Dire times call for ingenious, and often, radical measures. The COVID-19 pandemic, which has led to actions being taken under the Epidemic Diseases Act, 1897, and the Disaster Management Act, 2005, in India, is one such unprecedented and grim event. While governments and health workers all over the world are grappling to curb the spread of the virus, it has been realised that surveillance of affected persons is of paramount importance in order to assess and implement preventive and control measures.

Data tracking and analysis has emerged as an unlikely hero. This analysis has enabled governments to implement measures to stop the pandemic at its source and to prevent deaths, social disruption, unnatural burden on the healthcare system and economic loss. As government authorities are required to control the pandemic not only in their own country, but also understand how the same is evolving in other countries, governments all over the world have taken the stance that free flow of information that is updated in real time will allow for the formation of a steady global picture and help in curbing the spread of the pandemic.
Continue Reading Double Trouble in 2020 – Tackling COVID-19 while Protecting the Right to Privacy

data privacy protection bill India

We are moving towards a data centric world, and “data is the new oil”[1]. And few would disagree that a key debate today in finance is ‘trust and privacy vs. using data for business growth’. As modern day businesses look to adapt themselves to generate revenue from customer related data, regulators across the world are grappling with the formulation of effective laws to regulate the data-driven economy. Given the relative novelty of the concept, regulators are reflecting on fundamental questions such as the right to privacy, property rights over data and the right to use the collected data.

In India, the Reserve Bank of India (“RBI”) has been fairly forward looking, by passing various regulations and constituting a host of committees to address issues ranging from cyber security to customers data protection norms.[2] In almost all its regulations, RBI has adopted a data privacy framework similar to the one advocated by the Justice BN Srikrishna Committee in its Personal Data Protection Bill, 2018 (“DP Bill”) – an amalgamated framework consisting of consent-and-notice and the vesting of certain rights with the originators of such information.[3] Undoubtedly, the DP Bill will have an impact on the manner in which data is collected, processed and shared by the financial industry. With this as the background, the authors seek to analyse the impact of the DP Bill on businesses engaged in the financial sector.
Continue Reading In the throes of Data Protection (and the associated woes) lies the business of trust