Mission-DPDPA: “Let us Make it Happen”

Posted on May 26, 2024 by Vijayashankar Na

The long awaited Exclusive Data Protection of law of India in the form of DPDPA 2023 was passed by the Parliament and gazetted by the President on 11th August 2023.

In current India, there is a tradition that every law passed by the legislature whether unanimously or with a majority, is to be validated by the Supreme Court and accordingly it would not be surprising if DPDPA 2023 is also challenged in the Court for the sake of ensuring that the Government does not do anything productive.

However the Modi 3.0 team is already going ahead with a plan of action for the first 100 days and barring unforeseen circumstances, will be announced before June 10th. One of the items in the agenda is expected to be the notification of the rules under DPDPA 2023 which should include “Constitution of Data Protection Board” and “Definition of Significant Data Fiduciary” which are keys to taking the implementation further. The rules are likely to be published for public comments and put up to the next Parliament some time in the October session to be passed in to effect.

Even if DPDPA 2023 and/or its rules are challenged in the Supreme Court, it is unlikely to be struck down or stayed immediately and hence the law will remain operative.

In this context, if Modi 3.0 has a 100 day program, Naavi.org intends to launch Mission-DPDPA with several projects to ensure the spread of Privacy Culture in India.

Over the last 5 years since 2018 when FDPPI (Foundation of Data Protection Professionals in India) was constituted, Naavi and his team at FDPPI has been undertaking several activities towards spreading the need for DPDPA compliance particularly amongst the Corporate entities.

Now time has come to look at the larger masses to ensure that the law will be actually used by the general public in the manner it is envisaged. If public donot understand and appreciate the law, they are unlikely to make use of it. The law is designed as a law to discipline the industry and any personal financial remedies that are to be claimed by individuals will have to be claimed through the current ITA 2000. (Information Technology Act 2000 as amended till date). Hence it is the responsibility of individuals like Naavi to motivate the public to understand and use the provisions of the law to enhance their “Privacy Status”.

Mission-DPDPA therefore has the motto…. Let’s Make it Happen.

Some of the activities envisaged by Naavi in this direction which are expected to be implemented with the assistance of FDPPI and hopefully other organizations as well are

  1. Spread the knowledge of what are the Rights and Duties of Citizens under DPDPA 2023 amongst the general public including students and faculty of Law, Engineering, Management.
  2. Spread the knowledge of what are the compliance requirements under DPDPA 2023 by organizations including the Directors, CxOs and others.
  3. Provide tools of empowerment of individuals through Certification Programs
  4. Provide tools of empowerment to organizations through a framework for compliance along with a system of third party audit, assessment and conformity assurance certificates.
  5. Provide Jurisprudential suggestions to the Government through Policy Advisories placed in the public domain.
  6. Encourage different industry sectors to develop self regulatory guidelines and work towards acceptable sectoral guidelines.
  7. Encourage tech developers to adopt “Compliance by Design” and incorporate DPDPA 2023 compliance when products and services are designed including tools to assist others to be compliant such as AI tools and Governance support software systems.

As we go forward, these 7 steps may expand further. Most of the above steps are already under implementation by Naavi. Ujvala Consultants Pvt Ltd considers this as its “Voluntary Corporate Social Responsibility” (VCSR) adopted voluntarily. FDPPI is devoted to this mission as it is its “Justification for existence”.

Now it is time for other Societies and professional organizations to join the hands of FDPPI, be part of this mission and take it forward.

In the recent past CIOKLUB has been a participant in this mission. BSPIN is expected to play it’s part shortly. Professor N K Goyal, president of CSAI has extended his cooperation to this mission. Other organizations and particularly the educational institutions like Manipal Law School, KLE Law Institutions, NALSAR. NLSUI etc are invited to add their weight to this mission by taking up their own projects in this direction with or without involving FDPPI or Naavi. The goal is to achieve the objective of Mission-DPDPA and who all contributes to it is secondary.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.