DATA PROTECTION LAWS: INCORPORATION OR REJECTION IN THE INDIAN CONTEXT

Abstract

Technological advancements have produced numerous threats to human rights. One such threat is caused due to increasing use of computers in the contemporary society. Governmental organisations, websites and various other firms are now able to record a vast amount of personal information in the digital data banks. Individuals may suffer when information contained in these portals is inaccurate, inappropriate or is disclosed for an unauthorized purpose. In this paper I address the issues related to data protection and storage in digital data banks. In this paper I shall bring about a comparative analysis amongst a sample of countries i.e. Australia, Brazil, Canada, China, France, Germany, Indonesia, Russia, South Korea and India on the basis of the data protection regulations prevalent in these respective countries. The countries in the above sample differ from one – another in terms of their levels of data transfer regulations and enforcement mechanisms. The primary focus in this paper is on the European Union General Data Protection Regulations as the Article 45 of the above -  mentioned document provides for an adequacy test for transfer of personal data to a third country. This test stipulates that personal data of EU subjects to non-EEA countries is not permitted unless those countries are deemed to have an “adequate” level of data protection. I shall also throw light upon the current state of data security in India, with special emphasis on the Information Technology Act and various other cyber security laws. Through the study of the above mentioned data, one can comprehend the applicability of such regulations to the Indian context. This paper also proposes certain recommendations in the field of data privacy. To conclude I would say that the issue of cross border flow of data is even more expansive than the jurisdictions we identify.