After over a decade of status quo, India appears to be poised to welcome a slew of changes to its data and information technology laws. The change is likely to help realise India’s true potential as one of the most powerful data-centric economies in the world. Recent media reports citing government sources have indicated that the Government of India will shortly commence work on a new law to replace India’s Information Technology Act, 2000 (“IT Act<\/a>”). As part of this process, it appears that the Government may introduce policies on data governance and cybersecurity, a “Digital India Act<\/a>” to replace the IT Act and new regulations to replace the Personal Data Protection Bill<\/a> (“PDP Bill<\/a>”).

The ill-fated
PDP Bill<\/a> – which has since 2018 gone through numerous iterations at the hands of a Joint Parliamentary Committee, including a short stint as the ‘Data Protection<\/a> Bill 2021’ – has reportedly been scrapped in order to be reformulated from scratch, bringing us back to the drawing board. The PDP Bill introduced various contentious concepts such as data localisation and data mirroring, which caused much consternation among corporate stakeholders who would have had to restructure significant parts of their data flow architectures to comply with such requirements. The existing IT Act is a relic of its time and does not adequately cater to modern data protection requirements. Therefore, a comprehensive overhaul of all data laws in India is a positive step towards solving India’s data woes in a holistic manner.

Changes to tech and data related laws are not isolated to India alone. Strict data protection laws such as the EU GDPR, California’s CCPA and China’s Personal Information Protection Law are now the norm, with each jurisdiction fiercely protecting the privacy of personal data. All such laws have come into existence within the last decade. Countries across the world now work towards incorporating the protections in these laws into their data flow structures to preserve commercial interests as well as individual rights. In March 2022, US President Joe Biden and the European Commission President Ursula von der Leyen jointly announced efforts towards creating a new EU-US data sharing system that will augment \/ replace the existing EU-US Privacy Shield. The recent Schrems I and II judgements by the Court of Justice of the European Union invalidated the existing Privacy Shield on account of surveillance laws in the US exposing EU citizen data, causing uncertainty surrounding data transfers between the EU and US. Any law that mandates blanket localisation of all data without equivalent safeguards for overseas data, could risk breaching the standards set by the EU as also various other data laws of multiple countries.

The upcoming changes to data protection laws in India, whichever form they may take, must be cognizant of the world’s changing approach to data protection. The Government of India’s recent “
Data Accessibility and Use Policy<\/a>”, which was scrapped nearly as quickly as it was published, appears to miss the mark on this widely, by narrowly focusing on the commercialisation of large data sets.

Any new law(s) by the Government of India must take a few key factors into consideration. Firstly, the law should require companies and State agencies in India to adopt a ‘privacy-by-design’ approach, wherein the default approach to handling personal data is providing full control over data privacy to data principals, with a set of opt-out options. Secondly, commercialisation of data should be strictly opt-in, caveated by a requirement for robust security standards. Finally, aspects such as data localisation, categorisation of data types, cross-border transfer and storage, should be regulated with due consideration for commercial operations while balancing individual rights. Ancillary regulations should provide clarity on aspects such as regulatory processes, logistics, data centers and broadband connectivity.

India is now one of the last few countries in the world to not yet have a comprehensive, modern
data protection law<\/a> regime. Considering India’s desire to foster a global image of a digital economy<\/a> with a booming data services industry, the Government must move fast to introduce a framework that brings it on par with its partners on the international stage. Unlike other laws, data protection laws cannot work in isolation in a domestic setting and must necessarily play well with its international counterparts.


<\/p><\/body>","next_sibling":[{"msid":91556250,"title":"iPhone app Yik Yak exposes millions of user locations","entity_type":"ARTICLE","link":"\/news\/iphone-app-yik-yak-exposes-millions-of-user-locations\/91556250","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"91556232","title":"CYBER-SECURITY","entity_type":"IMAGES","seopath":"small-biz\/policy-trends\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp\/cyber-security","category_name":"Revamping India's outdated data laws","synopsis":"The upcoming changes to data protection laws in India, whichever form they may take, must be cognizant of the world\u2019s changing approach to data protection.","thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-652622\/91556232.cms?width=150&height=112","link":"\/image\/small-biz\/policy-trends\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp\/cyber-security\/91556232"}],"msid":91557438,"entity_type":"ARTICLE","title":"One of the last few countries without modern data protection law, why India needs an urgent revamp","synopsis":"The existing IT Act is a relic of its time and does not adequately cater to modern data protection requirements. ","titleseo":"telecomnews\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":112,"shares":0,"engagementtimems":560000},"Alttitle":{"minfo":""},"artag":"ET CONTRIBUTORS","artdate":"2022-05-14 11:15:32","lastupd":"2022-05-14 11:19:04","breadcrumbTags":["data protection law","internet","data protection","PDP Bill","Data Protection Bill","IT Act","Digital India Act","privacy by design","data accessibility and use policy","digital economy"],"secinfo":{"seolocation":"telecomnews\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-05-14" data-index="article_1">

