DPDP 2023 - A Netizen’s Perspective
Introduction
The nation got its first consolidated data protection regulation in the form of the Digital Personal Data Protection Act, 2023, in the month of August, and the Indian netizens got their independence in terms of data protection and privacy. The act lays heavy penalties for non-compliance with the provisions, and the same is under the jurisdiction of a Data Protection Board set up by the Central Government, which enjoys powers equivalent to a civil court. The act upholds the right to data privacy as the fundamental right under Article 19 (1)(A) and 21 of the Constitution of India. The same has been judicially supported in the form of the landmark judgement, Jus. K.S Puttawamy vs. Union of India of 2018. Let us take a look at the impact the act will make on the Indian netizens.
What is Personal Data?
Personal Data refers to any form of digitised data which can be directly replicated by any person. This includes email IDs, mobile numbers, health data, banking data, photos, etc. A person to whom the personal data belongs is called the Data Principle. A Data principle is anyone who is above the age of 18 years and consents to the data of children/minors. In the case of children/minors, it is mandatory for the parents or guardians to provide their express consent for the processing of personal data for all or any purposes. Any individual who is processing personal data is known as the Data Fiduciry, and individuals registered under the act may act as consent managers to make the consent transparent. When it comes to the rights of the netizens, it is seen that the act is created with an aspect of “Safety by Design” to secure the rights and responsibilities of the netizens.
Rights secured under the DPDP Act 2023
- Right to Grievance Redressal: The Data fiduciary and the consent manager are required to respond to the grievances of the Data Principal within a time period, which is soon to be prescribed, thus creating a blanket of responsibility for the data fiduciary and consent manager.
- Right to Nominate: Data Principals have the right to nominate any other individual who shall, in the event of death or incapacity of the data principal, exercise his/her rights.
- Right to access to information: The Data principal has the right to seek confirmation from Data fiduciaries regarding the processing of their personal data and the summary of the processed data as well.
- Right to Erasure and Correction: Data principals can reach out to the data fiduciaries in order to exercise their right to correct, complete, update and erasure of their personal data.
- Territorial Rights: The data is to be processed within India, and processing outside India should be in regard to the services provided in India.
- Material Rights: The rights are applicable to any personal data collected in digitised form and also for the data collected in a non-digital form but subsequently digitised.
Obligations for Data Fiduciaries
The data fiduciaries are mandated to oblige with the following provisions in order to maintain compliance with the laws of the land and by securing the Digital rights of the netizens.
These are the obligations of the data fiduciaries:
- Implement technical and organisational measures to safeguard Personal Data.
- Determine the legal grounds for processing and obtaining consent from Data principals where required.
- Provide a privacy notice while obtaining consent from Data principals.
- Implement a mechanism for data principals to exercise their rights.
- Implement a grievance redressal mechanism for handling the queries from Data principals.
- Irrecoverably delete personal data after the purpose for which it was collected has expired or when the consent has been withdrawn.
- Have a breach management policy to notify the data protection board and the data principals in accordance with prescribed timelines.
- Sign a valid contract with Data processors to ensure key obligations are abided by them, including timely deletion of data.
Conclusion
As the world steps into the digital age, it is pertinent for the governments of the world to come up with efficient and effective legislation to protect cyber rights and responsibilities, but as cyberspace has no boundaries, nations need to work in synergy to protect their cyber interests and netizens. This can only begin once all nations have indigenous Cyber laws and rights to protect netizens, and the same has been addressed by the Indian Government in the form of the Digital Perosnl Data Protection Act, 2023. The future is full of emerging technologies and the evolution of cyber laws; hence, consolidating a basic legal structure now is of utmost importance and the same is expected to be strengthened in India by the soon-to-be-released Draft Digital India Bill.
Related Blogs
Introduction
Criminal justice in India is majorly governed by three laws which are – Indian Penal Code, Criminal Procedure Code and Indian Evidence Act. The centre, on 11th August 2023’ Friday, proposes a new bill in parliament Friday, which is replacing the country’s major criminal laws, i.e. Indian Penal Code, Criminal Procedure Code and Indian Evidence Act.
