IIt is a legal requirement to maintain and protect data which is in possession of data controller. These legal requirements include need for personal data to be processed fairly and lawfully, to be accurate and up-to-date, to have measures in place against any kind of loss or destruction of data and for personal data to be transferred to countries only which offer adequate levels of data protection and have the requisite systems in place.
Followed by the Supreme Court in the case of Justice K. S. Puttaswamy (Retd.) & Anr. v. Union of India & Ors. (W.P. (Civil) No. 494 of 2012, which declared ‘Right to Privacy’ as a fundamental right and raised concerns over misuse of data, the Government of India introduced Data Protection Bill, 2019 before the Parliament, which is likely to get President’s assent and be implemented. The bill has succeeded in explaining various duties of data controller and have termed their relation with data principle as ‘fiduciary’. Data fiduciaries are those who determines the purpose and means of processing of personal data, whereas the data processors are the ones who processes personal data on behalf of a data fiduciary.
The bill has elaborately defined the following obligations of data fiduciaries:
Anyone found in violation of the rules laid down, shall be liable for civil penalty (monetary penalty), which may extend up to Rupees 15 Cr or 4% of the total turnover of the Data fiduciary in the previous financial year. The Violators, who knowingly, intentionally, or recklessly obtain, disclose, transfer or sell Personal Data (or SPD) shall also be liable for imprisonment ranging from 3 to 5 years.
Khurana & Khurana extends its services to advise and for consultations on the Data Protection Issues. Some of the services that are offered by Khurana & Khurana are:
Click here for downloading the presentation on Legal and Moral Debates Around AI.
For more information on Data Protection Bill, 2018: Click Here