Personal Data Processed by Automobile Pollution Control Certification Agents

Yesterday I took my vehicle for a Pollution control certificate to one agent X. I had not used him on earlier occasions and had been getting such certificates with others.

The moment he read my number plate on the computer, he quoted my name and mobile number.

This means that the vehicle number is in the data base along with the owner’s name and mobile number and accessible by all such PUC agents in every petrol bunk. The same data should be available to toll gates and any other CCTV camera that scans the vehicle number plate.

I agree that it can be processed for any law enforcement purpose.

However there is a need to ponder whether consequent to DPDPA 2023, the PUC agents are to be considered as “Data Fiduciaries” and certain obligations are to be imposed on them?

As regards the Toll managers who are private agencies and not law enforcement agencies, they may be considered as “Significant Data Fiduciaries” since they process lakhs of personal data each day with or without the financial information through fast tag.

There should therefore be a DPO for NICE or other toll managers.

Alternatively the systems of fast tag reading and CCTV should be modified to ensure that the data is not available automatically for analysis .

A thought is required on this.


About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.