In Part 9 of the #DataProtectionTop10, we analyse some miscellaneous provisions in the PDPB and recommend that the Bill acknowledge a natural person as the owner of her data, provide sound provisions for facilitating the transition to the new regime, and give the RTI Act precedence over the Bill.
We analyse the provisions in the Personal Data Protection Bill, 2019 which relate to the Data Protection Authority of India (DPA) and its independence, transparency, and constitution. We recommend that it not be bound by the Central Government's orders.
In the second edition of Cybersec Charcha, we are taking a deep dive into understanding the unregulated ransomware industry, what a ransomware attack means and the consequences it can have.
CIC directed the CPIO to re-visit our original RTI and provide a revised reply and info, if (comments on consultation on PDPB). However, the CPIO simply cited the same exemption under S.8 of the RTI Act that she had provided before the CIC.
In Part 7 of the #DataProtectionTop 10 series, we discuss the provisions in the Bill which enable the State to engage in large scale surveillance. Blanket exemptions without a sound oversight and review mechanism raise concerns. Thus, we recommend that a chapter on surveillance reforms be inserted.
We wrote to the Delhi Commission for Protection of Child Rights (DCPCR) urging them to step in to protect child rights in Delhi against use of harmful facial recognition technology in schools.
Under the Intermediaries Rules, significant social media intermediaries had a host of obligations to comply with by the deadline of 25th May, 2021. The compliances that significant social media intermediaries are onerous and may stifle innovation in the Indian digital space.
MEITY has written letters to social media platforms. These letters ask platforms to remove content. We write to MEITY asking them to withdraw these letters as they do not have a legal basis and they curb speech.
In part 6 of the #DataProtectionTop10 series, we look at the restrictions imposed by the PDPB on the transfer of personal data outside India. We recommend that the Bill explicitly define critical personal data and not impose undue restrictions that affect the open nature of the internet.
In response to an RTI query by us, the Ministry of Agriculture provided us with a MoU between the Department of Agriculture and Microsoft, and a document titled “Standard Operating Procedure (SOP) for verifying Farmer’s Database (100 Villages)”.