BEWARE OF FAKE INSTITUTES WITH SIMILAR NAMES. blank    blank
banner

Digital Personal Data Protection Act, 2023



  Mar 12, 2024

Digital Personal Data Protection Act, 2023



Objective:

The Digital Personal Data Protection Act, 2023, regulates the processing of digital personal data to protect individual rights while allowing for lawful data processing.

Salient Features:

1. Data Protection Framework:

• Defines obligations for data fiduciaries (entities like businesses and government departments that handle data) and establishes rights for data principals (the individuals to whom the data pertains).
• Introduces penalties for violations to ensure compliance.

2. Core Principles:

• Consent: Personal data must be used in a consented, lawful, and transparent manner.
• Purpose Limitation: Data can only be used for the purpose stated at the time of collection.
• Data Minimisation: Only necessary data for the specified purpose is to be collected.
• Accuracy: Ensures the data collected is accurate and up-to-date.
• Storage Limitation: Data should not be kept longer than necessary.
• Security: Adequate measures must be taken to protect the data.
• Accountability: Entities must be accountable for their data practices, with breaches and non-compliance resulting in penalties.

3. Inclusive Language:

• Marks a shift by using “she” instead of “he” in the legal text, promoting gender inclusivity in law-making.

4. Rights for Individuals:

• Access: Individuals can find out what personal data is processed.
• Correction and Erasure: Individuals can correct or delete their data.
• Grievance Redressal: A pathway for individuals to raise concerns.
• Nomination: Individuals can nominate someone to exercise their rights in case of death or incapacity.
• Example: If a user finds incorrect personal data on a shopping website, they can request it to be corrected or deleted under this Act.

5. Obligations for Data Fiduciaries:

• Security: Implement safeguards against data breaches.
• Notification: Inform the board and affected individuals about data breaches.
• Data Erasure: Delete data when no longer needed or upon consent withdrawal.
• Grievance Redressal: Establish a system to address individuals’ queries.
• Example: A bank must erase a customer’s data upon their request if it’s no longer necessary for the purpose it was collected for.

6. Child Data Protection:

• Data of children can only be processed with parental consent, prohibiting harmful practices like tracking.

7. Exemptions:

• Includes specific scenarios like national security, research, and legal processes where standard rules may not apply.

8. Board Functions:

• Oversees compliance, addresses breaches, and can advise on actions against non-compliant entities.

Examples and Implementation:

For instance, if a healthcare app collects more health data than needed for its service, it could be in violation of the data minimisation principle. Companies must now ensure they collect only what is explicitly required and safeguard it effectively to avoid penalties.

FAQs Simplified:

This Act creates a framework that balances the protection of personal data with the needs of entities that process this data, offering a clear set of rights to individuals and imposing strict obligations on data handlers.


Share:
 

Get a call back

Fill the below form to get free counselling for UPSC Civil Services exam preparation

 
UPSC DAILY CURRENT AFFAIRS

 
SUBRAMANIAN SWAMY V. UNION OF INDIA 2016: CRIMINAL DEFAMATION
 
National Electricity Plan
 
COP16 in Colombia: Global Biodiversity
 
Galathea Bay: India's 13th Major Port and a Gateway to the Indo-Pacific
 
Defamation Laws in India: Balancing Free Speech With Dignity and Reputation
 
Kalagan-Saravan Tragedy: Afghan Migrants Under Fire on the Path to Iran
 
National Commission for Women (NCW): A Quasi-Judicial Guardian of Women's Rights
 
SWAMI RAMDEV & ANR. VS. FACEBOOK, INC. & OTHERS (2019): DEFAMATION CASE
 
Kala-azar: India on the Verge of Eliminating,A Public Health Triumph
 
SNAKEBITE DEATHS AND INDIA’S ANTIVENOM CHALLENGES
 
S4:India's new nuclear missile submarine
 
Karva Chauth: A Celebration of Love, Devotion, and Longevity
 
Great Bear Sea initiative
 
SATELLITE SPECTRUM ALLOCATION: FREQUENTLY ASKED QUESTIONS
 
Z-MORH TUNNEL: FAQs

© 2024 SRIRAM’s IAS Developed BY : Technology Xtend