The following three bills are being proposed to replace major criminal laws in the country:
- The Bharatiya Nyaya Sanhita Bill, 2023 to replace Indian Penal Code 1860.
- The Bharatiya Nagrik Suraksha Sanhita Bill, 2023, to replace The Code Of Criminal Procedure, 1973.
- The Bharatiya Sakshya Bill, 2023, to replace The Indian Evidence Act 1872.
Cyber law-oriented view of the new shift in criminal lawNotable changes:Bharatiya Nyaya Sanhita Bill, 2023 Indian Penal Code 1860.
Way ahead for digitalisation
The new laws aim to enhance the utilisation of digital services in court systems, it facilitates online registration of FIR, Online filing of the charge sheet, serving summons in electronic mode, trial and proceedings in electronic mode etc. The new bills also allow the virtual appearance of witnesses, accused, experts, and victims in some instances. This shift will lead to the adoption of technology in courts and all courts to be computerised in the upcoming time.
Enhanced recognition of electronic records
With the change in lifestyle in terms of the digital sphere, significance is given to recognising electronic records as equal to paper records.
Conclusion
The criminal laws of the country play a significant role in establishing law & order and providing justice. The criminal laws of India were the old laws existing under British rule. There have been several amendments to criminal laws to deal with the growing crimes and new aspects. However, there was a need for well-established criminal laws which are in accordance with the present era. The step of the legislature by centralising all criminal laws in their new form and introducing three bills is a good approach which will ultimately strengthen the criminal justice system in India, and it will also facilitate the use of technology in the court system.
Introduction
It’s a proud moment for Indians that India will host the G- 20 administration, which will bring the world’s 20 largest profitable nations together on a single platform during the post-economic recovery and the Russia- Ukraine conflict, which has increased geopolitical pressures among nations over the last many times and made the G- 20 a precedence of nations. With this administration, India has to make cybersecurity precedence, as the security and integrity of the critical structure and digital platforms are top precedence in 2023. The necessity for a secure cyberspace is pivotal given the exponential increase in the volume and kind of cyber-attacks, particularly to crucial structures the most recent illustration is the ongoing interruption at New Delhi’s All India Institute of Medical lores caused by a ransomware assault. It has been observed that the mode of attacks are more sophisticated and targets communication structure, critical structure, transport systems, and especially the information technology sector and fiscal system.
The structure that enables the delivery of government services to be more effective. As a result,cyber-secured critical structures and digital public forums are necessary for public security, bettered governance, and, most importantly, maintaining people’s trust. The G20 can be enhanced and contribute towards securing digital public platforms and the integrity of the critical structure. This time, in 2023, digital security is the top precedence.
G20 cybersecurity enterprises and politic sweat
The emphasis on cybersecurity was maintained throughout the Italian and Indonesian regulations in 2021 and 2022, independently, by emphasizing the significance of cyberspace during Digital Economy Working Group addresses. Specifically, under the Indonesian Presidency, the prominent cybersecurity focus was clear in the recent Bali Leaders’ protestation, which noted, among other effects, the significance of fighting misinformation juggernauts and cyber attacks, as well as guaranteeing connectivity structure security. The cyber incident report by the Financial Stability Board on carrying further uniformity in cyber incident reporting In 2016, a G20 digital task force was created under the Chinese administration to understand digital technology issues. Under the Saudi administration, the cybersecurity gap at the G20 was bridged by addressing the issues of MSMs. India has also refocused on the significance of creating secure, secure, and stronger-friendly digital platforms.
G20- India’s digital invention alliance( G-20-DIA) a cyber-secure Bharat
- Under India’s administration, the G20’s Digital Economy Working Group is led by the Ministry of Electronics and Information Technology( MeitY, DEWG).
- The Ministry concentrated on three major areas during India’s G20 administration digital skill development, digital public structure, and cyber security.
