Two days back, Californian Government signed a new law SB 1223 which recognized neuro rights as part of the Privacy Rights by defining Neural data as ‘Sensitive data” under CCPA.
With this California became the second state after Colarado (Refer here) to expand the scope of Privacy Act into Neuro Rights Protection.
The bills also suggest that it is possible to extend Neuro Rights by just tweaking the understanding of “Sensitive Data” within a Privacy law.
There is a concern in India that DPDPA 2023 does not recognize “Sensitive Data”. However, the definition of a “Significant Data Fiduciary” under DPDPA 2023 includes such data fiduciaries who process high volumes of “Sensitive Personal Data”. It does not require a legal definition to define “Neural Data” as “Sensitive”.
Hence any organization in India which is working on “Neuro Technology” will now have to be classified as “Significant Data Fiduciaries” and treated as such for compliance. The NIMHANAS type of organizations eminently qualify for such categorization along with all hospitals who may be involved in technologies that could read, store, manipulate or disclose neural data.
“Neural Data” represents the binary activity of the brain cells which is an electro mechanical exercise that builds up charges in a brain cell and when it crosses a threshold charge level, pushes the data to the next brain cell. This is a typical reflection of a binary activity where a built up charge beyond a threshold level represents the binary value of 1 while the value below the threshold level represents zero.
Hence without waiting for further changes in law, India can start protecting Neuro Rights within the current law unless there is any proviso inserted to exclude such data in the rules which is unlikely.
Naavi
also refer: https://neurorights.in/wp/