FDPPI successfully completed the first course on PDPA which was conducted by Cyber Law College and Naavi, over 12 sessions spread over 6 week ends.  The examination would be conducted in the next two weeks and certificates will be issued from FDPPI.

Cyber Law College was responsible for the training while FDPPI will take care of the certification.

The program which was covered in a total of 18 hours was well received and has been considered as  a certificate titled  “Certified Data Protection Officer” (Level I).

Cyber Law College has already planned further modules of the program which will be rolled out in due course as Level II, Level III, Level IV and Level V.

Level II will be conducted after the regulations come in force. Level III and IV would be covering the Technical and other skill sets that would be required for a DPO. Level V will incorporate a training on other international privacy protection laws.

Following this program plans are being made for offline programs. FDPPI also offers complimentary program for the Directors of any company on the impact of PDPA, which is conceived as a 45 minute interaction. This will be conducted on invitation so that the knowledge of PDPA is spread among the stake holders.

Naavi

Certificate in Personal Data Protection Act (CPDPA) by Cyber Law College

In Association with

Foundation of Data Protection Professionals in India (FDPPI)

 Introduction

This course is meant to introduce the present and upcoming data protection law in India. The course is structured as a 12 session web based course and tentatively covers the following topics.

1. Evolution of Privacy Law in India. (ITA 2000-ITA 2008-Puttaswamy Judgement.etc.)
2. Understanding the Concept of Privacy and its relation with Data Protection
3. Applicability, Exemptions, Transitional Provisions
4. Data Principal’s Rights and Data Protection Obligations
5. Grounds of Processing
6. Transfer of Personal data outside India.
7. DPA and DPO
8. Compliance Obligations
9. Penalties and Offences and Grievance Redressal mechanism
10. Data Protection Challenges under New Technologies
11. Data Governance Framework
12. Interactive discussion

During the course of the discussion provisions of Information Technology Act 2000 (ITA 2000), as well as international data protection laws such as GDPR and CCPA will also be discussed through the focus would be on the Personal Data Protection Act 2018 (Draft law proposed by the Justice Srikrishna Committee).

The Course recognizes that the law is now developing and proposes to provide a free follow up session whenever the final version of the law is passed.

The course will be conducted through online sessions conducted through one of the platforms such as Zoom and connectivity links will be sent to the registered students before the session/s through the registered e-mail.

The First Batch is scheduled to commence from December 7, 2019 with the first session from 11.00 am.

All registered students have been informed over the registered e-mail address about the commencement.

Any person who needs further information may contact Naavi.

Details of Cyber Law College are  available here

Details of FDPPI  are available here

Naavi

It has been announced that the Personal Data Protection Bill will be presented in the Parliament in the next session commencing from 18th November 2019.

While it is the intention of the Government to pass the bill in this session itself, it is certain that detailed discussions will be held both inside the Parliament and in committees.

In order to ensure that these discussions will happen with relevant study of the provisions, FDPPI and Cyber Law College is not only launching its Certificate Course in PDPA in November but also ensure that any changes that may occur in the draft bill is also part of the course.

The Course details of which has already been announced (For updates visit www.cyberlawcollege.com) will commence from December 7th and will be held on week ends between 11.00 am and 12.30 pm for 6 weeks. (Due to unforeseen circumstances, the date of commencement originally meant for November 30 has been postponed by a week. Kindly excuse me for the inconvenience)

All members of FDPPI will get guest invitations from Cyber Law College to attend without the Certification.  Members of FDPPI will also be able to sponsor their friends at concessional fee of Rs 5000/-instead of Rs 7500/-.

FDPPI will also extend this facility to certain partner organizations to a limited extent so that we will create as many number of persons as possible who have studied the Bill and be able to debate it with knowledge.

Naavi

Cyber Law College, which has been conducting Cyber Law related courses since 2000 as well as courses on HIPAA and GDPR, has now started a Web Class based course on Personal Data Protection Act.

This course for “Certificate in PDPA” will consist of 12 live sessions to be conducted by Na.Vijayashankar (Director Cyber Law College) and Chairman FDPPI and cover the following topics.

1. Evolution of Privacy Law in India. (ITA 2000-ITA 2008-Puttaswamy Judgement.Etc.) and
2. Understanding the Concept of Privacy and its relation with Data Protection
3. Applicability, Exemptions, Transitional Provisions
4. Data Principal’s Rights and Data Protection Obligations
5. Grounds of Processing
6. Transfer of Personal data outside India
7. DPA and DPO
8. Compliance Obligations
9. Penalties and Offences and Grievance Redressal mechanism
10. Data Protection Challenges under New Technologies
11. Data Governance Framework
12. Interactive discussion and Review

Each session would be approximately for 90 minutes. It is envisaged that the course will commence in the second half of November 2019 and there would be two classes each week for 6 weeks. Exact schedule of the classes will be announced later.

As an introductory offer, the fees for the course is set at Rs 6000/- only.

A Copy of the prospectus is available here

Existing members of FDPPI can sponsor/refer any participant and such participants would be provided a cashback of Rs 1000/-.

At the end of the course there would be an online test following which the certificates would be issued by FDPPI.