- The EWG’s DIA and Stay Safe Online enterprise further the ideal of lesser digital metamorphosis by guaranteeing a safe and creative cyber terrain. They want to offer a smooth and secure delivery of public services.
The G20 Digital Innovation Alliance
(G20- DIA) strives to find, admit, and encourage the relinquishment of innovative and poignant digital technologies produced by invited G20 startups and-member governments.
- These technologies must meet humanity’s conditions in six crucial areas husbandry, health, education, finance, secure digital structure, and indirect frugality.
- The inventions created around these motifs will be supported by the Digital Public Goods structure, allowing them to be espoused encyclopedically, closing the digital gap and icing sustainable and indifferent growth.
- The G20 Digital Innovation Alliance( G20- DIA) conference will be held on the perimeters of the Digital Economy Working Group( DEWG) meeting in Bengaluru.
- Top-nominated entrepreneurs from each order will present their ideas to a worldwide community of investors, instructors, pots, and other stakeholders at this event.
India’s” Stay Safe Online crusade”
The” Stay Safe Online” crusade attempts to raise mindfulness about the significance of remaining safe in the online world amid our adding reliance on it. With the fast expansion of the technical terrain and the growing number of internet druggies in India, new difficulties are arising. The Stay Safe Online crusade aims to educate individuals about cyber pitfalls and how to avoid them. The time-long crusade will target children, women, scholars, and aged citizens, as well as individuals with disabilities, preceptors, and government officers in particular. It’ll be done in Hindi, English, and indigenous languages to reach a larger followership. It’ll distribute mindfulness information in infographics, short pictures, cartoon stories, and so on through extensively employed social media platforms and other channels. The primary stakeholders will be government agencies, civil societies, and NGOs.
Conclusion
To wind up, it can be said that cyber security has become the most essential part of transnational affairs. As India hosts the G20 administration in 2023, the docket relating to cybersecurity gains a global stage, where cyber-related issues are addressed and honored encyclopedically, and nations can combat these issues; also, India aims to raise cyber mindfulness among its citizens.
Introduction
The Central Board of Secondary Education (CBSE) has issued a warning to students about fake social media accounts that spread false information about the CBSE. The board has warned students not to trust the information coming from these accounts and has released a list of 30 fake accounts. The board has expressed concern that these handles are misleading students and parents by spreading fake information with the name and logo of the CBSE. The board has has also clarified that it is not responsible for the information being spread from these fake accounts.
The Central Board of Secondary Education (CBSE), a venerable institution in the realm of Indian education, has found itself ensnared in the web of cyber duplicity. Impersonation attacks, a sinister facet of cybercrime, have burgeoned, prompting the Board to adopt a vigilant stance against the proliferation of counterfeit social media handles that masquerade under its esteemed name and emblem.
The CBSE, has revealed a list of approximately 30 spurious handles that have been sowing seeds of disinformation across the social media landscape. These digital doppelgängers, cloaked in the Board's identity, have been identified and exposed. The Board's official beacon in this murky sea of falsehoods is the verified handle '@cbseindia29', a lighthouse guiding the public to the shores of authentic information.
This unfolding narrative signifies the Board's unwavering commitment to tackle the scourge of misinformation and to fortify the bulwarks safeguarding the sanctity of its official communications. By spotlighting the rampant growth of fake social media personas, the CBSE endeavors to shield the public from the detrimental effects of misleading information and to preserve the trust vested in its official channels.
CBSE Impersonator Accounts
The list of identified malefactors, parading under the CBSE banner, serves as a stark admonition to the public to exercise discernment while navigating the treacherous waters of social media platforms. The CBSE has initiated appropriate legal manoeuvres against these unauthorised entities to stymie their dissemination of fallacious narratives.
The Board has previously unfurled comprehensive details concerning the impending board examinations for both Class 10 and Class 12 in the year 2024. These academic assessments are slated to commence from February 15 to April 2, 2024, with a uniform start time of 10:30 AM (IST) across all designated dates.
