Yesterday I took my vehicle for a Pollution control certificate to one agent X. I had not used him on earlier occasions and had been getting such certificates with others.
The moment he read my number plate on the computer, he quoted my name and mobile number.
This means that the vehicle number is in the data base along with the owner’s name and mobile number and accessible by all such PUC agents in every petrol bunk. The same data should be available to toll gates and any other CCTV camera that scans the vehicle number plate.
I agree that it can be processed for any law enforcement purpose.
However there is a need to ponder whether consequent to DPDPA 2023, the PUC agents are to be considered as “Data Fiduciaries” and certain obligations are to be imposed on them?
As regards the Toll managers who are private agencies and not law enforcement agencies, they may be considered as “Significant Data Fiduciaries” since they process lakhs of personal data each day with or without the financial information through fast tag.
There should therefore be a DPO for NICE or other toll managers.
Alternatively the systems of fast tag reading and CCTV should be modified to ensure that the data is not available automatically for analysis .
A thought is required on this.
Naavi
