However the Bill is not without loopholes, as pointed out by Amba Kak, Policy Advisor in India. The panel is facing criticism for being too lenient and lacking in clarity on key issues and many has emphasised that the Bill in its current form should not be introduced in Parliament and further consultations must take place.
“This bill provides a strong foundation of protection for Indians’ privacy, but it is not without defects - in particular, the requirement to store a copy of all personal data within India, creating broad permissions for government use of data, and the independence of the regulator’s adjudicatory authority. We welcome the Government’s commitment to a public consultation process, which we hope will rectify the cracks in this foundation,”Amba says.
What industry expects from the Bill?
As a security company, Rana seeks to have this bill do following things –
• Mandatory breach notification so that we all start to understand the severity of problem. One cannot address a problem if one doesn’t understand the extent of the problem itself.
• Categorization in terms of penalties to be imposed on different kinds of organizations. The biggest burden should be put on the Government Departments, Defense Organizations and PSUs as any breaches into those organizations will likely have the biggest dent on India as a society.
• It is hoped that this bill raises the importance of data centric security and seeks to have the organizations apply the concept of privacy by design (encryption) and by default (processing the minimum amount of sensitive data).
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
