ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (India report)

On Sale

SGD0.00

Free Download

Added to cart

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (India report)

Author: Dominic Paulger, Policy Manager (APAC), Future of Privacy Forum

Asian Business Law Institute and Future of Privacy Forum

August 2022

This report provides a detailed overview of relevant laws and regulations in India on

notice and consent requirements for processing personal data;
alternative legal bases for processing personal data which permit processing of personal data without consent if the data controller undertakes a risk impact assessment (e.g., legitimate interests); and
statutory bases for processing personal data without consent and exceptions or derogations from consent requirements in laws and regulations.

Table of Contents

1. INTRODUCTION

2. CONSENT AND PRIVACY SELF-MANAGEMENT IN THE IT ACT AND IT RULES

3. CONSENT AND PRIVACY SELF-MANAGEMENT IN THE DRAFT PERSONAL DATA PROTECTION BILL (“PDP BILL”) (WITHDRAWN)

4. CONDITIONS FOR CONSENT

4.1. Definition and forms of consent

a. IT Act and IT Rules
b. PDP Bill (Withdrawn)

4.2. Withdrawal of consent

a. IT Rules
b. PDP Bill (Withdrawn)

4.3. Bundled consent

a. IT Rules
b. PDP Bill (Withdrawn)

5. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

5.1. IT Rules

5.2. PDP Bill (Withdrawn)

a. Scope
b. Requirements

5.3. Children

a. IT Rules
b. PDP Bill (Withdrawn)

5.4. Cookies, Internet of Things, online tracking

5.5. Direct marketing

5.6. Biometric data

5.7. Genetic data

5.8. Financial information

5.9. Statistics and research

5.10. Pseudonymized data

5.11. Location data

6. CONSENT FOR CROSS-BORDER DATA TRANSFERS

6.1. IT Rules

6.2. PDP Bill (Withdrawn)

7. TRANSPARENCY AND NOTICE

7.1. IT Rules

7.2. PDP Bill (Withdrawn)

8. MANAGEMENT OF CONSENT

9. SANCTIONS AND ENFORCEMENT

9.1. IT Rules

9.2. PDP Bill (Withdrawn)

a. Fines
b. Liability to pay compensation

10. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

11. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT IN OTHER CIRCUMSTANCES DEFINED BY LAW

11.1. IT Rules

a. Collecting SPDI
b. Disclosing SPDI to a third party
c. Transferring SPDI across borders

11.2. PDP Bill (Withdrawn)

a. Processing personal data without consent
b. Exemptions from the PDP Bill

You will get a PDF (5MB) file

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (India report)

1. INTRODUCTION

2. CONSENT AND PRIVACY SELF-MANAGEMENT IN THE IT ACT AND IT RULES

3. CONSENT AND PRIVACY SELF-MANAGEMENT IN THE DRAFT PERSONAL DATA PROTECTION BILL (“PDP BILL”) (WITHDRAWN)

4. CONDITIONS FOR CONSENT

4.1. Definition and forms of consent

4.2. Withdrawal of consent

4.3. Bundled consent

5. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

5.1. IT Rules

5.2. PDP Bill (Withdrawn)

5.3. Children

5.4. Cookies, Internet of Things, online tracking

5.5. Direct marketing

5.6. Biometric data

5.7. Genetic data

5.8. Financial information

5.9. Statistics and research

5.10. Pseudonymized data

5.11. Location data

6. CONSENT FOR CROSS-BORDER DATA TRANSFERS

6.1. IT Rules

6.2. PDP Bill (Withdrawn)

7. TRANSPARENCY AND NOTICE

7.1. IT Rules

7.2. PDP Bill (Withdrawn)

8. MANAGEMENT OF CONSENT

9. SANCTIONS AND ENFORCEMENT

9.1. IT Rules

9.2. PDP Bill (Withdrawn)

10. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

11. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT IN OTHER CIRCUMSTANCES DEFINED BY LAW

11.1. IT Rules

11.2. PDP Bill (Withdrawn)

You Might Also Like

Data Embassies - Purposes, Features and Limitations