Employee records, customer records, loyalty programs, transactions, and data collection are examples of critical information companies routinely store. Privacy policies protect personal information from being used for fraudulent purposes such as phishing scams and identity theft. Let’s learn more about the purpose of data protection laws in our country.
What is Data Protection Laws?
Data protection is a set of data protection laws, rules and processes that aim to limit the amount of personal data collected, stored and disseminated that violates privacy. Personal data is information or data about an individual that can be identified from such information or data, whether it is collected by the government or by a private organization or agency. The rules only cover the protection of “important personal data about an individual”, including private data with information about:
- Passwords
- Financial details, such as bank statement, debit card, cash card or other payment device information
- Condition of physical, physiological, and mental health
- Sexual orientation
- Medical records and history
- Biometric information.
Purpose of Data Protection Laws in India
Need for Single-statute Legislation
The main causes of the significant undervaluation of data breaches have been regulatory uncertainty and inactivity, and only when these causes are addressed can the lack of understanding of the relevance and impact of personal data be challenged.
In the absence of a single law on data law in India, numerous sectoral regulations and other laws have provided adequate remedies and precautionary mechanisms such as the Information Technology Act 2000 (“Act”) and anti-practice implementing rules, the Indian Telegraph Act, 1885, Payment and Settlement Systems Act, 2007 and SEBI Data Sharing of the PDP Bill is required for such a disjointed collection of ambiguous compensation rules and processes.
International Law Commitment
The state should endeavor, in accordance with Article 51 of the Constitution of India, which is part of the guiding principles of state policy, “to promote respect for international law and contractual obligations in the dealings of organized persons with one another”. Human rights in the Human Rights Protection Act of 1993, while the latter requires states to make efforts to make these rights effective and to protect against individual interference.
Meeting Internationally Accepted Standards
In this information age, it is inevitable that India will enact strong and timeless laws that demonstrate compliance while allowing data to be transferred from other countries. Such legislation is necessary to enable smooth data transfers, particularly from the EU and the UK, which are emerging as the world’s leading providers of data protection laws. Border data transfers and the same level of data security for residents of India and other nations.
Boosting Domestic Digital Economy
A state’s right to control its network to serve its economic interests, the most important of which are security, privacy, and trade, is known as digital sovereignty. The need to provide data to a local household in India arises from the fact that India is a sovereign nation and, as such, the data produced by its residents are considered a national good. In accordance with India’s strategic and security objectives, it may be necessary to house and guard such a national resource within the country’s borders.
Preventing Privacy Harms
Individuals and companies that process personal data have obvious bargaining power imbalances, and it is crucial to reduce the harm that results from this imbalance. Solove has also worked with the aggregation problem that arises from merging small, seemingly unimportant bits of data. In view of such dangers, it is essential to create a framework that accommodates the rights of a data director in a person who provides personal data and thus becomes the central player in the digital economy.
Need for Facilitating Data Ownership
According to Cambridge Analytica results, data subjects were unaware that their use of Facebook would be combined with third parties for targeted advertising related to the US elections.12 Data collection techniques are often opaque and require complex forms of data protection. Systems that provide insufficient data on data flows often make the connection between data controllers and trustees difficult. The state has significant enforcement powers and the collection and processing of personal data is generally uncontrolled, which contributes significantly to the formation of information silos.
Imparting Differential Protection
As already mentioned, in today’s data economy the separation of data sets into personal data, sensitive personal data, essential personal data and non-personal data is becoming more and more important. For example, analyzing each data collection is likely to have a unique impact, that compares a person’s health data to personal facts such as a person’s name and age. As a result, a higher level of security in relation to the restrictions on cross-border transfers of vital personal data becomes imperative.
Prevent Problems of Free Data Flows
The flaws in regulating the flow of data in India are simply the result of a naive assumption that the flow of data is pure gain. This type of regulation is necessary to create an orderly digital economy that benefits citizens, governments and global businesses alike.
Conclusion
In summary, it can be said that although each of the above goals serves as the basis for the adoption of the PDP Act, the importance of protecting privacy as a fundamental right and the willingness to comply with generally recognized data protection standards in the global community come first. We are eagerly awaiting the monsoons session of Parliament, it is vital to recognize the need for a realistic timetable for the implementation and enforcement of such a rule. Until then, government and business can work together to build capacity and infrastructure, improve data literacy, and gain a deeper understanding of technological advances.
