Skip to main content

Posts

Showing posts with the label Privacy

India's DPDPA - a citizen friendly bill with an eye on future

Image generated by Microsoft AI Designer Few weeks ago I commented that the India-US collaboration is missing the key subject of Data Protection law. The Data Protection Bill was still in 'draft' stage then, and now that its been passed by the parliament, I got reading it.  While my misgivings about Data privacy not being featured in India-US discussions as well as my reservations about the Bill excluding governments and regulators from its purview, continue; I must say that the the law itself has come out as a nicely drafted piece of legislation, and a departure from the legalese of other countries' laws such as EU's GDPR and CCPA/CCPR in California, United States. Firstly , the language of the bill is quite lucid and easy to understand - for people like me who are not lawyers, the language was quite easy to understand and digest. Not just simple language, but the Act includes Illustrations within its text to clarify the meaning and intention of different clauses - wh...

India-US collaboration is missing the key subject of Data Protection laws

It’s a national embarrassment for both India and the US that they don't have a data privacy law  The Indian Prime minister Modi is in the US and amongst much fanfare a lot of joint initiatives are being announced. But one area which could have been a major bedrock for a global regulation has not even been touched. On the contrary, both governments are now engaged in regressive moves on this subject - the subject of Personal Data Protection. TikTok, the popular video-sharing app, has faced bans in several countries, including India, and now there are discussions about a potential ban in the United States as well. The concerns primarily revolve around data privacy and surveillance, with lawmakers pointing out the extensive collection of personal information by TikTok and its Chinese ownership. However, focusing solely on banning TikTok fails to address the broader issue of data privacy and government access to user information. Banning TikTok might seem like a straightforward soluti...

A Guide to Privacy on Social Media [apps]

The recent announcement by WhatsApp to update its privacy terms - and 'accept or leave the app' stance - led to an exodus of users from Whastapp to competing, privacy-conscious apps such as Telegram or Signal. A week after the exodus began, Whatsapp clarified its stance - and WhatsApp's CEO went about providing a long Twitter clarification . And then, many returned, many who considered moving stayed put on Whatsapp. This post is meant for those who are still sitting on the fence - it clarifies questions like: What is this all about? What do I do? Is Whatsapp safe? I've heard Telegram is Russian - so how is it safer than Whatsapp? I can't move because my business contacts are on Whastapp - how do I secure myself? PS: I've modeled this post based on several conversations I've had with friends and family on this subject, dealing with the chain of questions they ask, then objections they raise, then clarifications they seek - and finally the change resistance ...

Data Localisation directive is weak and its intent misdirected

There has been a lot of focus on (personal) data localisation off late, thanks to a policy announced by RBI and also as a part of the Draft privacy bill by justice Srikrishna committee . Both these documents present similar views on the subject of personal data localisation. Essentially, what they say is that any company (body corporate) collecting personal information of Indian citizens, is free to store the data in any part of the world provided they maintain a copy of the data locally within India. Most multinational companies seem to have a problem with the data localisation requirements, may be because most of these companies are incorporated overseas and would prefer to follow the legal jurisdictions of countries where they are incorporated. Countries such as the United States or even the European Union have personal data processing laws which may necessitate that data processed by companies incorporated in their territories should preferably be stored within their own...