Домой United States USA — IT ET View: India must enact a data protection law quickly

ET View: India must enact a data protection law quickly

263
0
ПОДЕЛИТЬСЯ

General Data Protection Regulation is a new privacy law that gives people more control over their personal data and seeks to punish companies that vio..
Th e European Union has finally adopted the General Data Protection Regulation, a new privacy law that gives people more control over their personal data and seeks to punish companies that violate a citizen’s privacy right. Not surprisingly, the world is eagerly watching its roll-out as countries are struggling to cope with data breaches and theft. Many firms are said to have admitted that efforts to comply have forced them to organise loads of data they have stored. Now that a model has been set for the EU, India would do well to enact its own law using GDPR as a template. We need a data protection regulator who can hold companies and government accountable. There should be specific protection for the individual against unjustified surveillance. Privacy and data are issues that really go beyond just Aadhaar. The nub of GDPR is the assertion that a citizen or a consumer has right over her data through its entire life cycle starting from the point of capture through its repetitive use at various stages. In the first instance, consent must be ensured. Down the line a person has the right to ask for deletion of her data (or what is called right to be forgotten). Large Indian IT and ITes companies must comply with GDPR right away. Given the advanced notice by EU, the presumption is that all IT and ITes companies in India are well prepared. Would this be an opportunity or threat, given that there are huge penalties for violation? Effective compliance holds the key. It will prepare the ground for all companies to be geared for India’s data protection law as well.

Continue reading...