A report of the Joint Committee of Parliament on the Personal Data Protection Bill has been tabled in Lok Sabha and Rajya Sabha.<\/span><\/p>\n The committee has recommended the formation of a Data Protection Authority (DPA).<\/span><\/p>\n The Data Protection Authority (DPA) will be dealing with privacy and personal data as well as non-personal data.<\/span><\/p>\n The Chairperson and the members of the DPA shall be appointed by the Union government<\/strong> based on the recommendation of a selection committee<\/strong> chaired by the Cabinet Secretary<\/strong>.<\/span><\/p>\n Other members of the committee would be the Attorney General of India, the IT and law secretaries. <\/span><\/p>\n Nominated members<\/strong>: An independent expert and a director each from the IIT and the IIM will be nominated by the Centre.<\/span><\/p>\n In case of a data leak, the DPA should be notified within 72 hours<\/strong> of the company becoming aware of the breach.\u00a0<\/span><\/p>\n The DPA shall then take into account the personal data breach and the severity of harm that may be caused to the persons whose data has been leaked. Accordingly, it will ask the company to report it and take appropriate remedial measures.<\/span><\/p>\n If the company fails to take prompt and appropriate action<\/strong> following a breach, does not conduct a data audit or does not appoint a data protection officer, <\/span><\/p>\n –<\/strong> it should attract a penalty of up to Rs 5 crore or 2% of the total worldwide turnover of the preceding financial year, whichever is higher.<\/span><\/p>\n Further, if a company violates the provisions of processing personal data or data of children, or transfers data outside India against the prescribed rules,<\/strong> <\/span><\/p>\n –<\/strong> it shall be fined up to Rs 15 crore or 4% of its total worldwide turnover of the preceding financial year, whichever is higher.<\/span><\/p>\n For government departments<\/strong>, the liability in case of data breach will not be directly placed with the head of the departments. <\/span><\/p>\n –<\/strong> The head of the government department will first conduct an in-house probe<\/strong> to determine the officer responsible for the violation, and only then will the liability be decided.<\/span><\/p>\n If a person intentionally<\/strong> and without the consent of data fiduciary or data processor re-identifies personal data which has been de-identified will face<\/p>\n –<\/strong> a jail term of up to 3 years or a fine of up to Rs 2 lakh or both Source:<\/b> This post is based on the article <\/span>\u201c<\/b>Data breach to be reported in 72 hours: House joint panel<\/b>\u201d<\/b> published in Indian Express<\/strong><\/span>\u00a0<\/b>on 17<\/b>th<\/b><\/sup> Dec 2021.<\/b><\/p>\n","protected":false},"excerpt":{"rendered":" What is the news? A report of the Joint Committee of Parliament on the Personal Data Protection Bill has been tabled in Lok Sabha and Rajya Sabha. The committee has recommended the formation of a Data Protection Authority (DPA). What will be the purpose of the Data Protection Authority (DPA)? The Data Protection Authority (DPA)… Continue reading Data breach to be reported in 72 hours: House joint panel<\/span><\/a><\/p>\n","protected":false},"author":10317,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1566,9],"tags":[10500],"class_list":["post-154207","post","type-post","status-publish","format-standard","hentry","category-daily-factly-articles","category-public","tag-indian-express","entry"],"jetpack_featured_media_url":"","views":{"total":0,"cached_at":"","cached_date":1704924227},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/154207","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10317"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=154207"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/154207\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=154207"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=154207"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=154207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}What will be the purpose of the Data Protection Authority (DPA)?<\/b><\/h5>\n
Composition of DPA<\/b><\/h5>\n
How will the DPA work?<\/b><\/h5>\n
What penalties and punishments have been recommended in the report?
\n<\/b><\/h5>\n
\n<\/span><\/p>\n