The digital India initiative, coupled with the Government’s plan to boost emergence of start-ups in India points directly to an economy supported by the digital infrastructure. A swift shift to the information based economy requires a rapid alteration in the modus operandi of the businesses making this change as well. Transactions in the digital sphere are popular for their convenience and ease, but lately, importance is being drawn to the extensive personal information collected from various sources during these dealings and the lack of a uniform protocol regarding such collection, storage, disclosure, and protection of data. In addition, the alarming number of data breaches in the recent past have been a cause of concern in this entire model that functions on collection and sharing of data. Although, the digital model is built on data and information as the primary items of exchange between parties, the burden falls on the businesses to retain consumer’s privacy and security of the data, whilst adapting to the industry mechanics.
Keeping this in mind, SFLC.in, and Indian Institute of Management (IIM) Bangalore are organizing a roundtable on 4th August, 2016 from 2:00 pm to 5:00 pm at IIM Bangalore with the aim to discuss the many facets of privacy and data protection, with an emphasis on the point of view of businesses and the corporate stakeholders. Where the vast extent of data available to the business sector encourages the use of such information to innovate with the evolving technology, it should be balanced by a mindful approach towards the privacy of the individual whose personal information is being utilized. A consumer perspective in the age of massive data exchange would require an obligation for stringent consent, data sharing & protection thresholds before any personal information is collected. From the legal perspective, the Information Technology Act, 2000 and the Rules notified under the Act provide guidance and rules for corporate bodies to manage security and collection of personal sensitive data, which includes information such as passwords, financial information, and biometrics of an individual. However, for other identifiable demographic information such as name, address, email address, phone number that is collected on a larger scale, the Information Technology Act, 2000 merely mandates a privacy policy covering certain broad categories.