draft personal data protection bill 2018 rights and
play

(Draft) Personal Data Protection Bill 2018: Rights and entitlements - PowerPoint PPT Presentation

Jun 19, 2023 •249 likes •563 views

(Draft) Personal Data Protection Bill 2018: Rights and entitlements Beni Chugh Research Associate, Dvara Research CUTS, Capacity Building Workshop on Raising Consumers Awareness Level On Data Protection And Privacy And Impact Of Personal

  1. (Draft) Personal Data Protection Bill 2018: Rights and entitlements Beni Chugh Research Associate, Dvara Research CUTS, Capacity Building Workshop on Raising Consumer’s Awareness Level On Data Protection And Privacy And Impact Of Personal Data Protection Bill On Them Jaipur, 18-19 July, 2019

  2. Our conversation today 1.Data protection: First-principles 2.Evolution of data protection regime in India 3.The (draft) Personal Data Protection Bill (PDP Bill), 2018 4. Users’ rights under the (draft) PDP Bill 5.Obligations under the (draft) PDP Bill 6.Grievance Redress under the (draft) PDP Bill 7.The proposed data protection authority 8.Some concerns

  3. Data protection: First-principles

  4. 1. Data protection: First-principles What is personal data? Se. 2(29) of the (draft) Bill 2018, defines personal data as:

  5. 1. Data protection: First-principles Why protect personal data?  To uphold the fundamental right to privacy  To protect against the harms from the misuse of personal data  To protect c ompetition in markets

  6. Right to Privacy: People care deeply about their personal data Privacy on the Line, 2018 6

  7. The need to protect personal data: Harms Harms from misuse of personal data:  Direct financial loss  Discrimination  Exclusion  Limiting Consumer Choice  Fraud 7

  8. 1. Data protection: First-principles How to protect personal data? Data protection legislations are being adopted by nations across the world. As in June 2018:  The European Union’s General Data Protection Regulation (GDPR) was implemented in May 2018.  126 nations had an active data protection regulation  34 nations were deliberating on a draft data protection bill Ironically, India belongs to both groups.

  9. 1. Data protection: First-principles How to protect personal data?

  10. 2. Evolution of data protection regime

  11. 2. Data protection regime in India: Evolution Aug 2018 2011 Aug 2017 2000 Jul 2017 Nov 2017 W h i t e Pa p e r o f t h e ( D ra f t ) R i g h t t o p r i v a c y , Re a s o n a b l e s e c u r i t y I n f o r m a t i o n C o n s t i t u t i o n o f a C o m m i tt e e o f Pe r s o n a l f u r t h e r i m p e t u s T e c h n o l o g y C o m m i tte e o f p ra c t i c e s a n d E x p e r t s o n a D a t a t o d a t a D a t a A c t E x p e r t s t o d e l i b e r a t e p r o c e d u r e s a n d p r o te c t i o n P ro t e c t i o n P r o t e c t i o n o n a d a t a p r o t e c t i o n s e n s i t i v e p e r s o n a l F ra m e w o r k fo r I n d i a r e g i m e i n I n d i a B i l l , 2 0 1 8 d a t a o r i n fo r m at i o n

  12. 3. (Draft) Personal Data Protection Bill, 2018

  13. 3. [Draft] Personal Data Protection Bill (PDP Bill) 2018: The framework The draft PDP Bill recognises four key stakeholders: Data Principal Data Fiduciary Data Protection Data Processor Authority You and I Bank, GoogIe, Facebook Mu Sigma, Fractal Analytics Obligations, Chapter II Law-making powers Rights Transparency & Accountability Measures, Chapter VII Chapter X, XI, XIII Chapter, VI

  14. Data Principal You and I Rights Chapter, VI 4. Rights of data principals

  15. 4. (Draft) PDP Bill: Rights of the data principals The (draft) PDP Bill vests four rights in the data principal:  Right to confirmation and access  Right to correction  Right to data portability  Right to be forgotten

  16. 4.1 The right to confirmation & access It empowers the data principal to seek from the data fiduciary:  a confirmation if their data is being or has been processed  a brief summary of the personal data  a brief summary of the activities undertaken by the fiduciary The fiduciary must provide this information in a clear, concise, easy-to- understand manner This right is important because  You cannot protect until you know what is happening to your data  You cannot withdraw consent, seek redress etc.  It lays the foundation for exercising other rights and examining obligations

  17. 4.2 The right to correction Under this right:  Data principal can dispute the quality of their personal data  They can get it (i) corrected, (ii) completed and (iii) updated  Data fiduciary must reject correction requests in writing  Data principal can appeal against rejection  Data fiduciary must get it corrected across entities This right is important because:  Quality of data impacts the decision made using the data  It can affect if you get your ration, a loan etc  The case of Sani Tutti  The case of Judy Thomas and Judith Upton.

