On November 18, 2022, when the Ministry of Electronics and Information Technology (“MEITY”) tabled an entirely new draft Digital Personal Data Protection Bill, 2022 (“Draft”)[1], the concerns around one section, namely Section 17 dealing with cross-border data transfers, were perhaps more pronounced than the shock which accompanied the withdrawal of a long debated previous draft.Continue Reading A Fine Balance:The DPDA and Data Localization
In the culmination of a decade long process,[1] the Digital Personal Data Protection Bill, 2023 (“Bill”)[2] was passed before the Lok Sabha on August 7, 2023.
While the important subject matter of the Bill, its long legislative history, and the widely publicised dissents in the Parliamentary Standing Committee[3] portend that it may not pass unchanged, its enactment seems likely within the next few weeks or months.
Further, given its relatively concise nature and, the limited rulemaking and regulatory framework that is needed to enable it, it seems likely that while the Bill will be brought into force in a phased manner,[4] operative portions of it may come into effect relatively quickly.Continue Reading Preparing for the DPDA
The Digital Personal Data Protection Bill, 2023 (“Bill”)[1] tabled before Parliament on August 3, 2023 is the culmination of a decade long process for evolving general data protection regime for India.
By withdrawing an elaborate, prescriptive draft which was under consideration by Parliament until 2021, to introducing a new, lean, principles based draft for consultation on November 18, 2022 (“Draft”),[2] and then engaging an extensive consultation process which reportedly involved in excess of 20,000 submissions,[3] and several dozen discussions involving personal participation at the highest levels of the Ministry, the Ministry of Electronics and Information Technology has set the stage for the evolution and adoption of a customized and Indian legislation that seeks to find a balance between enabling ease of doing business, and protecting sovereign imperatives and citizens’ rights, which has proved elusive globally.[4] Continue Reading The DPDP Bill Overview: A New Dawn for Data Protection in India
The immunity granted under Section 79(1) of the Information Technology Act, 2000 (“the Act”) to intermediaries, commonly referred to a ‘safe harbour provision’, is not absolute. Non-compliance with an order under Section 69A is one such instance when the immunity erodes[1].
Section 69A empowers the government to issue directions to government agencies or intermediaries to block public access to any information generated, transmitted, received, stored or hosted in any computer resource, if it falls under any of the grounds of concern mentioned in Section 69A itself (discussed below in detail).Continue Reading The Twitter Verdict: Examining The Efficacy Of Section 69a In The Background Of Karnataka High Court’s Latest Decision
The last few years have seen an unprecedented rise in digital payment transactions via Payment Aggregators (“PA”), Payment Gateways (“PG”), and Unified Payments Interface (“UPI”), via third-party application providers (TPAPs), with PAs undergoing licensing by the Reserve Bank of India (“RBI”), under the March 17, 2020, RBI PA/PG Guidelines. Retail payments historically would flow via NEFT/ RTGS/ IMPS, etc. However, UPI has now become the preferred payment mode for online payments, constituting a significant volume of small ticket retail payments in India, which is mostly via PAs. The payment architecture, which was earlier ‘card network’ driven via entities licensed under the Payment and Settlement Systems Act, 2007 (as a ‘payment system operator’), is increasingly moving towards PA/PGs, including for digital asset exchanges, online shopping, check-out financing and digital lending (where significant changes have been implemented by the RBI recently, including via the September 2022 Digital Lending Guidelines).Continue Reading FIG Paper (No. 18 – Series 1)- Technology/ Financial Services – Recent Law Enforcement Trends
In a progressive move, the Ministry of Electronics and Information Technology (MeitY) has notified[1] a modification to the Information Technology Act, 2000 (“IT Act”), which opens new doors for electronic execution of contracts.Continue Reading Electronic Execution of Contracts – A step towards Digital India
On April 28, 2022, the Indian Computer Emergency Response Team (“CERT-In”) under the Ministry of Electronics and Information Technology issued extensive directions to service providers, intermediaries, companies, firms, and government organisations (collectively, “Entities”, and each an “Entity”) specifying various ‘cyber security directions’ that they are required to follow (“Directions”)[1].Continue Reading The Cert-In Cyber Security Directions: More Questions Than Answers?
In recent years, in line with global trends, India’s growth has been fuelled by technology and platform economy, with physical moving towards digital and ‘phygital’.Continue Reading FIG Paper (No. 10: Series -1) RBI’s New FinTech Department: Industry Implications & Future
In this digital age, it may not be out of place to say that data has replaced oil as the most valuable resource. The advancement of technology has led to the emergence of a new species of extortion, where ransom is sought in lieu of data, which is illegally assumed control over. This phenomenon is popularly known as a ransomware attack. A ransomware attack includes a malware that is introduced onto the host’s computer or mobile, thereby encrypting its data, with a subsequent demand for a ‘ransom’ for decryption of the same, to secure its release[i].Continue Reading Digital Age Warfare: Ransomware Attacks
With the intent of putting India on the map as a lead battery storage producer, the Department of Heavy Industries (“DHI”) had notified the Production-Linked Incentive, ‘National Program on Advanced Chemistry Cell (ACC) Battery Storage’ (“PLI-ACC Scheme”) in June, 2021.[1] The PLI-ACC Scheme has been developed to boost the Prime Minister’s vision of ‘Atmanirbhar Bharat’ and is one of the thirteen schemes approved by the Union Government.[2] It aims to encourage domestic and foreign investors to invest in setting up giga-scale ACC manufacturing facilities in India.Continue Reading Analysis of PLI ACC Scheme for ACC Battery Storage