic banking and it in banks (1)
 
Business Analysis Healthcare Online & Classroom Training
Business Analysis Healthcare Online & Classroom Training Business Analysis Healthcare Online & Classroom Training
Business Analysis Healthcare Online & Classroom Training
 
Answer the Below Question. APA format. 300 words.Textbook .docx
Answer the Below Question. APA format. 300 words.Textbook  .docxAnswer the Below Question. APA format. 300 words.Textbook  .docx
Answer the Below Question. APA format. 300 words.Textbook .docx
 
Data Protection: Process Information
Data Protection: Process InformationData Protection: Process Information
Data Protection: Process Information
 
Case for-secure-email-encryption
Case for-secure-email-encryptionCase for-secure-email-encryption
Case for-secure-email-encryption
 
Capturing Data Requirements
Capturing Data RequirementsCapturing Data Requirements
Capturing Data Requirements
 
Cjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -nsCjis security policy v5 1 07132012 -ns
Cjis security policy v5 1 07132012 -ns
 
AI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A GlanceAI, Blockchain, IoT GDPR Compliance AT A Glance
AI, Blockchain, IoT GDPR Compliance AT A Glance
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
 
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
Synopsis_rt_v_k.pptx(fgfefefehgftgegfeh)
 
Jim Barton
Jim BartonJim Barton
Jim Barton
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr  css non-confidential slide deck2016 01-05 csr  css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
Asia Cloud Computing Association’s (ACCA) Response to India’s Draft Health Da...
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
The New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie ComplianceThe New Data Protection Regulation and Cookie Compliance
The New Data Protection Regulation and Cookie Compliance
 
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A GlanceAI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
AI, Blockchain, IoT GDPR v. PIPA Compliance AT A Glance
 

More from Nanda Mohan Shenoy

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
Nanda Mohan Shenoy
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
Nanda Mohan Shenoy
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
Nanda Mohan Shenoy
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
Nanda Mohan Shenoy
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
Nanda Mohan Shenoy
 
F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6
Nanda Mohan Shenoy
 

More from Nanda Mohan Shenoy (20)

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
 
F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6F 32-Mukundamala- Part-6
F 32-Mukundamala- Part-6
 

Recently uploaded

Legal History and Customary Law Lecture 3 nd 4.pptx
Legal History and Customary Law Lecture 3 nd 4.pptxLegal History and Customary Law Lecture 3 nd 4.pptx
Legal History and Customary Law Lecture 3 nd 4.pptx
getabelete
 
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
Dr. Oliver Massmann
 
cyber law and ethics regulation of the connected world
cyber law and ethics regulation of the connected worldcyber law and ethics regulation of the connected world
cyber law and ethics regulation of the connected world
JeneferAlan1
 
Emerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
Emerging Trends in Digital Forensics and Malware Analysis for CybersecurityEmerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
Emerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
Milind Agarwal
 
Petition for Allowance of Appeal.pdf
Petition for Allowance of Appeal.pdfPetition for Allowance of Appeal.pdf
Petition for Allowance of Appeal.pdf
almondtree2525
 
Tech Startups: Expert Advice from Aaron Kelly Arizona
Tech Startups: Expert Advice from Aaron Kelly ArizonaTech Startups: Expert Advice from Aaron Kelly Arizona
Tech Startups: Expert Advice from Aaron Kelly Arizona
Aaron Kelly Lawyer
 
The Law of Dogs in Sectional Title Schemes
The Law of Dogs in Sectional Title SchemesThe Law of Dogs in Sectional Title Schemes
The Law of Dogs in Sectional Title Schemes
Ashwini Singh
 
Proforma B in Panchkula RERA Complaint Authority
Proforma B in Panchkula RERA Complaint AuthorityProforma B in Panchkula RERA Complaint Authority
Proforma B in Panchkula RERA Complaint Authority
Satish Mishra LegalSeva
 
Monash University degree offer diploma Transcript
Monash University degree offer diploma TranscriptMonash University degree offer diploma Transcript
Monash University degree offer diploma Transcript
qgoomz
 
Occupational Safety and Health Act (Amendment) 2022
Occupational Safety and Health Act (Amendment) 2022Occupational Safety and Health Act (Amendment) 2022
Occupational Safety and Health Act (Amendment) 2022
NguokYingNgu1
 