  18. The case of Sanni Tuti

  19. 4.3 The right to data portability Your ur ba bank nk Under this right, the data principal: Google gle  must receive the data they shared with a data fiduciary in a structured, machine-readable format  can instruct a data fiduciary to transfer data to another fiduciary  subject to three exceptions  Data offers competitive advantages  Having access to big data can encourage monopolistic practices and abuse of dominant position  This decreases consumer surplus and potentially consumer welfare

  20. 4.4 The right to be forgotten The data principal can restrict or stop sharing their personal data with a data fiduciary, if:  the data has served its purpose  consent for sharing data is being withdrawn  is in contravention of the law An Adjudicating Officer determines if the right can be Stop! exercised  It upholds data principal’s autonomy and control of their personal data  It obliges organisations to fulfil their obligations

  21. Data Processor Data Fiduciary Bank, GoogIe, Facebook Mu Sigma, Fractal Analytics Obligations, Chapter II Transparency & Accountability Measures, Chapter VII 5. Obligations: Data fiduciaries and data processors

  22. 5.1 (Draft) PDP Bill: Obligations of data fiduciaries, data processors The draft Bill places 8 obligations on the data fiduciaries and data processors: 1. Fair & Reasonable Processing 2. Purpose Limitation 3. Collection Limitation 4. Lawful Processing 5. Notice 6. Data Quality 7. Storage Limitation 8. Accountability

  23. 5.2 (Draft) PDP Bill: Transparency and accountability mechanisms Additionally, the draft Bill places 11 accountability and transparency processes: 1. Privacy by design 2. Transparency 3. Security Safeguards 4. Personal Data Breach 5. Data Protection Impact Assessment 6. Record-Keeping 7. Data- Audits 8. Data Protection Officer 9. Processing by entities other than data fiduciaries 10. Classification of data fiduciaries into significant data fiduciaries 11. Grievance redress

  24. 6. Grievance Redress

  25. 6.1 “Harm” under the PDP Bill 2018 “Harm” includes— i. bodily or mental injury; ii. loss, distortion or theft of identity; iii. financial loss or loss of property, iv. loss of reputation, or humiliation; v. loss of employment; vi. any discriminatory treatment; vii. any subjection to blackmail or extortion; viii. any denial or withdrawal of a service, benefit or good resulting from an evaluative decision about the data principal; ix. any restriction placed or suffered directly or indirectly on speech, movement or any other action arising out of a fear of being observed or surveilled; or x. any observation or surveillance that is not reasonably expected by the data principal. 25

  26. 6.2 Grievance redress: Trigger and process  Every data fiduciary must have a grievance redress mechanism in place  Grievance can be raised if there is a violation that may cause harm to the user  Data fiduciary must resolve complaints within 30 days  The data principal can escalate the matter to the Data Protection Authority

  27. Data Protection Authority Law-making powers Chapter X, XI, XIII 7. Data Protection Authority

  28. The proposed Data Protection Authority Data Protection Appellate Tribunal Authority • Appeals against orders of Adjudication the appellate tribunal will Wing be to the Supreme Court of India. Monitoring & Legal Affairs, Policy Research & Inquiries & Enforcement & Standard Setting Awareness Grievance 28

  29. Some concerns 1. The aspiration for a “data fiduciary” paradigm falls short in application 2. Data principals are afforded a limited set of rights 3. The draft PDP Bill creates high barriers to exercise the rights by data principals 4. The grievance redress framework is burdensome and limited for users 5. The definition and usage of “harm” in the draft Bill limits user protections and rights 6. The draft Bill disincentivises and penalises withdrawal of consent

  30. Thank you. Beni Chugh Research Associate, Dvara Research CUTS, Capacity Building Workshop on Raising Consumer’s Awareness Level On Data Protection And Privacy And Impact Of Personal Data Protection Bill On Them Jaipur, 18-19 July, 2019

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019

Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019

CONSUMER AWARENESS WORKSHOP on Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019 Kolkata OBJECTIVE Engage with the consumer and civil society organisations (CSOs) in tier II locations to

623 views • 50 slides
The importance of personal data protection Personal data are accessed and processed exponentially

The importance of personal data protection Personal data are accessed and processed exponentially

The importance of personal data protection Personal data are accessed and processed exponentially Abuse of personal data exploded Risk of data theft, piracy New Cambridge Analytica scandal almost every week Need to

293 views • 14 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
Personal information and data protection What is personal data? Any information about you that

Personal information and data protection What is personal data? Any information about you that

