- Home
- Prelims
- Mains
- Current Affairs
- Study Materials
- Test Series
EDITORIALS & ARTICLES
Data security has assumed significant importance in the digitized world due to rising cyber crimes. The Justice B.N. Srikrishna Committee Report addresses issues related to data security. What, in your view, are the strengths and weaknesses of the Report relating to protection of personal data in cyber space?. (UPSC IAS Mains 2018 General Studies Paper – 3)
The threat from cyber crime is multi-dimensional, targeting citizens, businesses, and governments at a rapidly growing rate. The Committee under the chairmanship of Justice B. N. Srikrishna was constituted to examine issues related to data protection, recommend methods to address them, and draft a data protection law. The objective was to ensure growth of the digital economy while keeping personal data of citizens secure and protected. The report inter alia presented a draft Personal Data Protection Act.
Strengths of the Report
- The Committee noted that consent is treated as one of the grounds for processing personal data.
- One in three internet users across the world is children under the age of 18. A data protection law must sufficiently protect their interests, while considering their vulnerability, and exposure to risks online.
- It discussed the principle where personal data must be collected for a specified purpose only.
- One of the principles of data protection is that a person whose data is being processed should be able to influence the processing. This includes the right to confirm, access, and rectify the data.
Weakness of the Report
- Who owns the data of the individuals is a question not answered by the Committee as against the TRAI recommendation that ownership of data must rest with the individual.
- Globally, the right to be forgotten refers to the right to erase data. Srikrishna panel, says “...data principal shall have the right to restrict or prevent continuing disclosure of personal data by a data fiduciary related to the data principal where such disclosure has served the purpose for which it was made or is no longer necessary; was made on the basis of consent... and such consent has since been withdrawn; was made contrary to the provisions of this Act or any other law made by Parliament or any State Legislature.”
- On data breach, the Committee recommended that such a breach must first be reported to the Authority. This suggestion has been criticized and it is argued that it should be first reported to the subject of the breach instead.