• 9964432222
  • Mail Us
  • Appointment
  • Locate Us
  • Chat Now
  • Courses
  • Login
  • Register
Manifest IAS
JournalsOfIndia
Manifest Learning Academy
  • Home
  • SNIPPETSfor Prelims
  • ARTICLESfor Mains
  • BROWSEBY SOURCE
  • DOWNLOADS
No Result
View All Result
  • Home
  • SNIPPETSfor Prelims
  • ARTICLESfor Mains
  • BROWSEBY SOURCE
  • DOWNLOADS
No Result
View All Result
JournalsOfIndia
No Result
View All Result
Home Law & Policy

Privacy by Design

February 8, 2021
in Law & Policy
Reading Time: 7 mins read
0
Privacy by Design
550
VIEWS
Share on WhatsAppShare on TelegramShare on Facebook
image_pdfMake PDF

Today is the age of universal and virtually free access to the internet. Here, data is the new currency. What is even more intriguing is that the full potential of the data is not known. As technology progresses, newer applications emerge enhancing the value of the data. However, India does not have a comprehensive legislation which deals with data protection and privacy. Ensuring privacy of all persons in the digital age has become an important issue.

In news: Privacy by Design provision in the PDP bill
Placing it in syllabus: Law & Policy

Dimensions

  • What is Privacy By Design?
  • Advantages of Privacy by Design
  • Sri Krishna Committee Recommendations on it
  • Provisions on Privacy By Design under the PDP Bill

Content:

What is Privacy by Design?

  • The privacy by design framework was published in 2009 and adopted by the International Assembly of Privacy Commissioners and Data Protection Authorities in 2010.
  • Privacy by design calls for privacy to be taken into account throughout the whole engineering process. The concept is an example of value sensitive design, i.e., taking human values into account in a well-defined manner throughout the process.
  • Privacy by Design is an idea that the future of privacy cannot be assured solely by compliance with legislation and regulatory frameworks; rather, privacy assurance must become an organization’s default mode of operation.
  • The approach suggests that privacy must be incorporated into networked data systems and technologies, by default.  It challenges the practice of enhancing privacy as an afterthought.
  • The Privacy by Design framework employs an approach that is characterized by proactive rather than reactive measures. It anticipates and prevents privacy invasive events before they happen. 
  • Privacy concerns must be embedded into a design in its initial stage and throughout the life cycle of the product
  • While Privacy by Design is a conceptual framework, it’s application can change the way digital platforms are created and the way in which people interact with them.
  • From devising a business model, to making technological decisions, Privacy by Design principles can make privacy integral to the processes and standards of a digital platform.
  • Privacy by Design does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred.
  • It aims to prevent privacy risks from occurring. In short, Privacy by Design comes before-the-fact, not after.

Privacy by design is based on seven “foundational principles”:

  • Proactive not Reactive; Preventative not Remedial:  Privacy by design is conceptualised to occur before-the-fact, not after. It is intended to prevent privacy invasions before they occur and not after.
  • Privacy as the Default Setting: Privacy by design is aimed to ensure maximum privacy by ensuring that personal data is automatically protected in any given IT system or business practice and no further action is required on the part of the individual to protect their privacy as it is built into the system, by default.
    • Privacy Embedded into Design: This principle involves building protection mechanisms for privacy protection while designing the hardware or software itself.
  • Full Functionality — Positive-Sum, not Zero-Sum: Privacy by design intends to incorporate all legitimate situations or objectives and avoid questions such as privacy vs. security, by trying to cater to both interests.
  • End-to-End Security — Full Lifecycle Protection: Privacy by design ensures that all data is securely collected, retained, and then securely destroyed at the end of the life cycle, in a timely fashion.
  • Visibility and Transparency— Keep it Open: Privacy by design intends to make its operations and processes involved visible and transparent, to users and providers alike.
  • Respect for User Privacy — Keep it User-Centric Above All: Privacy by design requires data processors and fiduciaries to incorporate protection measures for ensuring user privacy and accessibility, such as strong privacy defaults, appropriate notice, and empowering user-friendly options.

