As IRCTC Mulls Data Monetisation, There Is an Urgent Need for Data Privacy Rules

Both these moves have sparked a new line of debate about the data privacy issues. The recent withdrawal of the Personal Data Protection Bill by the government, citing more comprehensive legislation, has also triggered concerns as data privacy remains guided by the provisions of the Information Technology Amendment Act 2008 and the related rules of 2011, and are found to be wanting in many places due to the progress in data capture technology and the susceptibility of misuse. Incidents of data theft from various organisations despite the security measures also create a sense of fear among consumers. Ever since the judgment in the Justice KS Puttaswamy vs Government of India case, delivered in August 2017, where privacy has been enshrined as a fundamental right under articles 14, 19, and 21 of the Constitution of India, the realisation has been there among citizens to seek clear definition of how data would be collected and handled. Further data security concerns within the establishment also have titillated the government to push for data localisation provisions which are already being implemented as far as financial data is concerned.