/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/post_banners/wp-content/uploads/2023/10/Navigating-fiery-landscape-of-data.jpg)
The new technology will have to contend with the new data protection law, stricter regulations and the risk of heavy fines. Plus a tsunami of litigations
The 5G era is a land of opportunities, but it is also a minefield of legal and cybersecurity challenges. To thrive in this landscape, stakeholders have to equip themselves with compliance and due diligence to navigate the fiery terrain of data protection and cybersecurity.
Data stakeholders have to understand the law’s nuances and differentiate between normal, personal and sensitive personal data.
That was what Dr Pavan Duggal, Chairman of the International Commission on Cyber Security Law and Advocate at the Supreme Court of India, chose to highlight as he addressed an electrifying session at the 5th edition of the Voice&Data Telecom Leadership Forum (TLF) conference. The event, themed “Shaping the Future of Connectivity”, was already buzzing with legends of the tech world, and Dr. Duggal’s address added fuel to the fire.
He began by addressing the 5G revolution, acknowledging its massive advantages and paradigm-shifting potential. He, however, didn’t shy away from shedding light on the darker side of this blazing ecosystem – the imminent rise of cybercrime and the reign of 5G fraudsters.
Dr Duggal warned that in this 5G era, terror and cybercriminal activities would surge, posing unprecedented challenges to stakeholders. Prime Minister Modi’s call to stay ten steps ahead of cybercrime seemed prophetic as Dr Duggal painted a picture of the escalating ransomware attacks plaguing India in the first half of 2023.
But the heart of the matter was the Digital Personal Data Protection Act, 2023, a game-changer of colossal proportions. “This law, though seemingly simple, is poised to have an enormous impact on the digital landscape. It is about personal data, and the good news is the Bill has been passed.” The not-so-good news? Its implementation was imminent.
The law has introduced three distinct concepts: data principal, data fiduciary and data processor. Every data belongs to data principals who are individuals. The entities determining how this data would be processed become data fiduciaries and data processors.
What sets this law apart is the need for explicit, written consent from data principals. No more verbal agreements or call centre permissions; it has to be written. Non-compliance could lead to staggering fines that may potentially cripple any company.
/vnd/media/post_attachments/wp-content/uploads/2023/10/Dr-Pavan-Duggal.jpg)
“The Digital Personal Data Protection Act, 2023, though seemingly simple, is poised to have an enormous impact on the digital landscape.”- Dr Pavan Duggal Chairman, International Commission on Cyber Security Law, and Advocate, Supreme Court of India
Dr Duggal highlighted that data stakeholders in the 5G ecosystem needed to identify and protect personal data meticulously. They have to understand the law’s nuances and differentiate between normal, personal and sensitive personal data. It was not just about speed and innovation; data protection is paramount.
The introduction of this law marks a significant shift, as previously, there were no stringent data protection regulations in India. However, the Supreme Court’s recognition of the Right to Privacy as an integral part of an individual’s Right to Life set the stage for this legislation.
Dr Duggal navigated the audience through the law’s intricacies, emphasising the need for stringent due diligence and compliance. He cautioned that the government would soon be armed with a new revenue stream in the form of hefty fines. The Rs 250 crore fine could fall like a sword, disrupting operations.
He urged stakeholders to create structures and processes in the 5G ecosystem to comply with the law’s requirements. The need for obtaining written consent and documenting compliance becomes the lifeline in this evolving landscape.
But the law was just the tip of the iceberg. Dr Duggal predicted a tsunami of litigations as India grappled with the conflicting provisions of the Digital Personal Data Protection Act and the Information Technology Act.
Intriguingly, the law has created two bubbles: one for corporates and the other for governmental agencies. The potential tension between the two spheres could further complicate matters.
Dr Duggal also touched on the right to erasure, which would be a challenge to implement in the rapidly evolving 5G landscape. He emphasised the need for cybersecurity, noting that the law fell short in addressing this aspect. Companies would still have to comply with cybersecurity regulations, adding another layer of complexity.
minus@cybermedia.co.in