The Digital Personal Data Protection Act, 2023 | Penalties | Redhat Openshift & Security | Google Alerts

Vanakkam all

In current #ai world, how an individual can have control over to their personal data, how to understand the processing of their personal data by companies ?

Inline with this, last year 11th August 2023 the following act of Parliment received the assent of the President – ‘THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023’. An Act to provide for the processing of digital personal data in a manner that recognises both the right of individuals to protect their personal data and the need to process such personal data for lawful purposes and for matters connected therewith or incidental thereto.

As per the DPDP Act :

(t)“personal data” means any data about an individual who is identifiable by or

in relation to such data;

(u) “personal data breach” means any unauthorised processing of personal

data or accidental disclosure, acquisition, sharing, use, alteration, destruction or loss of access to personal data, that compromises the confidentiality, integrity or availability of personal data

Know your rights :

Rights and duties of data principal: An individual whose data is being processed (data principal), will have the right to:

(i) obtain information about processing,

(ii) seek correction and erasure of personal data,

(iii) nominate another person to exercise rights in the event of death or

incapacity, and

(iv) grievance redressal

Real time example:

This week, A Leading AI Law Expert questioned the website company about how his personal data are being processed after he signed in to the website. Due to his doubts after signing in, he demanded for the rights to access the data processing areas specifically to his personal data. The company immediately accepted and passed on the request to their IT team to provide the access. Probably due to his designation and popularity, immediate action was taken.

As a common man, how many of us are aware of our rights? Time for every citizens to know their rights, how their personal data is being processed and right to question.

Google Alerts :

Setting up Google Alerts for your name or personal information is a straightforward yet effective strategy for monitoring your digital footprint. Google Alerts is a free service that notifies you via email whenever new results—such as web pages, newspaper articles, or blogs—appear in Google’s search results for the terms you specify. Try and post your comments if its really working and helps to prevent wrongful usage of your personal data –

Penalties as per the DPDP act :

As per ‘The Schedule’ section, depending upon the severity of the breach , the penalty may vary between 10,000 to 50 crore.

Redhat Openshift & Security :

#RedhatOpenshift, a leading enterprise #Kubernetes platform, offers several features and capabilities that can be leveraged to enhance personal data protection, especially in the context of organizations managing and processing personal data in compliance with regulations like the Personal Data Protection Bill (PDPB) in India.

1. Data Security and Encryption – Encrypt data at rest and in transit

2. Access Control and Authentication (RBAC)

3. Network Policies (Allow, deny network traffic)

4. Container Image Security (Scanning images)

5. Automated Compliance Policies (Policy Management Tools)

While OpenShift provides the technical capabilities to support personal data protection, successful implementation also depends on how organizations configure and use these features. Proper configuration of security settings, proper management of access controls, regular auditing, and adherence to best practices in application development are essential to fully leverage OpenShift’s capabilities for data protection.

Whats next : Lets discuss about the Redhat Openshift features above with an example and technical nuances.