Interested persons may enroll at the earliest by visiting  here

Naavi

Watch the video on the introduction to the program here:

Data Governance is getting increased attention now since after the PDPA becoming a law there would be need for further legislation on processing of “Community Data” and “Aggregated Anonymized Data”. This may perhaps be addressed through a new legislation on “Data Governance”. The Government has set up an Expert Committee for this purpose.

More information on these developments are found here:

1. 1. Formation of the Expert Committee
   2. Views of Kris Gopalakrishna…1.. What do they indicate for the Privacy Regulation in India
   3. Views of Kris Gopalakrishna…2.. Leveraging Data for the benefit of individuals
   4. Views of Gopalakrishna …3…on Privacy
   5. Data Productivity vs Data Security
   6. What is Community Privacy? and who has the right of disposal?

There is every indication that “Data Governance Act of India” will sooner or later come into operation. It is good for the Data Protection Professionals to be watchful of these developments.

Data Protection will continue to be an important segment of Data Governance. But it is possible that a new outlook will come to bear on “Data Security” with a lot more liberal outlook than what the data protection professionals would be accustomed to today. The interpretations may move from the GDPR side to the CCPA side, unless the law is clear.

FDPPI will closely watch the developments on Data Governance and as a part of its activities will keep “Data Governance”  on our radar along with “Data Protection”.

In order to initiate the discussions, FDPPI is conducting a webinar on Data Governance on 12th October 2019 at 5.30 pm. Interested persons may contact fdppi.mumbai@fdppi.in for an invitation.

Naavi

Bangalore Chapter of FDPPI organized a Knowledge Sharing session on the theme “Cyber Forensics in the Privacy Era” at Deloitte office on 17th September 2019 between 5.00 pm and 7.30 pm.

Mr Sebastin Edussery, Head Security, IFS, Deloitte, India addressed the gathering  and discussed interesting case studies on Cyber Forensics and the Privacy issues that a Forensic investigator needs to contend with.

This  was then followed by a session on “Evidentiary Challenges in Cyber Forensics” by Naavi, the Chairman of FDPPI.

The sessions were well appreciated by the participants.

Naavi

On 11th September 2019, FDPPI has organized a webinar on ISO 27701 which is an extension to ISO 27001 and covers the requirements of PIMS. (Privacy Information Management System).

Speaker is Ms Sandhya Khamsera, Founding Partner and CEO of Pricoris LLP.

After the advent of GDPR, BS 10012 was released to directly address the PIMS.  Recently, ISO released the document titled ISO27701 as an extension of ISO 27001 for enabling a framework for managing the security of Personal Information.

Ms Sandhya will discuss some of the salient features of the framework.

The webinar will be at 11.00 am and a  link can be obtained from the FDPPI WhatsApp group or sending an email to FDPPI

Naavi

In a well attended meeting held at the office of Deloitte, Gurugaon, the Delhi Chapter of FDPPI was formally launched.

Mr Gautam Kapoor, partner, Deloitte speaking on the occassion highlighted the special role of the Delhi Chapter in being able to closely track the policy developments since Delhi happens to the political capital of the country.

Mr Nakul Chopra who will be the provisional honorary president, made a presentation providing a brief overview of the proposed Personal Data Protection Act.

Mr Naavi made a presentation on the Data Audits as envisaged in PDPA and highlighted the need for developing a system for computing Data Trust Score.

The membership of the chapter would be expanded and the Governing council would be formally set up.

PDPA (Personal Data Protection Act) is an important legislation which the Government of India is set to pass in the Parliament at the earliest. With the passage of the Aadhaar Amendment Act, it has become even more critical that the Government passes the Personal Data Protection Act without much delay since this contains the commitment for protection of Privacy without which some of the provisions of the Aadhaar continue to attract criticism.

While like any other Privacy protection legislation, PDPA also speaks of permitted grounds of processing of personal information, the obligations of the processor, the rights of the data owner, the penalties etc, it must be recognized that PDPA has imposed a huge responsibility on the “Audit Community” for protecting Privacy of the Indian Citizens.

PDPA envisages an annual “PDPA Compliance Audit” as a mandatory provision besides internal audits from time to time by the Data protection officer. There will also be audits whenever a Data Breach is suspected and whenever there is a perceived conflict with the RTI.

Some of these issues will be discussed by Naavi during an event in Delhi on 16th July 2019 at the Deloitte, Gurugaon office. The occassion will also mark the launch of the Delhi Chapter of FDPPI and open to non members also on invitation. Interested persons may contact Mr Nakul Chopra of Deloitte Delhi for more information.

Naavi

We are completing one year of GDPR. GDPR brought in a new awareness across the world about Data Protection for which all professionals having a stake in the industry has to thank.

As we celebrate the anniversary of GDPR, in India it is time to look forward to the year of PDPA.

With the return of the Modi Government, we can expect that the passage of PDPA will be smooth and before the end of this year, we will have the DPA in place.

FDPPI has dedicated itself to the cause of PDPA and will involve itself with outreach programs to spread the knowledge.

Additionally FDPPI will be co-coordinating its activities with other similar  organizations to undertake many other projects which will be discussed from time to time.

We look forward to suggestions from the professionals in this regard.

Naavi

Chairman