过去的几个国家之一,没有现代的数据保护法律,为什么印度需要紧急修补

现有的行为是一个遗迹的时候,不充分迎合现代数据保护要求。

  • 更新于2022年5月14日上午11:19坚持
阅读: 100年行业专业人士
读者的形象读到100年行业专业人士

经过十多年的现状,印度似乎准备欢迎大量的更改其数据和信息技术法。变化可能帮助实现印度的真正潜力作为一个世界上最强大的以数据为中心的经济。最近媒体报道援引政府消息人士表示,印度政府将很快开始工作在一个新的法律来取代印度信息技术法案,2000年(“它的行为”)。作为这个过程的一部分,看来,政府可能会引入数据治理和网络安全政策,“数字印度法案”来取代取代个人行为和新法规数据保护法案(“PDP法案”)。

广告
的不幸的PDP法案自2018年以来,经历了无数的迭代联合议会委员会,包括一个简短的担任的数据保护2021年法案”——据报道已经取消了为了从头开始新配方,让我们重新开始。PDP法案,各种有争议的概念,如数据本地化和数据镜像导致企业利益相关者之间多惊愕他们将不得不重组的重要部分数据流体系结构符合这样的要求。现有的行为是一个遗迹的时候,不充分迎合现代数据保护要求。因此,所有数据的全面改革法律在印度是一个积极的一步解决印度的数据问题以整体的方式。

改变技术和数据有关法律不是孤立的印度。严格的数据保护法律,如欧盟GDPR加州CCPA现在和中国的个人信息保护法律规范,与每个管辖强烈保护个人隐私的数据。所有这类法律已经存在在过去十年。现在世界各国努力将这些法律的保护纳入其数据流结构保护的商业利益以及个人权利。2022年3月,美国总统拜登(Joe Biden)和欧盟委员会主席乌尔苏拉•冯德莱恩共同宣布努力创建一个新的欧美数据共享系统,将增加/替换现有的欧美隐私保护。最近Schrems I和II由欧盟法院判断失效现有的隐私保护的监督法律在美国暴露欧盟公民数据,导致不确定性欧盟和美国之间的数据传输。任何法律规定全面本地化的数据没有等效保障海外数据,可能违反欧盟设定的标准风险也其他各种数据多个国家的法律。

广告
即将到来的变化数据保护法律在印度,无论他们可能采取的形式,必须了解世界变化的数据保护方法。印度政府近期的“数据的可访问性和使用政策”,被取消近尽快发表,似乎错过了马克在这个广泛,由狭隘关注大数据集的商业化。

任何新的法律(s)由印度政府必须考虑几个关键因素。首先,法律应该要求公司和政府机构在印度采取“privacy-by-design”方法,在默认的方法来处理个人资料提供完全控制数据隐私数据主体,与一组退出选项。其次,商业化的数据应严格选择,限定一个健壮的安全标准要求。最后,本地化等方面数据,数据类型的分类,跨境传输和存储,应该为商业运作规范与适当的考虑而平衡个人权利。配套法规等方面应提供清晰的监管流程,物流、数据中心和宽带连接。

印度现在是过去的几个国家之一世界上尚未有一个全面的,现代的数据保护法律政权。考虑到印度的希望培养的全球形象数字经济数据服务行业蓬勃发展,政府必须迅速采取行动,介绍一个框架,使它在国际舞台上与它的合作伙伴。与其他法律不同,数据保护法不能孤立地工作在国内环境中,一定会发挥其国际同行。


  • 发表在2022年5月14日在11:15坚持
是第一个发表评论。
现在评论

加入2 m +行业专业人士的社区

订阅我们的通讯最新见解与分析。乐动扑克

下载ETTelec乐动娱乐招聘om应用

  • 得到实时更新
  • 保存您最喜爱的文章
扫描下载应用程序

After over a decade of status quo, India appears to be poised to welcome a slew of changes to its data and information technology laws. The change is likely to help realise India’s true potential as one of the most powerful data-centric economies in the world. Recent media reports citing government sources have indicated that the Government of India will shortly commence work on a new law to replace India’s Information Technology Act, 2000 (“IT Act<\/a>”). As part of this process, it appears that the Government may introduce policies on data governance and cybersecurity, a “Digital India Act<\/a>” to replace the IT Act and new regulations to replace the Personal Data Protection Bill<\/a> (“PDP Bill<\/a>”).

