Info-tech

Call for building awareness, understanding of proposed Data Protection law

Nandana James Mumbai | Updated on October 04, 2018 Published on October 04, 2018

Businessman hand pressing button Data Protection. sign on virtual screen. business security concept.   -  Getty Images/iStockphoto

Awareness has to be built about the draft Personal Data Protection Bill, 2018 for the people to understand the implications, according to experts at a round table discussion organised by SFLC.in, a donor supported legal services organisation.

Ambiguities in the Bill, the draft being heavily tilted towards the Centre, and the Data Protection Authority of India (DPAI) being overburdened were the some of the other concerns flagged.

Explicit consent

There is something called ‘explicit consent for sensitive data’. One of the issues that is confusing is the difference between ‘consent’ and ‘explicit consent’. The definition of consent needs to be made more clear, was a recommendation made during the conference. The need to take the burden off the users to deconstruct and make sense of the terms and conditions to ensure meaningful consent was also highlighted at the conference.

The need to explain the terms and conditions and legal information concerning data protection and consent was reiterated so that “if a person wants to surrender data, they should be allowed to do so”. A participant pointed out how even an ‘end-to-end encryption’ message on social media falls flat as most users fail to understand its implications.

The participants agreed that the concept of ‘Right to be Forgotten’ has been inaccurately borrowed from the General Data Protection Regulation and does not include the right to delete/erase your personal data. The need to educate people about various aspects of data protection in the face of a dearth of awareness about the implications of sharing data was also discussed. At schools and colleges, there is a need for a public-private partnership to educate students about privacy, stated a member.

Bishakha Dutta from Point of View, raised concerns regarding the age to obtain a child’s consent. she referred to the propensity among teenagers to protect data from their parents. “In that light, Isn’t it ironical then that parental consent will be needed to protect the data of children? Parents do not wish their daughters to be on certain social media platforms and discourage them to engage with the opposite sex. Therefore, if such a provision is strictly implemented, it will directly impact minors,” she explained.

Faisal Farooqui, CEO, MouthShut.com pointed out that India requires significant investment in data centre infrastructure, multiple optic fibre backbones and enhancement of power generation and grid capacity before it mandates data localisation. “Data storage, cloud computing and bandwidth costs in the US are a fraction of the current costs in India, so it does not make economic sense to mandate localisation yet. It will be a tremendous deterrent to sustain and build a vibrant start-up ecosystem — which is a must for huge job creation,” he added.

A spokesperson at SFLC.in stated that these recommendations made during the conference will be submitted to the Ministry of Electronic and Information Technology to make appropriate amendments to the bill.

Published on October 04, 2018
This article is closed for comments.
Please Email the Editor