Should India follow European Union method of data protection? GDPR eliminates cyber threat; here's how
The European Union has taken stringent method in protecting citizen's data or in other words eliminate cyber threat. The EU-led the pack by enforcing GDPR into full-effect, thereby making a milestone in data protection laws across the union. Considering that the Narendra Modi government has been pushing digital payments since its inception, especially after demonetisation announcement, the government has introduced various initiatives like making Aadhaar card mandatory for a list of services etc., to make the country a cashless economy. While the government has been making its effort in shift to digitalisation, this has also created a concern on the back of massive cyber threats taking place on multiple occasions.
A credit bureau based in Mumbai named as CRIF Highmark has highlighted why it is necessary to adopt GDPR.
What is GDPR?
The General Data Protection Regulation (GDPR) is a control in the EU law aimed to standardize and strengthen citizen’s data protection rights across EU. It considers consumer to be the owner of the data, and organization has to obtain an affirmative consent from consumer to be able to use consumer’s data or allow consumer a right to delete it whenever consumer wishes to.
What is Personal Data?
Personal data is at the heart of the GDPR. ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). The definition is quite broad now, and includes identifiers such as genetic, biometric, health, ethnicity, financial standing, political opinions, IP Address etc.
Why is it necessary to adopt GDPR?
It is important to adopt GDPR to the fullest and avoid any breaches, as GDPR lays heavy financial penalties on non-compliant organizations. One also runs into a risk of loss of reputation. Further, Privacy by design is crucial for organisations also because it acknowledges the need to rethink cyber security processes. The threat of data breaches rises each year, and organisations have so far struggled to find effective solutions.
Adopting a privacy by design approach will increase organization’s awareness of privacy and data protection issues, helping them identify and address vulnerabilities promptly.
The advantages of GDPR
- Strengthen Your Cybersecurity
- Better Data Management
- Increase Marketing Return On Investment (ROI)
- Enhanced Audience Loyalty And Trust
- Be The First To Establish A New Business Culture
- What it means for India & Indian companies?
The new law will have both direct and indirect impact on Indian business and India’s legal approach to privacy and data protection. Evidently as the new law kicked in, companies across the world have updated their consent terms and privacy policies – therefore, many of us in India are getting these notification, even though it is not necessary in India as yet. While most Indian organizations are unaffected by GDPR, some Indian sectors such as IT, the outsourcing industry and pharmaceuticals might be hit by the GDPR as they have operations in EU markets.
Because of complexities involved in implementing GDPR, a new opportunity emerges for individuals and risk management companies to offer consulting and auditing services on GDPR. The new data protection framework being drafted under Justice Srikrishna Committee is likely to be influenced by the provisions under GDPR, and we may see similar need of data protection emerging for Indian businesses too