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
Dr. Oliver Massmann
 
Salient features of Geographical Indications of Goods (Registration and Prote...
Salient features of Geographical Indications of Goods (Registration and Prote...Salient features of Geographical Indications of Goods (Registration and Prote...
Salient features of Geographical Indications of Goods (Registration and Prote...
KoyalPoojary
 
Deposition Summary Sample - Deposition Transcripts.pdf
Deposition Summary Sample - Deposition Transcripts.pdfDeposition Summary Sample - Deposition Transcripts.pdf
Deposition Summary Sample - Deposition Transcripts.pdf
Medico Legal Request LLC
 
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie LondonDallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
ReggieLondon Lawyer
 
RERA Execution Panchkula Authority Powers
RERA Execution Panchkula Authority PowersRERA Execution Panchkula Authority Powers
RERA Execution Panchkula Authority Powers
Satish Mishra LegalSeva
 
RERA Panchkula Registration Late Fee Info
RERA Panchkula Registration Late Fee InfoRERA Panchkula Registration Late Fee Info
RERA Panchkula Registration Late Fee Info
Satish Mishra LegalSeva
 
Bank Secrecy Act of the Philippines.pptx
Bank Secrecy Act of the Philippines.pptxBank Secrecy Act of the Philippines.pptx
Bank Secrecy Act of the Philippines.pptx
Cyrish2
 
Merger and Acquisition Prof Oyedokun.pptx
Merger and Acquisition  Prof Oyedokun.pptxMerger and Acquisition  Prof Oyedokun.pptx
Merger and Acquisition Prof Oyedokun.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
Today Legal History and Tradition Lecture ppt
Today Legal History and Tradition Lecture pptToday Legal History and Tradition Lecture ppt
Today Legal History and Tradition Lecture ppt
getabelete
 
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdfGUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
ProexportColombia1
 

Recently uploaded (20)

Legal History and Customary Law Lecture 3 nd 4.pptx
Legal History and Customary Law Lecture 3 nd 4.pptxLegal History and Customary Law Lecture 3 nd 4.pptx
Legal History and Customary Law Lecture 3 nd 4.pptx
 
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
MAKING LARGE-SCALE SOLAR PROJECTS VIABLE IN VIETNAM: INNOVATIVE APPROACHES IN...
 
cyber law and ethics regulation of the connected world
cyber law and ethics regulation of the connected worldcyber law and ethics regulation of the connected world
cyber law and ethics regulation of the connected world
 
Emerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
Emerging Trends in Digital Forensics and Malware Analysis for CybersecurityEmerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
Emerging Trends in Digital Forensics and Malware Analysis for Cybersecurity
 
Petition for Allowance of Appeal.pdf
Petition for Allowance of Appeal.pdfPetition for Allowance of Appeal.pdf
Petition for Allowance of Appeal.pdf
 
Tech Startups: Expert Advice from Aaron Kelly Arizona
Tech Startups: Expert Advice from Aaron Kelly ArizonaTech Startups: Expert Advice from Aaron Kelly Arizona
Tech Startups: Expert Advice from Aaron Kelly Arizona
 
The Law of Dogs in Sectional Title Schemes
The Law of Dogs in Sectional Title SchemesThe Law of Dogs in Sectional Title Schemes
The Law of Dogs in Sectional Title Schemes
 
Proforma B in Panchkula RERA Complaint Authority
Proforma B in Panchkula RERA Complaint AuthorityProforma B in Panchkula RERA Complaint Authority
Proforma B in Panchkula RERA Complaint Authority
 
Monash University degree offer diploma Transcript
Monash University degree offer diploma TranscriptMonash University degree offer diploma Transcript
Monash University degree offer diploma Transcript
 
Occupational Safety and Health Act (Amendment) 2022
Occupational Safety and Health Act (Amendment) 2022Occupational Safety and Health Act (Amendment) 2022
Occupational Safety and Health Act (Amendment) 2022
 
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
VIETNAM FROM A FRONTIER MARKET TO AN EMERGING MARKET – RECOMMENDATIONS TO ACH...
 
