FDPPI is your Privacy Companion

The new year resolution that FDPPI is pursuing for 2025 is to further promote the urgency for DPDPA Compliance during the year.

Towards this direction, FDPPI continues to

a) Build Awareness

b) Build Expertise

c) Provide the framework for compliance

d) Collaborate with PET developers

Currently there are lots of activities by different individuals and organizations about creating awareness of DPDPA. We welcome all these initiatives though there could be some differences of views on some aspects of the law here and there. Essentially the differences may come because other professionals may still be under the influence of the GDPR while we try to have an independent Jurisprudential view on different aspects of law. 

Whether it is the definition of what is “Personal Data” , How to identify the “Significant Data Fiduciary”, How to work on the rights of Grievance redressal and Nomination, or Data Monetization,  FDPPI may have a slightly different  view than some of the other professionals.

However, FDPPI welcomes the efforts of all community leaders in making “Data Privacy” a buzz word in the industry.

FDPPI now focusses on the next generation of work which is the enabling of implementation through the suggested DGPSI framework which can be used for implementation as well as third party audit and certification.

When a new thought like DGPSI comes to the market, there will be many who will continue to stick by the old practices…. and say “You should have done what others have done for years”. 

It is time to leave such advisors to the past and move ahead with DGPSI. The Birla Opus paint advertisement provides a similar message which describes exactly the sentiments I echo on DGPSI vs other frameworks.

DGPSI is an implementation framework that focusses on compliance of DPDPA. It has some revolutionary thoughts related to data classification, process based compliance, distributed responsibility, data monetization etc. In the past few months we are already seeing that some of the practitioners of other frameworks shifting their stand and saying this is also our view and can be implemented in the current framework as well.  I welcome such softening of the stand on DGPSI and look forward to them adopting DGPSI as a whole or incorporate its principles within the other frameworks they would like to stand by.

We intend discussing this concept of DGPSI as a framework for DPDPA compliance in depth during the three  day workshop at Mumbai on January 24, 25 and 26. 

Contact today to register yourself. This could be a turning point in the career of all ISMS auditors who would like to become a DPDPA Auditor.

Say No to dogmas  and yes to the new generation framework of DGPSI.

Naavi

FDPPI would celebrate the January 2025 as the DGPSI month. During this month we intend to cover how DPGSI as a framework covers several DPDPA compliance issues.

We welcome questions from professionals about their DPDPA compliance queries.

Naavi

FDPPI’s  previous C.DPO.DA. physical program in Bengaluru was a grand success. now it is time for the next program at Mumbai set to take place on January 24/25 and 26.

Watch out for more details:https://fdppi.iletsolutions.com/c-dpo-da-training-2025/

This program will cover the requirements of a DPO and a Data auditors in India.

The coverage includes DPDPA 2023 along with the essence of GDPR, challenges of the DPO, requirements of a data auditor, DGPSI framework of implementation, audit and assessment of DPDPA compliance with several case studies.

Registrations are now open. Join today.

Naavi

The two day event Indian Data Protection Summit 2024 came to a successful conclusion with the valedictory function where Dr Bharat Panchal of Bhima Sugam gave the valedictory address. Mr Abhishek Solanki, senior scientist from CERT-In was a gues of honour along with Mr Yashvantha Kumar of Cyber Crime Division Bangalore and Dr A Nagaratna of NLSUI.

During the two days, more than 56 speakers participated in the program including 13 from outside the country. The 8 key notes, 7 panel discussions and 4 Focus Group discussions made the conference a wholesome event. With an excellent organizational support from the KLE, and special efforts of Suresh Balepur, and Ashok Kini, managing the hospitality, the event was memorable.

The publication of the book “DGPSI-The Perfect Prescription for DPDPA compliance” during the event marked a significant development of FDPPI’s efforts to facilitate DPDPA compliance in the industry. Hopefully this would also be a significant milestone in the development of Data Protection Compliance in India.

The set of these twin books would server the purpose of providing the information on Privacy as a Fundamental right, the DPDPA as an act, the Governance aspects related to Data protection and the practitioner’s guide for implementation and audit. Though the rules are yet to be notified for DPDPA, the DGPSI booklet serves presently as a Jurisprudential exposition that tries to identify how each of the DPDPA provisions may be implemented.

A detailed report of the event will be available later and the registered delegates would also get a link to the videos to be published virtually.

