Tech Talk | After Parliament Nod, Data Protection Bill Now Aims to Thwart India’s Cybersecurity Risks – News18

In a bid to deal with persistent cybersecurity challenges, India has taken a big step ahead with the Digital Personal Data Protection Bill, 2023, being handed by each homes of parliament. As knowledge breaches proceed to plague organisations and people throughout the globe, the central authorities’s method hopes to bolster cybersecurity measures and safeguard private knowledge.

Surfshark’s current international research reveals a glimmer of hope for India’s cybersecurity panorama. For the second consecutive quarter, knowledge breaches in India have proven a downward pattern. However, regardless of this constructive trajectory, India nonetheless ranks among the many high nations grappling with knowledge breaches at a worldwide scale.

According to Surfshark, a cybersecurity firm, India is the seventh most breached nation within the second quarter of 2023 with roughly 1.35 million leaked accounts. Previously, India ranked sixth with 2.4 million within the first quarter of 2023. It also needs to be famous that the breach price is 44 p.c decrease in Q2 than in Q1.

Recognising the necessity for complete laws to fortify cybersecurity practices, the Digital Personal Data Protection Bill was handed in Lok Sabha on August 7 regardless of some issues raised by the opposition – centralisation of energy, knowledge safety board’s independence, knowledge localisation and cross-border knowledge switch. Later within the afternoon, on Wednesday, Rajya Sabha additionally handed the essential invoice.

The invoice, nonetheless, which now awaits President Droupadi Murmu’s signature to turn out to be a regulation, encompasses a variety of provisions particularly aimed toward mitigating cybersecurity dangers. This consists of:

• Robust technical measures: The invoice mandates organisations to implement stringent technical and organisational safeguards to defend private knowledge from cyber threats. This consists of measures like encryption, entry controls and well-defined safety incident response plans.
• Informed consent: Organisations will probably be prohibited from processing private knowledge with out express consent from people except justified by professional causes. This provision ensures that non-public knowledge will not be collected or utilised with out the data and settlement of people.
• Rapid breach notifications: The invoice requires organisations to promptly notify people inside 72 hours of discovering an information breach. This proactive method empowers people to take needed precautions within the occasion of a breach, minimising potential hurt.
• Data safety board: A central knowledge safety board, which will probably be established by the federal government, will oversee the enforcement and execution of the invoice’s provisions. This regulatory physique possesses the authority to research and penalise entities present in violation of the regulation.
• High penalties: The invoice imposes extreme fines, starting from Rs 50 crore to Rs 250 crore, for these present in violation of its phrases. The substantial penalties can assist stop cybersecurity dangers and should function a deterrent to organisations tempted to violate the regulation. They will probably be extra prone to adjust to the regulation in the event that they know that they might face vital monetary penalties.

Experts stated by proscribing organisations from covertly gathering private knowledge and enhancing transparency and accountability, the invoice creates a extra resilient defence in opposition to cyber threats. By implementing stringent technical measures, prioritising knowledgeable consent and facilitating fast breach notifications, the invoice holds the potential to curtail cyber threats.

Experts additionally imagine that whereas challenges persist, this legislative initiative provides a glimmer of hope within the ongoing battle to safeguard private knowledge in an more and more interconnected world.