Author: naavi108

“Right To Know” is a Right to be protected under the proposed Data Protection Act

As we enter the final stages of public consultation on the drafting of the new Data Protection Act of India following the release of the White Paper by the Justice Srikrishna Committee, one aspect of the law that needs attention is the “Right to Know” of an individual which often conflicts with the” Right to …

Read More “Right To Know” is a Right to be protected under the proposed Data Protection Act

Public Consultation on Data Protection Law….some points of discussion-3

(This is a continuation of the previous article) 3.  A lot of discussion centered around the issue of “Consent” and “Informed Consent”. The issues were about the need for and effect of consents as an instrument of Privacy protection. There were also suggestions that consents should be applicable by processors also, consents should be standardized …

Read More Public Consultation on Data Protection Law….some points of discussion-3

Public Consultation on Data Protection Law…. Some points of discussion-2

(This is a continuation of the previous article) 2. One of the questions that arose during the discussions was on the “Data Breach Notification requirements” under the proposed act. There was one concern of the industry that “Data Breach” reporting to the data subjects should not be mandated and even if required it should not …

Read More Public Consultation on Data Protection Law…. Some points of discussion-2

Public Consultation on Data Protection Law…. Some points of discussion-1

During the discussion on the Data Protection white paper in Bangalore on 13th instant by three members of the Expert Committee led by the Chairman Justice B.N.Srikrishna, several interesting issues came up for discussion. While it is difficult to recall all the points discussed, I am trying to capture some of the interesting points raised …

Read More Public Consultation on Data Protection Law…. Some points of discussion-1

Public Consultation on Data Protection Legislation

On Saturday, (13th January 2017), three members of the Judtice Srikrishna Committee on Data Protection Law participated in a public consultation program in Bangalore at the IISc auditorium. Honourable Justice (Retd) B.N. Srikrishna, the Chairman of the committee was present along with two other members of the committee namely Mr Gopalakrishna and Rama Vedashree. A …

Read More Public Consultation on Data Protection Legislation

Let’s look beyond GDPR, Personal Data Managers and Data Trusts required under Data Protection Act of India

As the extended date (31st January 2018) for submission of feedback on the whitepaper on Data Protection law approaches, there is increased activity in the industry circles to submit the recommendations. It is obvious that there will be two distinct sets of recommendations that will be reaching the Government. One would be from the industry …

Read More Let’s look beyond GDPR, Personal Data Managers and Data Trusts required under Data Protection Act of India

Compliance by Design needs to be mandated by Data Protection Act

[P.S: This is in continuation of the discussion of the proposed Data Protection Act in India and the public comments invited for the  Justice Srikrishna report.] “Privacy by Design” is a concept which GDPR expects from Data Controllers and Data Processors.  The concept of Privacy by design basically means that measures for Privacy protection should be initiated …

Read More Compliance by Design needs to be mandated by Data Protection Act

The Right to Forget ..should it be part of Indian Privacy Protection Act?

[P.S: This is in continuation of the discussion of the proposed Data Protection Act in India and the public comments invited for the  Justice Srikrishna report.] The EU law on Privacy under GDPR recognizes the “Right to Forget” which essentially means that the data subject can demand that his personal information should be erased from the …

Read More The Right to Forget ..should it be part of Indian Privacy Protection Act?

Data Protection Act should recognize the role of a Data Manager in addition to the Data Controller and Processor

[P.S: This is in continuation of the discussion of the proposed Data Protection Act in India and the public comments invited for the  Justice Srikrishna report.] Many of the issues connected with Privacy arise out of the complaint that “information collected by a Data Controller” is processed in such a manner that the data subject feels …

Read More Data Protection Act should recognize the role of a Data Manager in addition to the Data Controller and Processor