In the annual flagship event of FDPPI, namely the Indian Data Protection Summit 2024 (IDPS 2024) set to be held on November 30 and December 1, 2024 at Bengaluru, FDPPI recognizes those who contribute to Privacy and Data Protection in India.

Yesterday we lost Justice K S. Puttaswamy who had contributed to the rising of the Privacy Consciousness in India leading to the passing of DPDPA 2023. FDPPI had the satisfaction of recognizing him with a title of “Privacy Pitamaha” during our 2023 AGM. Continuing our appreciation of his contribution to the Privacy eco system in India, FDPPI has decided that this year, the “Privacy Advocate of the year Award” would be “Dedicated to the memory of the Privacy Pitamaha, Late Justice Sri K.S.Puttaswamy”.

Nominations will be open upto 10th November 2024 and the nomination form would be available here https://fdppi.iletsolutions.com/idps-2024-award-nominations.

There will also be 4 other categories of awards namely “Privacy Knight”, “Privacy Squad”, Privacy Champion (Organization) and “Privacy Innovator”. Out of these, the Privacy Champion Award would be “Dedicated to the memory of Padma Vibhushan, Late Sri Ratan Tata”.

We hope that these leaders who have left this world will continue to inspire our professionals through these awards.

Justice K S Puttaswamy who was instrumental in initiating a case in Supreme Court on Aadhaar which finally ended up with the judgement leading to passing of DPDPA 2023 reportedly passed away today. He had led a very fruitful life and will be remembered for a long time for his contribution to the field of Privacy. in India.

At the time he was honoured he was 98 years old and hence he lived a full life of 99 years. FDPPI wishes to pass on our condolences to the bereaved family.

FDPPI has been working on the adoption of DPDPA Compliance by the society through multiple efforts. Apart from creating “Awareness”, FDPPI has a capacity building program with the creation of “Certified Data Protection Officers and Data Auditors” (C.DPO.DA). Additionally FDPPI has developed an indigenous framework for compliance of DPDPA through DGPSI.

However, it is still an uphill task for pushing the Indian community particularly the MSMEs to take steps for DPDPA Compliance in their operations. One obvious excuse is the lack of funds for compliance while the real reason could be a desire to make hay while the sun shines and gather as much of personal information of public as possible and exploit them. While law can punish them at the appropriate time, the objective of the Government and the society is to persuade the industry to be compliant without the need for using the penalty stick.

FDPPI therefore urges the Government of India to introduce a scheme for incentivisation of adoption of DPDPA at least for MSMEs, in a manner similar to what US Government did for promoting HIPAA adoption. (More details here).

Such a scheme would involve subsidizing the use of “Privacy Compliant Software” and more appropriately “DPDPA Compliant Software” for processing Personal data by a Data Fiduciary. Obviously the software needs to be evaluated and certified as DPDPA Compliant software.

In this direction FDPPI is extending its C.DPO.DA. to specifically train the Data Auditors to evaluate a software system for DPDPA Compliance and assign a DTS score as an indication of the level of “DGPSI Compliance”. Being “DGPSI Compliant” is a fair indication of being “DPDPA Compliance”.

We urge software developers to avail of this evaluation and the tag “Built for DGPSI Compliance” with a “DTS score” and simultaneously urge the MeitY to take steps to introduce a system of incentivisation in the form of a subsidy for use of software which is built for DPDPA Compliance.

Request MeitY to start a debate on this count and form a committee of experts to take a decision at the earliest. This can be announced along with the publication of the final rules under DPDPA.

FDPPI presently has Chapters in Bengaluru, Mumbai, Delhi, Pune, Hyderabad, Chennai and Nagpur and Kolkata.

Now FDPPI has activated its Chapter in Ahmedabad under the leadership of Advocate Anandaday Mishra, Founder and Managing Partner of AMLEGALS, a leading full service law firm, who will be the President of the Chapter.

Mr Anand is a seasoned Data Privacy professional working in multiple jurisdictions across the globe on data privacy.

The Chapter would function from the premises of AMLEGALS, 201, 203, Westface, Opp Baghban, Zydus Hospital Road, Thaltej, Ahmedabad 380054 and Mr Anand can be contacted at fdppi.ahd@amlegals.com or -8448548549.

FDPPI and AMLEGAL look forward to undertake many activities in Ahmedabad to further the cause of Privacy and Data Protection in India.

We invite professionals in Ahmedabad and other parts of Gujarat to get in touch with Mr Anand to build the community of FDPPI members in the region.

Naavi