Advantages of Privacy by Design:

Creating systems, products, processes and projects with privacy at the outset can lead to numerous benefits, such as:

  • Privacy by design is an essential tool to reduce privacy risk and build trust. 
  • Identifying potential problems at early stage and address these problems easily promptly
  • Increasing the awareness of data protection and privacy across organization
  • Meeting legal obligations instead of breaching data protection act.
  • Avoiding privacy intrusive actions that may have negative impacts on people.

Sri Krishna Committee Recommendations on Privacy by Design:

  • The Justice Sri Krishna Committee Report on Data Protection commented upon incorporating organisational measures, broadly designed as ‘privacy by design’.
  • It aimed to establish data handling practices in an organisation in a manner ensuring compliance with law by minimising or eliminating adverse impacts on privacy. 
  • Further, the Committee suggested establishing an accountability framework for certain data fiduciaries, which may be making evaluative decisions through automated means, to set up processes to eliminate unlawful processing of data.
  • The report urged the Data Protection Authority (DPA) to consider Privacy by Design and other best practices to lay down precise obligations for data fiduciaries so as to ensure strict compliance with the law. 
  • It recommended that the DPA conduct capacity building exercises to create skilled professionals in order to implement a ‘design-thinking‘ approach. 

Provisions on Privacy By Design under the PDP Bill:

  • The Personal Data Protection Bill, 2019 (“PDP Bill”) introduces the concept of privacy by design policy for the first time in the Indian legislation governing data protection and privacy laws.
  • The PDP Bill was introduced in the Lok Sabha on December 11, 2019 by the Minister of Electronics and Information Technology. 
  • The Bill aims to provide for protection of personal data of individuals, and establishes a Data Protection Authority for the same
  • The PDP Bill, 2019 contains several clauses that have implications on the visual design of digital products. 
  • These include the specific requirements for communication of notice and consent at various stages of the product. 
  • The Bill also introduces the Privacy by Design policy.
  • The PDP Bill provides for privacy by design policy under Chapter IV. Section 22(1) of the PDP Bill provides that every data fiduciary must prepare a privacy by design policy. 
  • This policy must contain the following components:
    • the managerial, organisational, business practices and technical systems designed to anticipate, identify and avoid harm to the data principal;
    • the obligations of data fiduciaries;
    • the technology used in the processing of personal data in accordance with commercially accepted or certified standards;
    • the legitimate interests of businesses including any innovation is achieved without compromising privacy interests;
    • measures for protection of privacy throughout processing from the point of collection to deletion of personal data;
    • ensuring processing of personal data in a transparent manner; and
    • ensuring the interest of the ‘data principal’ (i.e. individual whose data is being used) is accounted for at every stage of processing of personal data.
  • Section 22(2) of the PDP Bill provides that the data fiduciary must submit the privacy by design policy to the relevant authority for certification in the period and manner to be prescribed,  subsequent to which the said policy must be published on the website of the data fiduciary and the relevant authority.
  • The PDP Bill states that data fiduciaries are required to prepare a Privacy by Design policy and have it certified by the Data Protection Authority. 
  • According to the Bill, the policy would contain the managerial, organisational, business practices and technical systems designed to anticipate, identify and avoid harm to the data principal.
  • Privacy by Design Policy would mention if the technology used in the processing of personal data is in accordance with the certified standards.
  • It would also comprise of the ways in which privacy is being protected throughout the stages of processing of personal data, and that the interest of the individual is accounted for in each of these stages.
  • Once certified by the Data Protection Authority, the data fiduciaries are also required to publish this policy on their website
  • This forces the data fiduciaries to envision privacy as a fundamental requirement and not an afterthought. 
  • Such a policy would have a huge impact in the way digital platforms are conceptualised, both from the technological and the design point of view. 
  • The privacy by design policy provided in the PDP Bill in its present state, resembles the seven principles enunciated by the Privacy Commissioner of Ontario, Canada.

Mould your thought: What is privacy by design? How is it being implemented in India?