Salient features of Geographical Indications of Goods (Registration and Prote...
Salient features of Geographical Indications of Goods (Registration and Prote...Salient features of Geographical Indications of Goods (Registration and Prote...
Salient features of Geographical Indications of Goods (Registration and Prote...
 
Deposition Summary Sample - Deposition Transcripts.pdf
Deposition Summary Sample - Deposition Transcripts.pdfDeposition Summary Sample - Deposition Transcripts.pdf
Deposition Summary Sample - Deposition Transcripts.pdf
 
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie LondonDallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
Dallas Criminal Attorney | Frisco Criminal Attorney- Reggie London
 
RERA Execution Panchkula Authority Powers
RERA Execution Panchkula Authority PowersRERA Execution Panchkula Authority Powers
RERA Execution Panchkula Authority Powers
 
RERA Panchkula Registration Late Fee Info
RERA Panchkula Registration Late Fee InfoRERA Panchkula Registration Late Fee Info
RERA Panchkula Registration Late Fee Info
 
Bank Secrecy Act of the Philippines.pptx
Bank Secrecy Act of the Philippines.pptxBank Secrecy Act of the Philippines.pptx
Bank Secrecy Act of the Philippines.pptx
 
Merger and Acquisition Prof Oyedokun.pptx
Merger and Acquisition  Prof Oyedokun.pptxMerger and Acquisition  Prof Oyedokun.pptx
Merger and Acquisition Prof Oyedokun.pptx
 
Today Legal History and Tradition Lecture ppt
Today Legal History and Tradition Lecture pptToday Legal History and Tradition Lecture ppt
Today Legal History and Tradition Lecture ppt
 
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdfGUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
GUIA_LEGAL_CHAPTER-10_PROPERTY INTELLECTUAL.pdf
 

