The state of India’s public sector defence industry
This paper has been authored by Laxman Kumar Behera from ORF.
The new Digital Personal Data Protection Act (DPDPA) is market-friendly but is lacking in attention to privacy requirements for sensitive personal data. This report highlights three types of sensitive personal data—i.e., biometric, financial, and health—and emphasises the need for transparent consent mechanisms that will safeguard an individual’s data. It underscores the role of data fiduciaries, urging the formulation of clear operational guidelines to enhance data protection and harmonising the relationships between data processors and fiduciaries to create a comprehensive regulatory system. The report outlines recommendations on the importance of adaptable data protection regulations and the need for governments to be accountable data fiduciaries to ensure that the upcoming Digital India Act is more inclusive and comprehensive.
In August 2023, India announced its long-awaited Digital Personal Data Protection Act, 2023 (DPDPA). The act expands on the rights of citizens beyond the Information Technology (IT) Rules, including the right to information, to correction and erasure, to grievance redressal, and to nominate a representative in the event of incapacity. It also outlines the requirements for Significant Data Fiduciaries (SDFs). According to the ministry of electronics and information technology (MeitY), the DPDPA will soon be complemented by a Digital India Act (DIA) that will replace the existing IT Rules.
In its present form, the DPDPA has gaps that need discussion. Among them is the absence of a provision guaranteeing a citizen’s right to be forgotten and the lack of explicit outlines and guidelines for sensitive personal data.
On September 27, 2023, the Observer Research Foundation, in collaboration with the technology policy think-tank, The Dialogue, hosted a roundtable discussion on the DPDPA, specifically deliberating its impact on biometrics, financial, and health data. The roundtable gathered stakeholders from industry, civil society, and academia.
The participants agreed that while the DPDPA has ended the wait for a data privacy policy in India, it is only the first step for the country to successfully navigate the current era of emerging technologies.
The roundtable focused on three core areas, with the aim to inform the current gaps in legislation and contribute to future guidelines: Biometric data; Financial data; and Health data.
The paper can be accessed by clicking here.
This paper has been authored by Laxman Kumar Behera from ORF.
The new Digital Personal Data Protection Act (DPDPA) is market-friendly but is lacking in attention to privacy requirements for sensitive personal data. This report highlights three types of sensitive personal data—i.e., biometric, financial, and health—and emphasises the need for transparent consent mechanisms that will safeguard an individual’s data. It underscores the role of data fiduciaries, urging the formulation of clear operational guidelines to enhance data protection and harmonising the relationships between data processors and fiduciaries to create a comprehensive regulatory system. The report outlines recommendations on the importance of adaptable data protection regulations and the need for governments to be accountable data fiduciaries to ensure that the upcoming Digital India Act is more inclusive and comprehensive.
In August 2023, India announced its long-awaited Digital Personal Data Protection Act, 2023 (DPDPA). The act expands on the rights of citizens beyond the Information Technology (IT) Rules, including the right to information, to correction and erasure, to grievance redressal, and to nominate a representative in the event of incapacity. It also outlines the requirements for Significant Data Fiduciaries (SDFs). According to the ministry of electronics and information technology (MeitY), the DPDPA will soon be complemented by a Digital India Act (DIA) that will replace the existing IT Rules.
In its present form, the DPDPA has gaps that need discussion. Among them is the absence of a provision guaranteeing a citizen’s right to be forgotten and the lack of explicit outlines and guidelines for sensitive personal data.
On September 27, 2023, the Observer Research Foundation, in collaboration with the technology policy think-tank, The Dialogue, hosted a roundtable discussion on the DPDPA, specifically deliberating its impact on biometrics, financial, and health data. The roundtable gathered stakeholders from industry, civil society, and academia.
The participants agreed that while the DPDPA has ended the wait for a data privacy policy in India, it is only the first step for the country to successfully navigate the current era of emerging technologies.
The roundtable focused on three core areas, with the aim to inform the current gaps in legislation and contribute to future guidelines: Biometric data; Financial data; and Health data.
The paper can be accessed by clicking here.
This paper has been authored by Laxman Kumar Behera from ORF.