Approach to the answer:

  • Introduction
  • Define Privacy by Design and mention its advantages
  • Mention the Sri Krishna Committee Recommendations
  • Write the provisions related to them in PDP Bill
  • Conclusion
image_pdfMake PDF
Source: The Hindu
Tags: GS-2MainsNews Paper

Related Posts

India’s nuclear liability law

India’s nuclear liability law

April 29, 2023
Right to to Default Bail is a Fundamental Right

Right to to Default Bail is a Fundamental Right

April 29, 2023
Triple tests for Altruistic surrogacy

Triple tests for Altruistic surrogacy

April 29, 2023
National Medical Devices Policy- 2023

National Medical Devices Policy- 2023

April 28, 2023
SUPREME initiative

SUPREME initiative

April 28, 2023
The National Health Accounts Estimates report for India (2019-20)

The National Health Accounts Estimates report for India (2019-20)

April 27, 2023
50 years of Kesavananda Bharati case

50 years of Kesavananda Bharati case

April 24, 2023
Animal Birth Control(ABC) Rules, 2023

Animal Birth Control(ABC) Rules, 2023

April 22, 2023
Sangathan Se Samridhhi campaign of DAY-NRLM

Sangathan Se Samridhhi campaign of DAY-NRLM

April 20, 2023
UGC’s National Credit Framework

UGC’s National Credit Framework

April 14, 2023
Please login to join discussion

Our Offline Classroom Student

CONGRATULATIONS TO 2021 TOPPERS !!!

Rank 171 Kumar Shivashish
Rank 250 Sahithya
Rank 263 Sumit Kumar Thakur
Rank 311 Deepak Ramachandra Shet
Rank 455 Ravinandan B M

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    

Browse by Category

  • Agriculture
  • Disaster Management
  • Economy
  • Environment
  • Ethics
  • Foreign Affairs
  • Geography
  • Governance
  • History
  • Law & Policy
  • Opinion
  • People in News
  • Places in News
  • Science & Tech
  • Security
  • Society
  • Sports
  • Uncategorized

Browse by Tags

AIR All India Radio BBC Business Line Business Standard dow Down to Earth DownToEarth DTE Economic Times ET FAO Financial Express GS-1 GS-2 GS-3 GS-4 Hindustan Times IE India & the world Indian express Indiatoday India today Kurukshetra Livelihoods portal LiveMint Mains News Newspaper News Paper PIB Prelims PRS India RSTV Science Reporter Survey The Hindu The India Express The Indian Express The Print the wire Times of India TOI TOPPERS Yojana
JournalsOfIndia

Our vision is to orient the readers to grasp the facts objectively and analyse critically. In the rush of reaching first to the readers, the websites miss the balanced opinion, which is the need of the hour. We aim to reach the readers with more crispness, preciseness and relevance. We bring the articles in UPSC way for the civil services aspirants and the Wisest Way for general readers.

Categories

  • Agriculture
  • Disaster Management
  • Economy
  • Environment
  • Ethics
  • Foreign Affairs
  • Geography
  • Governance
  • History
  • Law & Policy
  • Opinion
  • People in News
  • Places in News
  • Science & Tech
  • Security
  • Society
  • Sports
  • Uncategorized

Browse by Tag

AIR All India Radio BBC Business Line Business Standard dow Down to Earth DownToEarth DTE Economic Times ET FAO Financial Express GS-1 GS-2 GS-3 GS-4 Hindustan Times IE India & the world Indian express Indiatoday India today Kurukshetra Livelihoods portal LiveMint Mains News Newspaper News Paper PIB Prelims PRS India RSTV Science Reporter Survey The Hindu The India Express The Indian Express The Print the wire Times of India TOI TOPPERS Yojana

Newsletter

The most important UPSC news and events of the day.

Get Journals daily newsletter on your inbox.

© 2020 JournalsOfIndia - A free initiative by Manifest Team.

  • Login
  • Sign Up
  • Home
  • SNIPPETS
  • ARTICLES
  • BROWSE
  • DOWNLOADS
No Result
View All Result

© 2020 JournalsOfIndia - A free initiative by Manifest Team.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In