Digitial Personal Data Bill 2022 feedback

  • 1. www.bestfitsolutions.in 1 nmds@bestfitsolutions.in Feedback on The Draft Digital Personal Data Protection Bill,2022 submitted to MeitY Nanda Mohan Shenoy D CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empaneled CPE Trainer Director
  • 2. www.bestfitsolutions.in 2 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB STRUCTURAL ISSUES
  • 3. www.bestfitsolutions.in 3 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A01 Rationale 1.The word individual is also used in the same Act with a different meaning and context which can be confusing. Refer 6(2)(b)-(b) “itemised” means presented as a list of individual items 21(3) The Board may authorise conduct of proceedings relating to complaints, by individual Members or groups of Members. 2.Standardise the wording aligned to international laws which is “Natural Person” Existing Section Word ‘Individual’ used in multiple places 15 occasions Recommended Section Replace ‘Individual’ with natural persons except in clauses 6(2)(b)-(b) & 21(3) Chapter No Clause No 1 Preamble 2(3),2(6),2(8),2(12),2(13),3(3),4(3)(c),4(3)(d) 2 8(4),8(5),8(6),11(2),15,19(3),30(2)
  • 4. www.bestfitsolutions.in 4 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A02 Rationale Harm does not include mental harm and is restricted to bodily harm. Existing Section “harm”, in relation to a Data Principal, means - a. any bodily harm; or b. distortion or theft of identity; or c. harassment; or d. prevention of lawful gain or causation of significant loss; Recommended Section “harm”, in relation to a Data Principal, means - a. any bodily harm or mental harm; or b. distortion or theft of identity; or c. harassment; or d. prevention of lawful gain or causation of significant loss; Chapter No Clause No 1 2(10)
  • 5. www.bestfitsolutions.in 5 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A03 Rationale Sec 30 is as follows: (1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner: (a) section 43A of the IT Act shall be omitted. Sensitive Personal Data has been for a while and needs to continue as it requires additional protection Existing Section Definition of Sensitive personal data is missing Recommended Section “Sensitive Personal data” means personal data which needs additional safeguards and shall be as prescribed. Chapter No Clause No 1 2
  • 6. www.bestfitsolutions.in 6 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A04 Rationale The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act 2000 Sec 4 has already mentioned what is writing. For clarity purpose add that definition. Alternatively substitute “for reasons to be recorded in writing” with “ for reasons to be recorded and communicated “ Existing Section Definition of writing needs to be introduced Recommended Section "in writing" shall include communication in electronic form as defined in clause (r) of sub- section (1) of section 2 of the Information Technology Act, 2000 read along with Sec 4 Chapter No Clause No 1 2
  • 7. www.bestfitsolutions.in 7 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A05 Rationale Bad in law. Not a legal term. Already this is covered in the General Clauses Act 1897 13 A of Section13. Gender and number. —In all [Central Acts] and Regulations, unless there is anything repugnant in the subject or context, — (1) words importing the masculine gender shall be taken to include females; and (2) words in the singular shall include the plural, and vice versa. This is contradictory and can be challenged in court and will also restrict it to her Existing Section (3) the pronouns “her” and “she” have been used for an individual, irrespective of gender. Recommended Section 1. Delete the sub section : (3) the pronouns “her” and “she” have been used for an individual, irrespective of gender. 2. All ‘her’ to be replaced by ‘him’ 44 instances Chapter No Clause No 1 3(3)
  • 8. www.bestfitsolutions.in 8 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A06 Rationale The jargons must be standardised Standardisation. Move this section to definitions at the appropriate place Existing Section For the purpose of this sub-section, “profiling” means any form of processing of personal data that analyses or predicts aspects concerning the behaviour, attributes, or interests of a Data Principal. Recommended Section Move the clause as it is to definitions Chapter No Clause No 1 4(2)(3)
  • 9. www.bestfitsolutions.in 9 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A07 Rationale No clarity 1. Personal data is already defined as that of ‘an individual’ in sec 2 and again repeating is redundant and bad in law 2. Whether it is applicable to physical record or an electronic record. 3. 100 years from when is not mentioned .is it on revolving basis 4. The construction of the sentence itself is not understandable to common man. Need to rephrase. 5. Also explore the possibility of shifting entire 4(3) related to Applicability to the schedule so that there is flexibility in adding additional as and when required. The IT Act 2000 schedule one is very clear .It should be in similar lines Existing Section personal data about an individual that is contained in a record that has been in existence for at least 100 years. Recommended Section personal data in the form of an electronic record which is more than 100 years old ,on a rolling basis. Chapter No Clause No 1 4(3)(d)