Personal information and data protection What is personal data? Any information about you that can identify you! This could be: your name, address, date of birth or telephone number; the type of job you do; the things you buy;

585 views • 24 slides
Environment Protection Amendment Bill 2018 Kate Gavens Director, Environment Protection

Environment Protection Amendment Bill 2018 Kate Gavens Director, Environment Protection

Environment Protection Amendment Bill 2018 Kate Gavens Director, Environment Protection Department of Environment, Land, Water and Planning Environment Protection Amendment Bill 2018 May 2016 Independent Inquiry into the EPA Jan 2017 Andrews

209 views • 16 slides
Briefing on 25 Jan 2016 at ERA@MBSq 1 Data Protection Officer (DPO) Under the Personal Data

Briefing on 25 Jan 2016 at ERA@MBSq 1 Data Protection Officer (DPO) Under the Personal Data

Briefing on 25 Jan 2016 at ERA@MBSq 1 Data Protection Officer (DPO) Under the Personal Data Protection Act 2012 (PDPA), organisations are required to develop and implement policies and practices that are necessary to meet its obligations under

1.02k views • 24 slides
Bill Protection Introduction 1 Agenda 1.Review Decision Parameters & Principles 2.TOU Bill

Bill Protection Introduction 1 Agenda 1.Review Decision Parameters & Principles 2.TOU Bill

Bill Protection Introduction 1 Agenda 1.Review Decision Parameters & Principles 2.TOU Bill Protection vs. SJV Bill Protection 2 SJV DAC Pilots Decision Guidance The IOU bill protection workshop proposals and the IOUs Bill Protection

369 views • 20 slides
INFORMATION SEMINAR FOR LICENSEES 2018 General Data Protection Regulation (GDPR) 25 May

INFORMATION SEMINAR FOR LICENSEES 2018 General Data Protection Regulation (GDPR) 25 May

PROPERTY SERVICES REGULATORY AUTHORITY INFORMATION SEMINAR FOR LICENSEES 2018 General Data Protection Regulation (GDPR) 25 May 2018 Data Protection Commission Website WWW.GDPRANDYOU.IE Relates to Personal Data/Information held

545 views • 30 slides
on data protection and fundamental rights Anna Fielder 16-06 TISA Countries No general data

on data protection and fundamental rights Anna Fielder 16-06 TISA Countries No general data

Data flows between the EU and partner countries: how to comply with the EU standards on data protection and fundamental rights Anna Fielder 16-06 TISA Countries No general data protection law in red Australia, Canada, Chile, Chinese Taipei,

527 views • 6 slides
MMFCU Bill Pay Personal Accounts What is Bill Pay? Bill pay is a service that allows you to pay

MMFCU Bill Pay Personal Accounts What is Bill Pay? Bill pay is a service that allows you to pay

MMFCU Bill Pay Personal Accounts What is Bill Pay? Bill pay is a service that allows you to pay virtually anyone or any company with a mailing address within the U.S. and Puerto Rico through your Online Banking account. You determine who you

734 views • 19 slides
Anti-Bullying Bill of Rights Act (ABR) 2017-2018 HIB Self Assessment State mandated component

Anti-Bullying Bill of Rights Act (ABR) 2017-2018 HIB Self Assessment State mandated component

Anti-Bullying Bill of Rights Act (ABR) 2017-2018 HIB Self Assessment State mandated component of the Anti- Bullying Bill of Rights Act (ABR) Reflects the implementation of ABR in the district and in each individual building for the period

89 views • 7 slides
Estelle Dehon Barrister at Cornerstone Barristers General Data Protection Regulation Source:

Estelle Dehon Barrister at Cornerstone Barristers General Data Protection Regulation Source:

Estelle Dehon Barrister at Cornerstone Barristers General Data Protection Regulation Source: Slane Cartoons https://www.slanecartoon.com/ What is the GDPR? Framework of rights and duties designed to safeguard personal data Focuses on

459 views • 29 slides
ASSET PROTECTION PROGRAM PROVIDING TOMORROW SOLUTIONS TODAY ASSET PROTECTION United States of

ASSET PROTECTION PROGRAM PROVIDING TOMORROW SOLUTIONS TODAY ASSET PROTECTION United States of

ASSET PROTECTION PROGRAM PROVIDING TOMORROW SOLUTIONS TODAY ASSET PROTECTION United States of America has continued to remain the hope of the planet. The rights of our Nation is rooted and based in the United States Constitution and Bill of Rights.

