Author Archives: Vijayashankar Na

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance

What is the value of Educational data which is 40 years old?

In the recently reported data breach penalty issue in South Korea, Ewha Women’s University server was hacked and more than 80000 data sets are reported to have been leaked. According to the University, data was related to the students who … Continue reading

Posted in Cyber Law | Leave a comment

Universities hit by Data Protection Fines

Two Universities in South Korea have been fined for Personal Data Breaches with penalties amounting to $459000 (Jeobunk National university) and $253 million (Ewha University) following personal data breach . On July 28, 2024, the personal information of over 320,000 … Continue reading

Posted in Cyber Law | Leave a comment

HR Managers are Shadow DPOs

Organizations in India are debating on what are the credentials of a DPO who is emerging as one of the senior most executives in an organization reporting directly to the Board. Many companies would like to have a trusted person … Continue reading

Posted in Cyber Law | Leave a comment

The hue and cry about RTI Act being diluted by DPDPA is misplaced.

India has been trying to get the “Privacy Protection Act” since around 2006 when the Personal Data Protection Bill 2006 (See here) was first presented in the Parliament along with the Information Technology Amendment Bill 2008 which later became a … Continue reading

Posted in Cyber Law | Leave a comment

How Sound is DPDPA on Fundamentals

DPDPA 2023 has come into existence as a law on August 11, 2023. In January 2025 MeitY issued a notification of draft Rules and opened it for public comments. However till today the rules have not been notified raising the … Continue reading

Posted in Cyber Law | Leave a comment

“Role Based Data Access Management” needs to be redefined for DPDPA Compliance

“Role based Data Access Management” (RBDAM) is a common principle in Data Access Management. In a properly structured RBDAM, access permissions to data is configured based on the functional role of an individual rather than an administrative designation such as … Continue reading

Posted in Cyber Law | Leave a comment