Data Governance is getting increased attention now since after the PDPA becoming a law there would be need for further legislation on processing of “Community Data” and “Aggregated Anonymized Data”. This may perhaps be addressed through a new legislation on “Data Governance”. The Government has set up an Expert Committee for this purpose.
More information on these developments are found here:
- Formation of the Expert Committee
- Views of Kris Gopalakrishna…1.. What do they indicate for the Privacy Regulation in India
- Views of Kris Gopalakrishna…2.. Leveraging Data for the benefit of individuals
- Views of Gopalakrishna …3…on Privacy
- Data Productivity vs Data Security
- What is Community Privacy? and who has the right of disposal?
There is every indication that “Data Governance Act of India” will sooner or later come into operation. It is good for the Data Protection Professionals to be watchful of these developments.
Data Protection will continue to be an important segment of Data Governance. But it is possible that a new outlook will come to bear on “Data Security” with a lot more liberal outlook than what the data protection professionals would be accustomed to today. The interpretations may move from the GDPR side to the CCPA side, unless the law is clear.
FDPPI will closely watch the developments on Data Governance and as a part of its activities will keep “Data Governance” on our radar along with “Data Protection”.
In order to initiate the discussions, FDPPI is conducting a webinar on Data Governance on 12th October 2019 at 5.30 pm. Interested persons may contact email@example.com for an invitation.
Bangalore Chapter of FDPPI organized a Knowledge Sharing session on the theme “Cyber Forensics in the Privacy Era” at Deloitte office on 17th September 2019 between 5.00 pm and 7.30 pm.
Mr Sebastin Edussery, Head Security, IFS, Deloitte, India addressed the gathering and discussed interesting case studies on Cyber Forensics and the Privacy issues that a Forensic investigator needs to contend with.
This was then followed by a session on “Evidentiary Challenges in Cyber Forensics” by Naavi, the Chairman of FDPPI.
The sessions were well appreciated by the participants.
On 11th September 2019, FDPPI has organized a webinar on ISO 27701 which is an extension to ISO 27001 and covers the requirements of PIMS. (Privacy Information Management System).
Speaker is Ms Sandhya Khamsera, Founding Partner and CEO of Pricoris LLP.
After the advent of GDPR, BS 10012 was released to directly address the PIMS. Recently, ISO released the document titled ISO27701 as an extension of ISO 27001 for enabling a framework for managing the security of Personal Information.
Ms Sandhya will discuss some of the salient features of the framework.
The webinar will be at 11.00 am and a link can be obtained from the FDPPI WhatsApp group or sending an email to FDPPI
In a well attended meeting held at the office of Deloitte, Gurugaon, the Delhi Chapter of FDPPI was formally launched.
Mr Gautam Kapoor, partner, Deloitte speaking on the occassion highlighted the special role of the Delhi Chapter in being able to closely track the policy developments since Delhi happens to the political capital of the country.
Mr Nakul Chopra who will be the provisional honorary president, made a presentation providing a brief overview of the proposed Personal Data Protection Act.
Mr Naavi made a presentation on the Data Audits as envisaged in PDPA and highlighted the need for developing a system for computing Data Trust Score.
The membership of the chapter would be expanded and the Governing council would be formally set up.
PDPA (Personal Data Protection Act) is an important legislation which the Government of India is set to pass in the Parliament at the earliest. With the passage of the Aadhaar Amendment Act, it has become even more critical that the Government passes the Personal Data Protection Act without much delay since this contains the commitment for protection of Privacy without which some of the provisions of the Aadhaar continue to attract criticism.
While like any other Privacy protection legislation, PDPA also speaks of permitted grounds of processing of personal information, the obligations of the processor, the rights of the data owner, the penalties etc, it must be recognized that PDPA has imposed a huge responsibility on the “Audit Community” for protecting Privacy of the Indian Citizens.
PDPA envisages an annual “PDPA Compliance Audit” as a mandatory provision besides internal audits from time to time by the Data protection officer. There will also be audits whenever a Data Breach is suspected and whenever there is a perceived conflict with the RTI.
Some of these issues will be discussed by Naavi during an event in Delhi on 16th July 2019 at the Deloitte, Gurugaon office. The occassion will also mark the launch of the Delhi Chapter of FDPPI and open to non members also on invitation. Interested persons may contact Mr Nakul Chopra of Deloitte Delhi for more information.
We are completing one year of GDPR. GDPR brought in a new awareness across the world about Data Protection for which all professionals having a stake in the industry has to thank.
As we celebrate the anniversary of GDPR, in India it is time to look forward to the year of PDPA.
With the return of the Modi Government, we can expect that the passage of PDPA will be smooth and before the end of this year, we will have the DPA in place.