  • 10. www.bestfitsolutions.in 10 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A08 Rationale 1. There is lot of difference between colloquial language and written language. The wordings must be changed. 2. “Itemised” does not have clarity 3. The Data Protection Officer and other details clause 7(3) must be shifted here as it should be logically part of the notice and not consent. Hence the clause shifted here Existing Section On or before requesting a Data Principal for her consent, a Data Fiduciary shall give to the Data Principal an itemised notice in clear and plain language containing a description of personal data sought to be collected by the Data Fiduciary and the purpose of processing of such personal data. Recommended Section (1) On or before requesting a Data Principal for her consent, a Data Fiduciary shall give to the Data Principal an itemised notice in clear and simple language containing a description of personal data sought to be collected by the Data Fiduciary and the purpose of processing of such personal data. (a) “itemised” means presented as a list of individual items grouped topic wise and serially numbered. (2) The notice shall contain the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act Chapter No Clause No 2 6(1)
  • 11. www.bestfitsolutions.in 11 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A09 Rationale .“In the same document” is not transparency. It needs to be communicated to the customer. The objective of transparency is not achieved. It could be tricky as data principal will not have a copy of the notice. Existing Section “notice” can be a separate document, or an electronic form, or a part of the same document in or through which personal data is sought to be collected, or in such other form as may be prescribed. Recommended Section “notice” can be in physical form or electronic form a separate document, or an electronic form, or a part of the same document in or through which personal data is sought to be collected, or in such other form and shall be communicated to the Data Principal as may be prescribed. Chapter No Clause No 2 6 (2)(a)
  • 12. www.bestfitsolutions.in 12 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A10 Rationale 1. We are talking about digital India and on the other hand talking about photocopies. This illustration must be redrafted. 2. Refer Point A09 above for deletion of the last sentence Existing Section Illustration: ‘A’ contacts a bank to open a regular savings account. The bank asks ‘A’ to furnish photocopies of proof of address and identity for KYC formalities. Before collecting the photocopies, the bank should give notice to ‘A’ stating that the purpose of obtaining the photocopies is completion of KYC formalities. The notice need not be a separate document. It can be printed on the form used for opening the savings bank account. Recommended Section Illustration: ‘A’ contacts a bank to open a regular savings account. The bank asks ‘A’ to furnish photocopies of proof of address and identity for KYC formalities. Before collecting the proof photocopies, the bank should give notice to ‘A’ stating that the purpose of obtaining the photocopies proof is for completion of KYC formalities and is a legal requirement. The notice need not be a separate document. It can be printed on the form used for opening the savings bank account. Chapter No Clause No 2 6(2)
  • 13. www.bestfitsolutions.in 13 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A11 Rationale 1. There is lot of difference between colloquial language and written language. The word ‘plain’ must be changed. 2. The Data Protection Officer and other details in clause 7(3) must be shifted to Clause 6(1) as it should be logically part of the notice and not consent. 3. The sections must be standardised. In Section 6 the local language clause is a separate sub section whereas in 7 is it not hence converted to sub section. Existing Section Every request for consent under the provisions of this Act shall be presented to the Data Principal in a clear and plain language, along with the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act. The Data Fiduciary shall give to the Data Principal the option to access such request for consent in English or any language specified in the Eighth Schedule to the Constitution of India. Recommended Section Every request for consent under the provisions of this Act shall be presented to the Data Principal in a clear and simple language, along with the contact details of a Data Protection Officer, where applicable, or of any other person authorised by the Data Fiduciary to respond to any communication from the Data Principal for the purpose of exercise of her rights under the provisions of this Act. (4) The Data Fiduciary shall give to the Data Principal the option to access such request for consent in English or any language specified in the Eighth Schedule to the Constitution of India. Chapter No Clause No 2 7(3)
  • 14. www.bestfitsolutions.in 14 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A12 Rationale Bad in law. The word public interest is already defined in 2(18). This is directly contradicting that definition. Credit scoring cannot be public interest. Also, public interest is covered specifically in 8(9)(c) which further adds to the confusion. The public interest word has to be replaced by a better word to avoid confusion. Earlier bill used the clause “Reasonable Purposes” Existing Section in public interest, including for: (a) prevention and detection of fraud; (b) mergers, acquisitions, any other similar combinations, or corporate restructuring transactions in accordance with the provisions of applicable laws; (c) network and information security; (d) credit scoring; (e) operation of search engines for processing of publicly available personal data; (f) processing of publicly available personal data; and (g) recovery of debt; Recommended Section in the following circumstances, including for: (a) prevention and detection of fraud; (b) mergers, acquisitions, any other similar combinations, or corporate restructuring transactions in accordance with the provisions of applicable laws; (c) network and information security; (d) credit scoring; (e) operation of search engines for processing of publicly available personal data; (f) processing of publicly available personal data; and (g) recovery of debt; Chapter No Clause No 2 8(8)
