Firms processing great amounts of sensitive and personal information will have to enroll themselves as major data fiduciaries with a new authority. In addition, they have to undergo audits by the government, claims the draft bill presented by the Srikrishna Committee.
This is expected to augment compliance prices for technology behemoths such as Google, Facebook, and Amazon. The draft bill’s Clause 38 claims that anyone gathering information might be described as a major data fiduciary on the basis of the amount of information processed, its turnover, and the sensitivity of the information processed. Factors such as the jeopardy of damage in processing the information and the employment of new techs for processing information can also result in major data fiduciary categorization.
A firm classified as a major data fiduciary will require a need to enroll with the latest Data Protection Authority and go through data audits and data protection impact evaluations. It will be required to keep records and generate a data protection officer role. The bill also claims that the authority can need any data fiduciary to follow the regulations, even if not categorized as a major data fiduciary if there is jeopardy that a person might be injured via their data processing.
“Even though record keeping and audits are witnessed as compliance prices, documentation keeping is actually significant in guaranteeing that privacy is not breached. It is about making firms accountable. Firms sometimes working at scale might not know how the information is shared and stored,” claimed Mozilla Corp’s Public Policy Advisor.
On the related note, the government has ordered the CBI (Central Bureau of Investigation) to examine Cambridge Analytica’s mistreatment of Facebook consumer information, claimed Ravi Shankar Prasad (the law minister) to the parliament earlier this week. “It is supposed that Cambridge Analytica might have been comprised in unlawfully attaining data of people in India, which might be misused,” Prasad claimed.