India’s data privacy landscape has changed dramatically, ushering in an era of individual empowerment. In recent years the country has realized the importance of safeguarding personal data, and established comprehensive regulations in order to ensure privacy and data security.

This change was triggered by the General Data Protection Regulation in the European Union. It raised awareness of the importance of data security around the world. In response, many countries such as India have developed their own data protection framework.

India’s government has introduced the Personal Data Protection Bill in 2019. The bill aims to improve data protection and give individuals more control over their information. The PDPB takes inspiration from GDPR, while addressing India’s unique societal and economic landscape.

The PDPB contains the following key provisions:

Consent: This bill stresses the importance of obtaining consent from an individual who is informed and explicit before processing personal data. The consent must be given freely, it must be specific and revocable.

Data localization: Certain categories sensitive personal data must be stored within India’s borders. This measure is designed to improve data security and prevent unauthorised access.

Data Protection Authority: The PDPB has proposed the creation of a Data Protection Authority to supervise and enforce compliance with laws governing data protection. The DPA has the authority to investigate data breaches, and impose penalties if non-compliance is found.

Right of Access and Correction: Individuals can request that organizations correct inaccurate or outdated information and access their own personal data.

Right to be Forgotten — The bill introduces a concept called the right to forget, which allows individuals to ask for the deletion of their personal information under certain circumstances.

Data Breach notification: Organizations must notify the DPA as well as the affected individuals if there is a breach of data that threatens their rights and liberties.

Transparency and Accountability: Data controllers, processors, and their employees must demonstrate accountability and transparency in the way they process data.

The PDPB represents a major step in empowering individuals to have greater control over their own personal data. India hopes to foster trust in its citizens by enforcing more stringent data protection measures.

Businesses and organizations must adapt their data practices proactively to the upcoming regulations as the PDPB moves through the legislative process. India can become a global leader in digital privacy and responsibility by embracing the new era of data security.