The Digital Personal Data Protection (DPDP) bill is a legislation outlining the rights, duties, and obligations of citizens and data fiduciaries regarding personal data use.
- The DPDP bill, guided by six principles, governs lawful and purposeful data collection, minimization, protection, accuracy, and breach reporting.
- It introduces laws for the transfer and storage of personal data abroad, with heightened penalties for infringements.
- The bill mandates consent prior to personal data collection and penalizes failure to prevent breaches.
- The legislation applies solely to digital personal data, excluding non-digital and non-personal data.
- It permits cross-border data flows to specific areas, easing data localization mandates.
- Data fiduciaries can retain personal data beyond its initial collection purpose for business needs.
- The bill prescribes penalties of โน200 crore for non-reporting of data breaches and up to โน250 crores for inadequate security measures.
- Non-compliance fines, determined by the Data Protection Board, can escalate up to โน500 crores.
- A new Data Protection Board will monitor compliance and impose penalties, whilst accepting voluntary commitments.
Please read the entire bill on my LinkedIn Post.
Welcome! Iโm amitkumar Shrivastava, Head of AI, Global Fujitsu Distinguished Engineer, and Fujitsu Fellow. This blog is dedicated to exploring the latest in technology, with a focus on artificial intelligence. Here, I share insights from my work, tech travels, and ongoing projects in the AI space. Join me as we dive into cutting-edge innovations and industry updates. Reach me at LinkedIn - https://www.linkedin.com/in/amitkumar-shrivastava/. 
Leave a comment