201 views • 8 slides
GDPR what is it? Replaces the Data Protection Act 1998 European legislation will

GDPR what is it? Replaces the Data Protection Act 1998 European legislation will

GDPR what is it? Replaces the Data Protection Act 1998 European legislation will not be gold plated Comes into force 25 May 2018 BREXIT Data Protection Bill Why is GDPR relevant to me? Healthcare has been an area

692 views • 17 slides
The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an

The new data protection regime: The GDPR and the Data Protection Act 2018 Robin Hopkins Robin Hopkins 4 October 2017 GDPR: an introduction The problem: Processing of personal data ramps up with technology 1990s legislation

379 views • 17 slides
Cash in the media Democracy: Financial Rights are Human Sweden: New bill ordering banks to

Cash in the media Democracy: Financial Rights are Human Sweden: New bill ordering banks to

Cash in the media Democracy: Financial Rights are Human Sweden: New bill ordering banks to Rights provide cash services A healthy democracy needs financial privacy. If all ECB welcomes Swedish draft law and highlights the importance that all

698 views • 22 slides
KOSOVO AGENCY OF STATISTICS Strategic Management Seminar on Exchanging Experiences with the

KOSOVO AGENCY OF STATISTICS Strategic Management Seminar on Exchanging Experiences with the

KOSOVO AGENCY OF STATISTICS Strategic Management Seminar on Exchanging Experiences with the implementation of GLOS Kosovo Experience on GLOS Budva 06-07 July 2017 Outline Introduction (KSS) LOS current ^ amendment KASs

776 views • 26 slides
August 17, 2016 Agenda 1. Why are we re-naming Medicaid? 2. Launch timeline 3. What is changing

August 17, 2016 Agenda 1. Why are we re-naming Medicaid? 2. Launch timeline 3. What is changing

Accountable Care Collaborative Program Improvement Advisory Committee August 17, 2016 Agenda 1. Why are we re-naming Medicaid? 2. Launch timeline 3. What is changing and what is not! 4. Communication resources 2 Medicaid is DIFFERENT! 3

453 views • 26 slides
Records Guidance January 2012 Records guidance project Objective: Improve the access to the

Records Guidance January 2012 Records guidance project Objective: Improve the access to the

Records Guidance January 2012 Records guidance project Objective: Improve the access to the guidance on our website www nationalarchives gov uk www.nationalarchives.gov.uk Records guidance project Records guidance project What we did: What

222 views • 10 slides
Hiap Hoe Limited Investor Presentation August 2014 1 1 Important Notice This presentation and

Hiap Hoe Limited Investor Presentation August 2014 1 1 Important Notice This presentation and

Hiap Hoe Limited Investor Presentation August 2014 1 1 Important Notice This presentation and the information contained herein does not constitute or form any part of any offer or invitation to sell or issue, or any solicitation of any offer

559 views • 36 slides
Florence County Planning Commission April 24, 2018 Florence County Council Chambers 6:00 PM

Florence County Planning Commission April 24, 2018 Florence County Council Chambers 6:00 PM

Florence County Planning Commission April 24, 2018 Florence County Council Chambers 6:00 PM EZ/RP/HG/DS 1 Agenda Florence County Planning Commission Regular Meeting Tuesday, April 24, 2018 6:00 P.M. County Complex Room 803 The Florence

112 views • 10 slides
Andrew D. Cotlar Andrew D. Cotlar Your Tool Box for Mortgage Your Tool Box for Mortgage

Andrew D. Cotlar Andrew D. Cotlar Your Tool Box for Mortgage Your Tool Box for Mortgage

Andrew D. Cotlar Andrew D. Cotlar Your Tool Box for Mortgage Your Tool Box for Mortgage Foreclosure Defense V 2.0 Foreclosure Defense V 2.0 Andrew D. Cotlar, Esq. Andrew D. Cotlar, Esq. Cotlar & Cotlar Cotlar & Cotlar 23 West.

870 views • 57 slides
Fisheries Team Presentation Charge : Develop and review options for organizational restructuring

Fisheries Team Presentation Charge : Develop and review options for organizational restructuring

Fisheries Team Presentation Charge : Develop and review options for organizational restructuring that strengthen fisheries programs at the certificate, associate, and baccalaureate degree levels. Scope : Certificate, associate, and baccalaureate

457 views • 19 slides
PRESENTATION ONLINE COURSE COACH WGTA(LEVEL 2). WALTER GRNFELD. Executive Tennis Director at

PRESENTATION ONLINE COURSE COACH WGTA(LEVEL 2). WALTER GRNFELD. Executive Tennis Director at

PRESENTATION ONLINE COURSE COACH WGTA(LEVEL 2). WALTER GRNFELD. Executive Tennis Director at WGTA. www.wgrunfeldacademy.com info@wgrunfeldcademy.com WALTER GRNFELD. Walter Grnfeld has been working as a tennis coach since 1990,

299 views • 17 slides

More recommend