The CBSE has made it unequivocally clear that there are nefarious entities lurking in the shadows of social media, masquerading in the guise of the CBSE. It has implored students and the general public not to be ensnared by the siren songs emanating from these fraudulent accounts and has also unfurled a list of these imposters. The Board's warning is a beacon of caution, illuminating the path for students as they navigate the digital expanse with the impending commencement of the CBSE Class X and XII exams.
Sounding The Alarm
The Central Board of Secondary Education (CBSE) has sounded the alarm, issuing an advisory to schools, students, and their guardians about the existence of fake social media platform handles that brandish the board’s logo and mislead the academic community. The board has identified about 30 such accounts on the microblogging site 'X' (formerly known as Twitter) that misuse the CBSE logo and acronym, sowing confusion and disarray.
The board is in the process of taking appropriate action against these deceptive entities. CBSE has also stated that it bears no responsibility for any information disseminated by any other source that unlawfully appropriates its name and logo on social media platforms.
Sources reveal that these impostors post false information on various updates, including admissions and exam schedules. After receiving complaints about such accounts on 'X', the CBSE issued the advisory and has initiated action against those operating these accounts, sources said.
The Brute Nature of Impersonation
In the contemporary digital epoch, cybersecurity has ascended to a position of critical importance. It is the bulwark that ensures the sanctity of computer networks is maintained and that computer systems are not marked as prey by cyber predators. Cyberattacks are insidious stratagems executed with the intent of expropriating, manipulating, or annihilating authenticated user or organizational data. It is imperative that cyberattacks be mitigated at their roots so that users and organizations utilizing internet services can navigate the digital domain with a sense of safety and security. Knowledge about cyberattacks thus plays a pivotal role in educating cyber users about the diverse types of cyber threats and the preventive measures to counteract them.
Impersonation Attacks are a vicious form of cyberattack, characterised by the malicious intent to extract confidential information. These attacks revolve around a process where cyber attackers eschew the use of malware or bots to perpetrate their crimes, instead wielding the potent tactic of social engineering. The attacker meticulously researches and harvests information about the legitimate user through platforms such as social media and then exploits this information to impersonate or masquerade as the original, legitimate user.
The threats posed by Impersonation Attacks are particularly insidious because they demand immediate action, pressuring the victim to act without discerning between the authenticated user and the impersonated one. The very nature of an Impersonation Attack is a perilous form of cyber assault, as the original user who is impersonated holds rights to private information. These attacks can be executed by exploiting a resemblance to the original user's identity, such as email IDs. Email IDs with minute differences from the legitimate user are employed in this form of attack, setting it apart from the phishing cyber mechanism. The email addresses are so similar and close to each other that, without paying heed or attention to them, the differences can be easily overlooked. Moreover, the email addresses appear to be correct, as they generally do not contain spelling errors.
Strategies to Prevent
To prevent Impersonation Attacks, the following strategies can be employed:
- Proper security mechanisms help identify malicious emails and thereby filter spamming email addresses on a regular basis.
- Double-checking sensitive information is crucial, especially when important data or funds need to be transferred. It is vital to ensure that the data is transferred to a legitimate user by cross-verifying the email address.
- Ensuring organizational-level security is paramount. Organizations should have specific domain names assigned to them, which can help employees and users distinguish their identity from that of cyber attackers.
- Protection of User Identity is essential. Employees must not publicly share their private identities, which can be exploited by attackers to impersonate their presence within the organization.
Conclusion
The CBSE's struggle against the masquerade of misinformation is a reminder of the vigilance required to safeguard the legitimacy of our digital interactions. As we navigate the complex and uncharted terrain of the internet, let us arm ourselves with the knowledge and discernment necessary to unmask these digital charlatans and uphold the sanctity of truth.
References
- https://timesofindia.indiatimes.com/city/ahmedabad/cbse-warns-against-misuse-of-its-name-by-fake-social-media-handles/articleshow/107644422.cms
- https://www.timesnownews.com/education/cbse-releases-list-of-fake-social-media-handles-asks-not-to-follow-article-107632266
- https://www.etvbharat.com/en/!bharat/cbse-public-advisory-enn24021205856
