BEWARE OF FAKE INSTITUTES WITH SIMILAR NAMES. blank    blank
banner

Digital Personal Data Protection Act, 2023



  Mar 12, 2024

Digital Personal Data Protection Act, 2023



Objective:

The Digital Personal Data Protection Act, 2023, regulates the processing of digital personal data to protect individual rights while allowing for lawful data processing.

Salient Features:

1. Data Protection Framework:

• Defines obligations for data fiduciaries (entities like businesses and government departments that handle data) and establishes rights for data principals (the individuals to whom the data pertains).
• Introduces penalties for violations to ensure compliance.

2. Core Principles:

• Consent: Personal data must be used in a consented, lawful, and transparent manner.
• Purpose Limitation: Data can only be used for the purpose stated at the time of collection.
• Data Minimisation: Only necessary data for the specified purpose is to be collected.
• Accuracy: Ensures the data collected is accurate and up-to-date.
• Storage Limitation: Data should not be kept longer than necessary.
• Security: Adequate measures must be taken to protect the data.
• Accountability: Entities must be accountable for their data practices, with breaches and non-compliance resulting in penalties.

3. Inclusive Language:

• Marks a shift by using “she” instead of “he” in the legal text, promoting gender inclusivity in law-making.

4. Rights for Individuals:

• Access: Individuals can find out what personal data is processed.
• Correction and Erasure: Individuals can correct or delete their data.
• Grievance Redressal: A pathway for individuals to raise concerns.
• Nomination: Individuals can nominate someone to exercise their rights in case of death or incapacity.
• Example: If a user finds incorrect personal data on a shopping website, they can request it to be corrected or deleted under this Act.

5. Obligations for Data Fiduciaries:

• Security: Implement safeguards against data breaches.
• Notification: Inform the board and affected individuals about data breaches.
• Data Erasure: Delete data when no longer needed or upon consent withdrawal.
• Grievance Redressal: Establish a system to address individuals’ queries.
• Example: A bank must erase a customer’s data upon their request if it’s no longer necessary for the purpose it was collected for.

6. Child Data Protection:

• Data of children can only be processed with parental consent, prohibiting harmful practices like tracking.

7. Exemptions:

• Includes specific scenarios like national security, research, and legal processes where standard rules may not apply.

8. Board Functions:

• Oversees compliance, addresses breaches, and can advise on actions against non-compliant entities.

Examples and Implementation:

For instance, if a healthcare app collects more health data than needed for its service, it could be in violation of the data minimisation principle. Companies must now ensure they collect only what is explicitly required and safeguard it effectively to avoid penalties.

FAQs Simplified:

This Act creates a framework that balances the protection of personal data with the needs of entities that process this data, offering a clear set of rights to individuals and imposing strict obligations on data handlers.


Share:
 

Get a call back

Fill the below form to get free counselling for UPSC Civil Services exam preparation

 
UPSC DAILY CURRENT AFFAIRS

 
ASSAM's 'TEA TRIBES
 
PARAM RUDRA SUPERCOMPUTERS AND HPC SYSTEM: SIMPLIFIER
 
DEFAMATION LAWS IN INDIA:ARTICLE 19(1)(a)& ARTICLE 21
 
PUSA-2090: STUBBLE BURNING REDUCED WITH THIS RICE VARIETY
 
OPERATION CHAKRA: CBI FIGHTS CYBERCRIME
 
One-Horned Rhinos in Assam
 
CYBER SLAVERY IN SOUTHEAST ASIA: INDIANS TRAPPED ABROAD – FAQs
 
National Urban Digital Mission (NUDM):All That An Aspirant Should Know
 
Index of Core Industries (ICI):Contraction for the First Time in Years
 
STATE FOOD SAFETY INDEX (SFSI) 2023-24: SIMPLIFIER
 
WHITE DWARFS & CHANDRASEKHAR LIMIT
 
GLOBAL CAPABILITY CENTRES (GCCs): ALL THAT AN ASPIRANT SHOULD KNOW
 
Turning India's Aging Population into a "Silver Dividend
 
Bharat Small Reactors (BSR)& Bharat Small Modular Reactors (BSMR): Simplifier
 
India's Nuclear Energy Sector: 2024-25 Budget & Private Participation -A New Chapter Begins