  • 15. www.bestfitsolutions.in 15 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A13 Rationale Reasonable security safe guards are very open. No bench mark etc. It can be prescribed by the authority or by rules., hence the clause “as may be prescribed” to be added. Existing Section Every Data Fiduciary and Data Processor shall protect personal data in its possession or under its control by taking reasonable security safeguards to prevent personal data breach. Chapter No Clause No 2 9(4) & Schedule 1(1) Recommended Section 1.Every Data Fiduciary and Data Processor shall protect personal data in its possession or under its control by taking reasonable security safeguards to prevent personal data breach as may be prescribed 2. The schedule 1(1) also needs to have the clause “ as may be prescribed”
  • 16. www.bestfitsolutions.in 16 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A14 Rationale Independent auditor qualifications, competence etc needs to be defined so “as may be prescribed” to be added Existing Section appoint an Independent Data Auditor who shall evaluate the compliance of the Significant Data Fiduciary with provisions of this Act; and Chapter No Clause No 2 9(4) Recommended Section appoint an Independent Data Auditor, who shall evaluate the compliance of the Significant Data Fiduciary with provisions of this Act; and For the purpose of this section, “Data Auditor” shall have the necessary qualifications, competence and independence as may be prescribed.
  • 17. www.bestfitsolutions.in 17 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A15 Rationale How can one data fiduciary show the data of another data fiduciary unless it is a consent manager? Ambiguous clause. For example, if I open an account with Bank A, how can Bank B with whom I don’t have any relation , be able to show the details with another fiduciary? This can happen only with Consent Manager. It should be a typo error. As a Data Principal, I would like to know with which all data processers I am sharing my data Existing Section The Data Principal shall have the right to obtain from the Data Fiduciary: (3) in one place, the identities of all the Data Fiduciaries with whom the personal data has been shared along with the categories of personal data so shared; and Chapter No Clause No 3 12(3) Recommended Section The Data Principal shall have the right to obtain from the Data Fiduciary: (3) in one place, the identities of all the Data Fiduciaries or Data Processors with whom the personal data has been shared along with the categories of personal data so shared; and
  • 18. www.bestfitsolutions.in 18 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A16 Rationale Typo error and subject to gross misinterpretation. English to be changed and separate sub section for erasure.Correction is different from erasure Existing Section (2) A Data Fiduciary shall, upon receiving a request for such correction and erasure from a Data Principal: (a) correct a Data Principal’s inaccurate or misleading personal data; (b) complete a Data Principal’s incomplete personal data; (c) update a Data Principal’s personal data; (d) erase the personal data of a Data Principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. Chapter No Clause No 3 13(2) Recommended Section 2) A Data Fiduciary shall, upon receiving a request for such correction and erasure from a Data Principal: (a) correct a Data Principal’s inaccurate or misleading personal data; (b) complete a Data Principal’s incomplete personal data; (c) update a Data Principal’s personal data; (d)erase the personal data of a Data Principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. (2) A Data Fiduciary shall, upon receiving a request for erasure from a Data Principal shall erase the data of the data principal that is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose. In case the data principal is unable to erase the same due to legal reasons the same shall be communicated back to the Data Principal
  • 19. www.bestfitsolutions.in 19 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A17 Rationale The clause “in writing” has been used 6 times in the Bill. In this digital world it looks absurd .IT Act Sec 4 has already mentioned what is writing. For clarity purpose add that definition. Alternately introduce the definition “in writing “as mentioned above already as per the IT Act Refer Point A04 above. Existing Section for reasons to be recorded in writing Chapter No Clause No 5 20(2),21(2),(4),(5) & (11),22(1) Recommended Section “for reasons to be recorded and communicated”.
  • 20. www.bestfitsolutions.in 20 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A18 Rationale The Bill is only talking about the penalties which will go to a specific fund of Data Protection authority. The bill talks about only penalty. Where is the compensation due, as a result of the harm or loss to the Data Principal? It is totally silent on the same. In case of the IT Act, it was introduced in 2008. This is very important. Existing Section Penalties Chapter No Clause No 5 25 Recommended Section Add the relevant Compensation clause accordingly
  • 21. www.bestfitsolutions.in 21 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A19 Rationale Deleting this section without any new clause on sensitive personal data is going to be dangerous. Personal data needs to be classified as sensitive for certain classes of data. Sensitive data needs additional protection and penalty for breach of this data needs additional penalty. Similarly, privacy policy and many other aspects are important Existing Section 1) The Information Technology Act, 2000 (“IT Act”) shall be amended in the following manner: (a) section 43A of the IT Act shall be omitted; Chapter No Clause No 6 30(1)(a) Recommended Section The following sections must be reworked to include sensitive data : Sec 17 -Transfer of data Sec 9(4)
