Our private information is worth more than gold to various businesses in this day and age thanks to the proliferation of digital technology, which has fueled an industry worth several billions of dollars. The hitch is that we do have rights to our data, and laws such as the DPDPB protect us from infringement on … Read more
The Digital Personal Data Protection Bill: Shaping the Future of Data Broker and Personal Data Seller Business
E-pharmacies have been a contentious issue in India for a long time, with ongoing litigation and delays in the implementation of regulatory rules. The government is presently debating whether online pharmacies should be allowed to sell medications. The risk associated with customer data and privacy, specifically the collection of confidential health data by online pharmacies, … Read more
Who is Data Fiduciary? A data fiduciary is any entity or individual that determines the purposes and means of processing personal data. Under the Digital Personal Data Protection Bill India, data fiduciaries are responsible for complying with the provisions of the law in respect of any processing undertaken by them or on their behalf by … Read more
The Joint Parliamentary Committee submitted its report on the Digital Personal Data Protection Bill, recommending the inclusion of “consent managers” in the upcoming Data Protection Act. The bill defines consent managers as a “Data Fiduciary which enables a Data Principal to give, withdraw, review and manage his consent through an accessible, transparent and interoperable platform.” … Read more
Points: Deemed consent can be useful in situations where obtaining explicit consent is impractical or impossible, such as when a data principal voluntarily provides personal data to a data fiduciary. This provision ensures that data fiduciaries can process personal data in certain circumstances without having to obtain explicit consent, which can save time and resources. … Read more
7. Consent(1) Consent of the Data Principal means any freely given, specific, informed and unambiguous indication of the Data Principal’s wishes by which the Data Principal, by a clear affirmative action, signifies agreement to the processing of her personal data for the specified purpose. For the purpose of this sub-section, “specified purpose” means the purpose … Read more
5. Grounds for processing digital personal dataA person may process the personal data of a Data Principal only inaccordance with the provisions of this Act and Rules made thereunder, for alawful purpose for which the Data Principal has given or is deemed to havegiven her consent in accordance with the provisions of this Act.For the … Read more
In this Act: –(1) unless the context otherwise requires, a reference to “provisions of this Act” shall be read as including a reference to Rules made under this Act. The first part of this section is stating that when the Act refers to “provisions of this Act,” it also includes any rules that are made … Read more
2. (7) “Data Processor” means any person who processes personal data on behalf of a Data Fiduciary; The term “Data Processor” in this bill refers to any person or entity that processes personal data on behalf of a Data Fiduciary. A Data Processor could include service providers, contractors, or other third-party entities that are engaged … Read more