The announcement that justice B N Srikrishna may be assigned the work of an enquiry to Chanda Kochchar-Videocon loan issue, it was clear that his work in formulating the base draft of the Indian Data Protection Act was completed.
Now some preliminary information on what this law may hold has been revealed in the article in the print.in.
Some of the salient features mentioned there in is
a) The law will be prospective and not retrospective
b) Time would be provided to the industry for implementation of compliance unlike previous laws in India
c) There will be cognizable offences recognized for intentional or reckless behaviour
d) Penalties on companies may be provided for with the protection of “Due Diligence” concept
e) There would be a “Data Ombudsman” who will adjudicate on the “Data Erasure” requests.
f) There would be an appellate authority after ombudsman with further appeal to Supreme Court
g) Consent would be explicit in respect of critical data
h) Critical data may be required to be stored in India
i) A Data Protection Authority would be set up and may handle registrations of data processors and grievance handling.
This is some preliminary information available. We shall wait for the full draft to be made public for further comments.