  • 22. www.bestfitsolutions.in 22 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Structural Issues – A20 Rationale Linked to the modification in Sec 9(4) Existing Section Failure of Data Processor or Data Fiduciary to take reasonable security safeguards to prevent personal data breach under sub- section (4) of section 9 of this Act Schedule Clause No 1 (1) Recommended Section Failure of Data Processor or Data Fiduciary to take reasonable security safeguards, as may be prescribed, to prevent personal data breach under sub-section (4) of section 9 of this Act
  • 23. www.bestfitsolutions.in 23 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB LANGUAGE ISSUES
  • 24. www.bestfitsolutions.in 24 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B01 Rationale Child is already defined by clause 2(3) as (3) “child” means an individual who has not completed eighteen years of age ? The word individual should not be repeated English language framing. Existing Section “Data Principal” means the individual to whom the personal data relates and where such individual is a child includes the parents or lawful guardian of such a child Chapter No Clause No 1 2(6) Recommended Section “Data Principal” means the individual to whom the personal data relates and in case of child it shall include the parents or lawful guardian of such a child.
  • 25. www.bestfitsolutions.in 25 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B02 Rationale Typo error. How can false statements be fact ? Existing Section “public interest” means in the interest of any of the following: (a) sovereignty and integrity of India; b. security of the State; c. friendly relations with foreign States; d. maintenance of public order; e. preventing incitement to the commission of any cognizable offence relating to the preceding sub-clauses; and f. preventing dissemination of false statements of fact. Chapter No Clause No 1 2(18)(f) Recommended Section “public interest” means in the interest of any of the following: (a) sovereignty and integrity of India; b. security of the State; c. friendly relations with foreign States; d. maintenance of public order; e. preventing incitement to the commission of any cognizable offence relating to the preceding sub-clauses; and f. preventing dissemination of false statements or fact.
  • 26. www.bestfitsolutions.in 26 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B03 Rationale 1.Typo/Spelling mistake as per Indian English it is “digitized” 2. In order to align with the IT Act change the statement. IT Act does not use the jargon digitized. The correct word shall be electronic record. Existing Section (1) The provisions of this Act shall apply to the processing of digital personal data within the territory of India where: (b)such personal data collected offline, is digitized Chapter No Clause No 1 4(1)(b) Recommended Section (1) The provisions of this Act shall apply to the processing of digital personal data within the territory of India where: (b) such personal data collected in Non electronic form/Physical Form is converted to an electronic record. Interpretation: Electronic Record is defined in sec 2(t) of the information technology Act 2000
  • 27. www.bestfitsolutions.in 27 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B04 Rationale Offline data is not written English it is colloquial English. As mentioned in Point A04 above, in order to align to IT Act ‘electronic record ‘can make life simpler for everybody. By this one-word non- automated processing is also covered and need not be mentioned explicitly. Offline can be subject to interpretation. Existing Section (3) The provisions of this Act shall not apply to: (a) non-automated processing of personal data; (b) offline personal data; Chapter No Clause No 1 4(3)(a) & 4(3)(b) Recommended Section (3) The provisions of this Act shall not apply to: (a) personal data in the form of a non- electronic record. Explanation : Electronic Record is as defined in Sec 2(t) of Information Technology Act 2000
  • 28. www.bestfitsolutions.in 28 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B05 Rationale There is lot of difference between colloquial language and written language. The wordings must be changed Existing Section Where a Data Principal has given her consent to the processing of her personal data before the commencement of this Act, the Data Fiduciary must give to the Data Principal an itemised notice in clear and plain language containing a description of personal data of the Data Principal collected by the Data Fiduciary and the purpose for which such personal data has been processed, as soon as it is reasonably practicable Chapter No Clause No 2 6(2) Recommended Section Where a Data Principal has already given her consent to the processing of her personal data before the commencement of this Act, the Data Fiduciary must give to the Data Principal an itemised notice in clear and simple language containing a description of personal data of the Data Principal collected by the Data Fiduciary and the purpose for which such personal data has been processed, as soon as it is reasonably practicable
  • 29. www.bestfitsolutions.in 29 Mr Nanda Mohan Shenoy CDPSE, CISA ,CAIIB Language Issues – B06 Rationale English and standardisation Existing Section (2)Failure to notify the Board and affected Data Principals in the event of a personal data breach, under sub- section (5) of section 9 of this Act (3)Non-fulfilment of additional obligations in relation to Children; under section 10 of this Act. (5)Non-compliance with section 16 of this Act Schedule No Clause No 1 (2),(3),(5) Recommended Section (2)Failure of Data Processor or Data Fiduciary to notify the Board and affected Data Principals in the event of a personal data breach, under sub-section (5) of section 9 of this Act. (3)Non-fulfilment of additional obligations by Data Fiduciary in relation to Children; under section 10 of this Act. (5) Non-compliance with section 16 of this Act by the Data Principal