Adhar based consent for children goes online
- December 17, 2023
- Posted by: OptimizeIAS Team
- Category: DPN Topics
No Comments
Adhar based consent for children goes online
Subject :Polity
Section: Legislation in news
Context: Adhar based consent for children goes online
More about the news:
- The Union Ministry of Electronics and IT in India is planning to consult industry stakeholders on proposed data protection rules to operationalize the Digital Personal Data Protection Act.
- The rules include using an Aadhaar-based system to verify children’s age for online services and obtain parental consent.
- Additionally, a two-stage notification process for tech companies to inform users about data breaches is suggested.
- The rules may recommend using parents’ DigiLocker app or an electronic token system for age verification, subject to government authorization.
- The closed-door consultation is scheduled for December 19.
Some facts about Digital Personal Data Protection Act 2023,(DPDP Act)
- The DPDP Act is India’s comprehensive legislation for personal data protection. Enacted in 2023, it regulates the processing of personal data and establishes the rights of individuals over their data.
- Key features include:
- Scope:
- Applies to organizations processing personal data of individuals in India.
- Applicable to entities both within and outside India, if they process data of individuals in India.
- Consent:
- Allows data processing without explicit consent in specific cases, such as contractual obligations or public interest.
- Emphasizes the right to be forgotten and the right to erasure.
- Data Localization:
- Does not mandate the storage of personal data within India.
- Provides for the cross-border transfer of data, subject to certain conditions.
- Data Breaches:
- Requires organizations to notify the Data Protection Board and affected individuals within 72 hours of becoming aware of a data breach.
- Establishes obligations for data fiduciaries to implement security safeguards.
- Penalties:
- Imposes fines up to INR 200 crores for non-fulfilment of obligations for children
- Imposes fines up to INR 250 crores for violations.
- Includes penalties for failure to conduct a data impact assessment or follow breach notification procedures.
- Lower age of consent:
- The Bill gives powers to the central government to prescribe a lower age of consent than 18 years for accessing Internet services without parental consent if the platform they are using can process their data in a “verifiably safe manner”.
Some important cases w.r.t to data protection:
- State of Tamil Nadu v. Suhas Katti (2004): This case played a crucial role in encouraging citizens nationwide to report instances of online abuse.
- Amar Singh v. Union of India (2011): This case is significant in the context of Sections 69, 69A, and 69B of the IT Act, 2000. The court emphasized that service providers must validate the legitimacy of government orders authorizing phone tapping to prevent unlawful call interception. The court further directed the central government to establish specific directives and rules.
- Shreya Singhal v. Union of India (2015): The Supreme Court declared the entire Section 66A unconstitutional, asserting that its provisions went beyond reasonable restrictions under Article 19(2) of the Indian Constitution concerning protection against annoyance, inconvenience, danger, obstruction, insult, injury, and criminal intimidation.
- Justice K.S. Puttaswamy (Retd) v. Union of India (2017): This landmark case affirmed the right to privacy as a constitutionally protected right in India.
- Praveen Arimbrathodiyil v. Union of India (2021): Various companies, including WhatsApp, Quint, LiveLaw, and the Foundation for Independent Journalists, challenged the 2021 regulations in this case. The judgment’s outcomes will influence the future trajectory of Indian information technology law, and the case is currently pending before the Supreme Court for listing.