Creating Data Protection Regime
Data-driven innovation, cross-border data flows, the growth of ICT industry, job creation, while protecting the privacy of users, and trust in the enforcement of the law should be the defining features of the Data Protection Act.
The much-awaited white paper on the proposed data protection regime, following the SC judgement in August 2017, that underlined the need for data protection laws to protect the privacy of individuals, was released by the government last month.
The judgement recognizes the role of data-driven innovation (DDI) for the growth of economies, and for job creation. But it emphasises that the data so collected be utilised for legitimate purposes.
The white paper proposes a data protection framework based on the following seven principles: technology agnosticism, holistic application (both to private and public sectors), informed consent, data minimisation, controller accountability, structured enforcement, and deterrent penalties.