FDPPI has dedicated itself to the cause of PDPA and will involve itself with outreach programs to spread the knowledge.
Additionally FDPPI will be co-coordinating its activities with other similar organizations to undertake many other projects which will be discussed from time to time.
We look forward to suggestions from the professionals in this regard.
Justice B N Srikrishna Committee drafted “Personal Data Protection Bill -2018” is under the review of Ministry of Information Technology, Government of India. Once the Bill become an Act of Parliament, it is going to affect every entity, which is collecting personal data of India citizens.
In its current form, the Act is going to touch each and every commercial and non-commercial entities possession Indian Citizens’ personal data irrespective of format or purpose. The upcoming Act already gaining attention of organizations’ senior managements and Boards to prepare their respective organizations to meet the provisions of Act.
In a bid to increase the awareness about the forthcoming legislation and to understand its impact on the industry and the professionals in the industry, FDPPI Mumbai Chapter is organizing a webinar on “Emerging opportunities for Data Privacy Professionals in India” on 11th May, 2019 at 8.00 PM (IST)
Topic: Emerging opportunities for Data Privacy Professionals in India
Speaker: Na.Vijayashankar (Naavi), Data Protection Consultant
- Welcome and Brief about the FDPPI (Foundation for the Data Protection Professionals in India) by Mr Adepu Bondiah
- Presentation by Naavi covering
- Emerging opportunities for Data Protection Professionals in India
- How Does PDPA 2018 differ from GDPR
- Challenges in Compliance for Data Fiduciaries and Data Processors
- Challenges in conducting Data Audit and Computing Data Trust Score
- Q &A
- Vote of Thanks: Mr Rakesh Goyal
Participation is by invitation.
For invitation, Contact Mr Adepu Bondiah, or Rakesh Goyal or Mr Anil Chiplunkar or Mr Ritesh Bhatia, the Governing Council members of FDPPI, Mumbai.
Request for Invitation may be sent to firstname.lastname@example.org
The Chennai Chapter of FDPPI was formally inaugurated on 16th March 2019 in a grand function in Hotel Rain Tree, Anna salai along with a workshop on Section 65B of Indian Evidence Act. The program was jointly conducted by FDPPI and CySi (Cyber Society of India).
A Full report of the event is available at naavi.org.
Ms Anitha Rajesh the President of the Chennai Governing Council , Mr Sridhar and Mr Balaji members and naavi are seen in the picture. Durai Kannaiyan and Nagendra who are the other members of the Governing Council were not present.
During the event Naavi explained the relevance of Section 65B for Data Protection industry besides a detailed discussion on its impact on the law enforcement and judiciary.
Launch of Chennai Chapter ad Workshop in Chennai
Section 65B of Indian Evidence Act is an important legislative provision which came to effect on 17th October 2000 and determines how Electronic Evidence has to be presented in a Court of Law for admissibility.
Several aspects of Data Protection require, archiving of data and presentation of data in quasi judicial and judicial fora and hence understanding this section is important for the DPOs in India.
On 16th March 2019, Cyber Society of India (CySi) of which Mr Naavi was the founder Secretary, and FDPPI are organizing a one day workshop on Section 65B of Indian Evidence Act. This is the first time in the last 20 years that a dedicated one day workshop is being organized on this subject. (Details are available here)
Naavi was the person who submitted the first Section 65B Certificate in any Court in India which was during the case of State of Tamil Nadu Vs Suhas Katti in AMM Egmore Court in 2004. Mr S.Balu the current President of CySi was the IO in that case which was historically the first case in which conviction took place under ITA 2000 in India.
During this occassion, FDPPI is set to launch its Chennai Chapter on 16th March 2019 along with an event being conducted by Cyber Society of India (CySi) on on Section 65B of Indian Evidence Act.
During the program, Naavi is also launching the print version of his e-book on Section 65B of Indian Evidence Act.
Members of FDPPI in Chennai are requested to make the event a success.
FDPPI Chennai Chapter is set to be launched on March 16, 2019 at Chennai.
Cyber Society of India of which Naavi was a founding secretary is conducting an event on “Section 65B of Indian Evidence Act” and the launch is tagged with this event.
FDPPI has always proposed that it would work along with other like minded organizations and would be like a federation of such organizations provided there is commonality of purpose and this joint event after the Bangalore ISACA event is a step in this direction.
Success of this concept of “Federation” depends on the reciprocal gestures by the other organization and both in the case of ISACA, Bangalore and now CySi Chennai, FDPPI recognizes the reciprocal gesture of the other partner organization.
The principle is “We provide the content, You provide the platform” and we would like to see more such programs in the future.