DATA PRIVACY
The European Commission recently released a set of statistics reflecting on the “compliance, enforcement and awareness” of the General Data Protection Regulation (GDPR), which has been in force for over 10 months now. It shows a growing number of complaints and data breach notifications in Europe, and fines being imposed. This clearly indicates the success of the GDPR framework.
India has a lot to learn from this as the proposed Personal Data Protection Bill, 2018, is in the pipeline. The bill is expected to bring about a huge shift in personal data protection regime in the country.
TIME-BOUND TARGETS
The provisions of the bill require the government to notify the proposed act within 12 months from enactment. The government is required to establish a Data Protection Authority (DPA) within three months from the notification date, and within 12 months the DPA is required to notify the grounds of processing personal data, as well as codes of practice for several aspects under the proposed act.
The remaining provisions of the proposed act will come into force 18 months from the notification date, whereas the government may notify the provision mandating mirroring of personal data within India at its discretion. Overall, it is expected to take 18 months from the notification date for the provisions of the proposed act to fully take effect.
You must be a
subscribersubscribersubscribersubscriber
to read this content, please
subscribesubscribesubscribesubscribe
today.
For group subscribers, please click here to access.
Interested in group subscription? Please contact us.
你需要登录去解锁本文内容。欢迎注册账号。如果想阅读月刊所有文章,欢迎成为我们的订阅会员成为我们的订阅会员。
TEJAS KARIA is partner and head of arbitration, and SHASHANK MISHRA is a senior associate at Shardul Amarchand Mangaldas. They can be contacted at tejas.karia@AMSShardul.com and shashank.m@AMSShardul.com
