The JCP Recommendations on the Personal Data Protection Law are in some respects very similar to global standards such as the General Data Protection Regulation of the European Union, but differ in aspects such as jail sentences. Have a look:
The similarities between the EU General Data Protection Regulation and the JCP’s recommendations on the data protection bill:
I: Users must have informed consent about the way their data is processed so that they can choose to participate or not.
India: Data processing must be done in a fair and transparent manner, while ensuring privacy.
I: The supervisory authority must be notified of a breach within 72 hours of the breach so that users can take steps to protect the information.
India: The Data Protection Authority must be informed within 72 hours; The DPA will decide if users need to be informed and the steps to follow.
* Transition period
I: Two-year transition period for GDPR provisions to be implemented
India: 24 months in total; 9 months for data fiduciary registration, 6 months for DPA to start
* Data Trustee
I: Data Trustee is any natural or legal person, public authority, agency or body that determines the purpose and means of data processing.
India: Similar suggestions; In addition, NGOs that also process data to be listed as fiduciaries.
Difference between EU regulation and JCP recommendations:
* Anonymous information
I: Data protection principles do not apply to anonymous information, as it is impossible to distinguish one from the other.
India: Non-personal data should fall within the scope of data protection law, like non-personal data.
I: No jail time. Fines of up to 20 million euros or, in the case of a company, up to 4% of its total global turnover for the previous year.
India: Jail term of up to 3 years, fine of Rs 2 lakh or both if any person re-identifies the unidentified data.
Newsletter | Click to get the best explainers of the day delivered to your inbox
"खाना विशेषज्ञ। जोम्बी प्रेमी। अति कफी अधिवक्ता। बियर ट्रेलब्लाजर। अप्रिय यात्रा फ्यान।"