India: Privacy Law…..Your personal details end up with raddiwalas (Scrap Dealers)!

Posted on November 29, 2011 by

Shocking News about how personal information provided to a Mobile Service Provider ended up with a Raddiwala (Scrap Dealer)
http://www.mid-day.com/news/2011/nov/281111-Your-personal-details-end-up-with-raddiwalas.htm

This despite the fact that the corporate involved claims to have a PRIVACY POLICY.

This is yet another glaring case about how policies are incapacitated by weak procedures and controls and a poor execution strategy.
Having Policy is one thing and having an apparatus to implement, enforce and comply with it is another…

I wonder if the corporates in India are aware about the recent Data Privacy Legislation passed in India.

DATA PRIVACY LAW in INDIA
“The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, or “Privacy Rules,” were issued in April to implement India’s 2008 IT Security Act amendment.”

However to my understanding the Law itself is not very clear on how it will be enforced… in the sense who is the Controlling Authority…where can users whose personal information has been compromised seek redress…..

Its a long run …But at least we have made a start…

Advertisement

About pawaskar

Strategist, change leader and driving force behind security improvements that safeguard data, ensure compliance, and facilitate informed advancements towards organizational goals. Expert at leveraging existing resources to bring effective, actionable security and risk management vision to complex enterprises with minimal budget. Define and execute improvements in process, internal controls and IT infrastructure with measurable, positive results. Engineer simple-but-powerful, cost-effective solutions. Deep understanding of compliance and auditing principles. Strong consensus builder, forming cooperative relationships across internal / external stakeholders and suppliers that contribute to the success of project.
This entry was posted in Data Breaches, Data Privacy, Government Legislations and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s