Data protection must be balanced with the right equation of fraud detection. Businesses must be well-equipped to combat the threats of data breaches, warned an expert. (Getty Images)
As IT minister Ashwini Vaishnaw introduced the Digital Personal Data Protection Bill, 2023 in Parliament today, industry experts said it is a well-constructed bill, and will bring the country one step closer to establishing law on data privacy
IT minister Ashwini Vaishnaw on Thursday clarified that the Digital Personal Data Protection Bill, 2023 (DPDPB) is not a money bill, and the government is ready to discuss it and any concern raised by the Opposition.
During the Monsoon Session, the opposition highlighted the concerns on whether the bill violates the judgment of the Puttuswamy Case, and suggested that it should be discussed further and should be referred to a Parliamentary Standing Committee.
Despite the concerns related to the bill, industry insiders believe it is a well-constructed bill for Digital India.
Sujit Patel, MD and CEO, of SCS Tech, told News18 that it is necessary to appreciate and comprehend the applicability of the DPDPB, which creates a new framework for personal data security.
“The bill will bring India one step closer to establishing the law on data privacy and protection. It is being done to serve the greater aim of a digital economy. The bill is expected to give people more rights, visibility, awareness, autonomy in decision-making, and control over their data, while also requiring businesses to respect those rights and offer suitable remedies,” he added.
Meanwhile, Dhiraj Gupta, Co-Founder and CTO of mFilterIt, believes that in light of the new movement towards data privacy, businesses must be aware of their responsibilities towards their customer’s data protection.
“Data protection must be balanced with the right equation of fraud detection. Businesses must be well-equipped to combat the threats of data breaches and ensure their customer’s data is not at risk,” Gupta said.
Amit Jaju, Senior Managing Director, Ankura Consulting Group (India), advised Indian companies to start preparing for compliance to avoid penalties and reputational damage as the bill is introduced in Parliament.
“They can take proactive steps such as appointing a Data Protection Officer, conducting a Data Protection Impact Assessment and implementing appropriate security measures. Gradually, they can prepare by obtaining consent for processing personal data, establishing a grievance redressal mechanism, complying with cross-border data transfer requirements, and developing a data retention policy. By reviewing their current data protection practices and making necessary changes, Indian companies can ensure compliance with the proposed law and protect personal data privacy,” he suggested.
Udit Mehrotra, MD and CEO, Spectra said: “As the Digital Private Data Protection Bill takes centre-stage in Parliament today, it serves as a crucial reminder that just as user privacy is paramount in the digital age, network security stands as an equally imperative responsibility for companies. Safeguarding not only personal information but also the very infrastructure that holds it, ensures a landscape where trust, innovation, and progress can thrive unhindered.”
.