Government panel framework setup to safeguard individual information

Caste, racial or ethnic origin, philosophical beliefs, political leanings and sexual orientation will be classified as Sensitive Personal Data.

Published: 29th November 2017 08:27 AM  |   Last Updated: 29th November 2017 08:27 AM   |  A+A-

Image for representation only.

Express News Service

NEW DELHI: Information related to caste, racial or ethnic origin, philosophical beliefs, membership of political associations and sexual orientation of an individual are likely to be kept under the category of Sensitive Personal Data, according to an expert committee appointed by the government working on a data protection law.

The committee believes that “information about the caste of an individual falls within the zone where there is a higher expectation of privacy and it could be a reason for discrimination as well. These point to the fact that information about caste should be included in sensitive data.”

A committee has been set up under the chairmanship of former Justice B N Srikrishna to study issues on data protection and suggest a draft Data Protection Bill. The committee has come out with a white paper on data protection framework and the objective is to “ensure growth of the digital economy while keeping personal data of citizens secure and protected”.

Explaining the difference between caste and surname, the white paper said it is important to distinguish information about caste from information from which caste of a person may be surmised such as a surname. “The name of a person, even if it reveals his or her caste or religion cannot be the basis for treating the name itself as sensitive personal data,” it said.

While personal data refers to information about a person‘s identity, there are matters in which there is a higher expectation of privacy. Unauthorised use of such information may have severe consequences, observed the committee.

According to the white paper, the core categories identified in 2011 for protection as “sensitive personal data” were passwords, financial information (bank accounts or credit or debit card or other payment instrument details), physical, physiological and mental health condition, sexual orientation, medical records and history and biometric information. Racial or ethnic origin, philosophical beliefs, membership of political groups and trade unions are all missing from this list. “A fresh assessment would have to be carried out to ascertain whether such information should be included in the category of sensitive personal data,” it said.

The guidelines inlclude that data that is processed ought to be minimal and necessary for the purposes for which data is sought and other compatible purposes beneficial for the data subject and the data controller shall be held accountable for any processing of data. Enforcement of the data protection framework must be by a high-powered statutory authority with sufficient capacity. This must coexist with appropriately decentralised enforcement mechanisms, and penalties for wrongful processing must be adequate to ensure deterrence.

The white paper suggests the data protection framework must not hamper innovation. It said enforcement of the data protection framework must be by a high-powered statutory authority with sufficient capacity and penalties on wrongful processing must be adequate to ensure deterrence.

Guiding principles for Data Protection

Law must be technology agnostic and flexible for changing technologies and standards of compliance
Must apply to private sector entities and government. Differential obligations may be carved out in the law for certain legitimate state aims.

Consent is an expression of human autonomy. For it to be genuine, it must be informed and meaningful. The law must ensure that consent meets the aforementioned criteria.

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp