Personal Data Protection Act 2018…1….Section 43A goes

The much awaited Data Protection Act of India has finally come to the open with a copy of the draft now being available. This appears as a text of the Bill and needs to be passed by the Parliament, approved by the President and notified in the Gazette before it becomes a law. This is part of a series of articles on the new Bill which when it becomes an Act will bring several changes to the Privacy and Data Protection scenario in India.

[This is the first of a series of articles that will be published on this topic…Naavi]

The first important thing we notice is that Section 43A of ITA 2008 has been omitted completely.  The “Reasonable Security Practice” mentioned under Section 87 of the principal Act in sub-section 2(ob) has also been omitted.

It may be noted that the Intermediary Guidelines under Section 79, it had been mentioned that

“the intermediaries shall take all reasonable measures to secure its computer resource and information contained therein following the reasonable security practices and procedures as prescribed in the Information Technology (Reasonable security practices and procedures and sensitive personal Information) Rules, 2011.”

As a result we need a modification in these rules and removal of the words “ as prescribed in the Information Technology (Reasonable security practices and procedures and sensitive personal Information) Rules, 2011″

Since PDPA 2018 is anyway covering the requirements of Sensitive Personal Data Protection in greater detail, this may be an attempt to avoid overlapping provisions.

We shall go through the draft bill in greater detail and continue our discussions.

Naavi

A Copy of the Proposed Bill is available here (67 pages)

A more detailed Report of the Srikrishna Committee is available here (213 pages)

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law and tagged , . Bookmark the permalink.

One Response to Personal Data Protection Act 2018…1….Section 43A goes

  1. Very much excited to go through such an exhaustive list of Security controls. Well done India

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.