The ill-fated
PDP Bill<\/a> – which has since 2018 gone through numerous iterations at the hands of a Joint Parliamentary Committee, including a short stint as the ‘Data Protection<\/a> Bill 2021’ – has reportedly been scrapped in order to be reformulated from scratch, bringing us back to the drawing board. The PDP Bill introduced various contentious concepts such as data localisation and data mirroring, which caused much consternation among corporate stakeholders who would have had to restructure significant parts of their data flow architectures to comply with such requirements. The existing IT Act is a relic of its time and does not adequately cater to modern data protection requirements. Therefore, a comprehensive overhaul of all data laws in India is a positive step towards solving India’s data woes in a holistic manner.

Changes to tech and data related laws are not isolated to India alone. Strict data protection laws such as the EU GDPR, California’s CCPA and China’s Personal Information Protection Law are now the norm, with each jurisdiction fiercely protecting the privacy of personal data. All such laws have come into existence within the last decade. Countries across the world now work towards incorporating the protections in these laws into their data flow structures to preserve commercial interests as well as individual rights. In March 2022, US President Joe Biden and the European Commission President Ursula von der Leyen jointly announced efforts towards creating a new EU-US data sharing system that will augment \/ replace the existing EU-US Privacy Shield. The recent Schrems I and II judgements by the Court of Justice of the European Union invalidated the existing Privacy Shield on account of surveillance laws in the US exposing EU citizen data, causing uncertainty surrounding data transfers between the EU and US. Any law that mandates blanket localisation of all data without equivalent safeguards for overseas data, could risk breaching the standards set by the EU as also various other data laws of multiple countries.

The upcoming changes to data protection laws in India, whichever form they may take, must be cognizant of the world’s changing approach to data protection. The Government of India’s recent “
Data Accessibility and Use Policy<\/a>”, which was scrapped nearly as quickly as it was published, appears to miss the mark on this widely, by narrowly focusing on the commercialisation of large data sets.

Any new law(s) by the Government of India must take a few key factors into consideration. Firstly, the law should require companies and State agencies in India to adopt a ‘privacy-by-design’ approach, wherein the default approach to handling personal data is providing full control over data privacy to data principals, with a set of opt-out options. Secondly, commercialisation of data should be strictly opt-in, caveated by a requirement for robust security standards. Finally, aspects such as data localisation, categorisation of data types, cross-border transfer and storage, should be regulated with due consideration for commercial operations while balancing individual rights. Ancillary regulations should provide clarity on aspects such as regulatory processes, logistics, data centers and broadband connectivity.

India is now one of the last few countries in the world to not yet have a comprehensive, modern
data protection law<\/a> regime. Considering India’s desire to foster a global image of a digital economy<\/a> with a booming data services industry, the Government must move fast to introduce a framework that brings it on par with its partners on the international stage. Unlike other laws, data protection laws cannot work in isolation in a domestic setting and must necessarily play well with its international counterparts.


<\/p><\/body>","next_sibling":[{"msid":91556250,"title":"iPhone app Yik Yak exposes millions of user locations","entity_type":"ARTICLE","link":"\/news\/iphone-app-yik-yak-exposes-millions-of-user-locations\/91556250","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"91556232","title":"CYBER-SECURITY","entity_type":"IMAGES","seopath":"small-biz\/policy-trends\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp\/cyber-security","category_name":"Revamping India's outdated data laws","synopsis":"The upcoming changes to data protection laws in India, whichever form they may take, must be cognizant of the world\u2019s changing approach to data protection.","thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-652622\/91556232.cms?width=150&height=112","link":"\/image\/small-biz\/policy-trends\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp\/cyber-security\/91556232"}],"msid":91557438,"entity_type":"ARTICLE","title":"One of the last few countries without modern data protection law, why India needs an urgent revamp","synopsis":"The existing IT Act is a relic of its time and does not adequately cater to modern data protection requirements. ","titleseo":"telecomnews\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":112,"shares":0,"engagementtimems":560000},"Alttitle":{"minfo":""},"artag":"ET CONTRIBUTORS","artdate":"2022-05-14 11:15:32","lastupd":"2022-05-14 11:19:04","breadcrumbTags":["data protection law","internet","data protection","PDP Bill","Data Protection Bill","IT Act","Digital India Act","privacy by design","data accessibility and use policy","digital economy"],"secinfo":{"seolocation":"telecomnews\/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp"}}" data-news_link="//www.iser-br.com/news/one-of-the-last-few-countries-without-modern-data-protection-law-why-india-needs-an-urgent-revamp/91557438">