By Sahil Chopra, Founder & CEO- iCubesWire
FREE. FREE. FREE? Given the empowering nature of social media, you may confuse the liberties you enjoy so much free of charge. Time isn’t the only priceless expense you bear online, but also the currency of the highest value: your data.
Last year, when the government released new IT rules for digital and OTT platforms, a wave of relief washed over millions of users. Habitual of learning our lessons the hard way, we finally acknowledged the need for foreign companies to comply with the new Indian laws to make the internet a safer place for the 749 million internet users in India.
Amidst the demise of third-party cookies and the end of companies building stacks of information about you, we are still figuring out a way to navigate through privacy regulations. However, the future of data protection looks hopeful with the upcoming data privacy regulations globally. According to a Forbes report, Fortune 500 and FTSE 350 companies will spend around $9 billion to comply with General Data Protection Regulation.
The digital age is driven by technological advancements taking place faster than the blink of an eye. While businesses are leaping towards digital and struggling to keep pace with the transition, India became susceptible to cyberattacks, not sparing even the people in power. This was a wake-up call to the regulatory bodies in charge to stay on their toes and immediately strengthen data protection.
With the country witnessing aggressive digital growth, India’s Personal Data Protection Bill (PDPB) has arrived just in time to govern data privacy and protection effectively.
• The PDPB keeps customer consent at the core of data privacy, which means companies must provide prior notice for permission of the individual to use an individual’s data.
• The bill has placed several restrictions, from mitigating the ways to gather data to only collecting data mandatory to avail a service.
• With data localization practices becoming commonplace, appointing a data protection officer within firms is of prime importance.
• Allowing a separate entity, the Data Protection Authority of India (DPA), to safeguard and regulate the use of your confidential data.
Way before PDPB came into force, organizations became more vigilant towards data protection and privacy, eliminating any discrepancies in the organization’s privacy framework. A study reports that nearly 8 out of 10 US companies took steps to comply with the GDPR.
Here are some steps that Indian enterprises can take:
Data segmentation: An efficient security strategy must educate the audience about the types of data collected and personal information processes to enable further processes. Answering essential questions such as 1. The location of the data stored 2. Duration for which the data is stored 3. People having access to the data. Staying informed gives an edge to firms and achieve compliance with new rules and regulations.
Data protection against breaches: Regularly monitoring high-risk sources such as e-mails webpages, and more, secures your business against potential threats and protects crucial business data. The PDPB makes way for seamless exchange of information without any data loss or hindrance in the communication process by eliminating any compromising data and ensuring compliance.
Personal stays personal: Listing personal data as classified information requires the data to be safeguarded on a sharing ecosystem to establish end-to-end data security. Organizations and individuals must enable encryption to protect business-sensitive data while being shared with others. The PDPB brings in a set of rules for processing sensitive personal data to encourage organizations and individuals to value data.
We are still in the nascent stages of building a robust data privacy framework and standardizing data collection, usage, storage, and transmission. The pandemic scenario accelerated the growth of digital in the country, with most companies taking their business online. The need of the hour is to take a comprehensive approach with PDPB to ensure data security to stay immune to data breaches, cyber-attacks and other potential threats.