- As information technology and usage of the internet is increasing day by day, there are more than 4.4 billion users who use the internet and emails nowadays. Our data is current all over on the web. Technology and also the web cause privacy problems.
- Data privacy has invariably been vital. However, as a lot of our information becomes digitized, and that we share a lot of data on-line, information/data privacy is gripping larger importance.
What is data protection?
- Data protection is that the method of safeguarding the crucial data from corruption, compromise, or loss. Each Individual’s information ought to be protected and might not be allowed commonly to be disseminated with not his/her consent because it may expose the individual to risks and threats from unwanted quarters.
- In the digital age, we tend to generally apply the construct of information/data privacy to important personal data, which is also referred to as Personally Identifiable Information (PII) and Private Health Information (PHI). This may embrace Social Security numbers, health, and medical records, money knowledge, as well as checking account and Mastercard numbers.
- For a company/corporate, data privacy goes on the far side of the PII of its workers and customers.
Importance of Data Protection
- When data that must be kept secluded gets in the incorrect hands, bad things can occur. When data is stolen at a government agency can compromise top-secret information in the hands of an enemy state. A breach at a company can put exclusive data in the hands of a competitor and can be used against itself.
- Data protection is crucial for firms and also for customers. Most of the rules and laws over data protection and data privacy bring data firms and alternative firms within the range of the rules and laws. The legislation just like the General Data Protection Regulation (GDPR) in Europe, Consumer Data Protection Act, and the Data Care Act within the USA advocate for knowledge protection. The GDPR penalizes the organization for 4% of its total revenues.
The need for Data Protection Laws
- Laws ought to be updated to deal with today’s reality. Ever since the net was created, folks are sharing additional and additional of their data on-line. In several countries, privacy rules exist and stay vital to assist shield people’s data and human rights, however, they’re not custom-made to suit the challenges of today’s connected world.
- Corporate co- and self-regulation isn’t operating to safeguard our information. Round the world, corporations, and alternative entities that collect people’s information have long advocated for regulation of privacy and information protection yet they are unable to safeguard the information and the data. There are many such examples of data breach over the last decade which include companies such as Adobe, LinkedIn, eBay, and many more.
Boon to Protect Data and Data Privacy
GDPR – Enforced by EU
- The General Data Protection Regulation (GDPR), a Europe-wide law for data/information protection. Over four years of preparation and negotiations, the GDPR was approved by the European Union (EU) on 14th April 2016 and came into effect from 25th May 2018. The EU General Data Protection Regulation (GDPR) is the most vital amendment in data privacy guidelines in twenty years.
- GDPR is data protection and privacy for all people among the European Union (EU) and also the European Economic Area (EEA).
- It is a legal framework that sets the guidelines and pointers for gathering and process of private data of people among the European Union (EU).
- The GDPR is the refined auxiliary to Data Protection Directive 95/46/EC and was designed to integrate the assorted data privacy laws across Europe, to protect and empower all EU voter’s knowledge privacy and to reshape the means organizations across the region approach data privacy.
- Until the enactment of GDPR, Data Protection rules and laws in the EU weren’t that tight and strict.
Features of the GDPR
- Justify the information Use – Individuals area unit entitled to possess their knowledge erased or not disseminated any, together with probably halting third parties from the process the information. The businesses’ desire to use your knowledge can need to justify why they require to grasp it.
- Extended Reach – GDPR covers every organization providing products and services to EU residents and organizations that monitor the behavior of EU residents through online medium. This extended reach currently covers the majority of the organizations in the EU and therefore is simpler and effective.
- Real Reputational Risk – As GDPR is in effect, the social contracts and enforcement actions will be frequent and will be made public. Therefore, there’s a risk of reputational damage within the companies.
- Hefty Fines – Failure to accommodates the GDPR comes with a hefty penalty. Corporations that violate the new rules are often penalized up to four percent of their annual turnover or twenty million euros (nearly $25 million), whichever is larger.
Laws and Institutions in India to Prevent Data Privacy and Data Protection
In Indian, various laws have been made and enacted to prevent data theft and keep data private, the laws are as follows:
- The Copyright Act, 1957- This act protects intellectual property rights in various creative and literary works including the computer database.
- The Indian Penal Code, 1860- This is used to prevent data theft.
- The Indian Constitution – Article 21 of the Indian Constitution protects the rights of individual life and personal liberty. In August 2017, the amendment made to protect the privacy of an individual.
- NASSCOM – The National Association of Service and Software Companies which is a non-profit organization lead the way to protect and strengthen data privacy in India.
- TRAI –
- The Telecommunication Authority of the Republic of India (TRAI) has counseled measures to shield the information Privacy of the people. Constitution of information Protection Authority of the Republic of India.
- The Srikrishna Committee is to submit a report on information privacy. this could become the bottom to border the robust law on information protection. TRAI is of the delivery that the info is collected by personal additionally as government entities. Therefore, the info protection framework ought to be equally applicable to each the govt additionally as personal entities
- TRAI has counseled that there should be a recognition that whereas information controllers might so collect and method personal information, this should be subject to numerous conditions and obligations – as well as significantly, securing specific consent of the individual, mistreatment the non-public information just for known functions.
- The entity that has managed over personal information would be accountable for compliance with information protection norms.
- The Authority has counseled that each one entity within the digital eco-system, that management or method the info, ought to be restrained from mistreatment information to spot the individual users.
- TRAI any recommends that to confirm sufficient selections to the users of digital services, granularities within the consent mechanism ought to be integral by the service suppliers.
- To ensure the privacy of users, National Policy for secret writing of private information, generated and picked up within the digital eco-system, ought to be notified by the govt at the earliest.
- Decryption ought to be the allowable on-demand basis by licensed entities under the consent of the buyer or as per the requirement of the law.
Advantages of Data Privacy
- Legal Compliance –Ensuring your company is compliant with all the necessities arranged down by the law permits you to avoid superfluous fines and legal headaches.
- Evading Fines
- Improved Business Management – as a result of the Data Protection Act needs higher management and storage of data, this may typically cause higher business practices.
- Customer Security and trust
Disadvantages of Data Protection
- Strict Maintenance of Information/Data – as a data manager you’ll be likely to abide by the data protection ethics and properly keep data you gather among the remit of the law.
- Cost – It may cost enough to protect the data you have and abide by the laws. If not, you will be penalized with heavy fines.
- Training –Proper training must be given to the employees so that data breach does not happen. Files have to be compelled to be secured, work containing personal data should be kept securely.
- Data Protection Procedures – It takes steps to keep the data safe. Even, people are carrying out their work at home, everything must be secured and strict policies must be made so that data is not leaked.
Constraints in India
- There is no such data protection authority to safeguard the data. No one is responsible to overlook that data breach does not happen.
- People may choose not to share their data with authorities Under the Right to Privacy Act.
- Many loopholes are there in the various laws that enable the institutions to share the data with others.