Welcome to the CESO platform, the world’s first online community dedicated exclusively to senior security executives including CIOs, CSOs, CTOs, and directors. With a thriving global membership exceeding 40,000, CESO stands at the forefront of cybersecurity discussions. Today, we delve into the India Privacy Act and its significance for Chief Executive Security Officers (CESOs). Our distinguished panel comprises Advocate Dr. Pavan Duggal, Advocate Dr. Prashant Mali, Advocate Punita Shetty, and our moderator, Vikash Parekh.

Here is the verbatim discussion:

welcome to ceso platform ceso platform is the world's first online community solely dedicated for information senior security Executives C CIO CSO CTO directors with 40,000 plus community members globally today's panel discussion is on India Privacy Act and what it means for CES and speakers joining us today are Advocate Dr Pavan dupin Supreme Court of India while practicing Advocate Supreme Court of India Dr Pavan Thal has made an immense impact with an international reputation as an expert and Authority on Cyber Law cyber security law Cyber Law artificial intelligence law and e-commerce law Dr Dugal has been acknowledged as one of the top four cyber lawyers around the world world domain day recognizes him as one of the top 10 cyber lawyers around the world Advocate Dr Prashant Mali Cyber Law and data protection lawyer Bombay High Court Dr Prashant is India's top cyber and privacy lawyer with many landmark cases to his credit he has been awarded as best cyber privacy lawyer 2022 at newsmaker awards best cyber security lawyer in 2017 and with national cyber defense award in 2019 Advocate pun cyber and data protection laws expert founder cyber jury legal Consulting and cyber jury Academy Advocate pit is a Pioneer in cyber laws in India and has been awarded the best cyber lawyer in India she is an adviser to the rajas SAA committee on internet laws and recipient of five national awards for contribution in cyber laws one of them being cyber lawyer cyber lawyer of best cyber lawyer in India bkash paray co-founder of ciso platform fire compass and co-founder of IIs which is now acquired by synopsis he is an IIT kakur alumni with multiple patents under his name Fortune magazine named him as part of Fortune 40 under 40 he a well-known Global speaker who spoke at RSA Conference USA Singapore tedex Etc this panel will be moderated by vikash varay we request all attending members to please post your questions in the chat box and we'll address those questions to the speaker at the end of the session thank you everyone for joining us today I would request vikash to take it forward thank real cases out there so we like to also know some of those real cases out there so that's number one the highlights of the act and some of the real cases then we'll also discuss a little bit on how does it impact the industry the startup ecosystem then we'll kind of end with um what what are some of the Milestones which we as an organization should Define in order to get prepared for it so we we know that there is a journey ahead but what are those Milestones if we have to move forward on that journey and some of the top risks and how do we manage um from the Privacy Act perspective so these are broadly some of the things which we discussed we'll touch upon today and we'll also keep some time towards the end for question and answers so we kept the number of questions yes so that we can keep more time for the uh our community members to also participate and ask so that's the broad um lay of the land in terms of today's discussion um so let me jump into um so let's let's start with the first question like what are some of the key highlights which um you have seen um in terms of the Privacy Act and also any of the cases which you have observed.

Highlights:

Data Protection Framework

• Comprehensive guidelines on the collection, processing, and storage of personal data.
• Rights of individuals to access, correct, and delete their data.
• Mandatory consent from individuals for data processing.

Data Localization

• Specific data must be stored on servers within India.
• Cross-border data transfers are regulated to ensure compliance with local standards.

Regulatory Authority

• Establishment of a Data Protection Authority (DPA) for enforcement and compliance.
• The DPA has the power to investigate, audit, and levy penalties.

Breach Notification

• Mandatory reporting of data breaches to the DPA and affected individuals within a stipulated timeframe.
• Clear guidelines on managing data breaches and mitigating risks.

Penalties and Fines

• Substantial penalties for non-compliance, including hefty fines based on the severity of the breach.
• Provisions for criminal liability in cases of significant violations.

Data Fiduciaries and Data Processors

• Distinction between data fiduciaries (entities that determine the purpose and means of processing data) and data processors (entities that process data on behalf of fiduciaries).
• Specific obligations and accountability measures for both categories.

The India Privacy Act marks a significant step towards enhancing data privacy and security in India. It poses both challenges and opportunities for organizations across sectors. By understanding the key highlights and preparing adequately, companies can navigate the complexities of this legislation effectively. The CESO platform continues to support its members in staying informed and prepared for these pivotal changes, fostering a secure and compliant business environment.

Speakers:

Dr. Pavan Duggal is the Founder & Chairman of the International Commission on Cyber Security Law and President of Cyberlaws.Net. He heads the Artificial Intelligence Law Hub and Blockchain Law Epicentre, and is the Founder of Cyberlaw University. Dr. Duggal is the Chief Evangelist of Metaverse Law Nucleus and has directed numerous international conferences on cyber law. He has spoken at over 3000 events and authored 194 books on various legal topics.

https://x.com/pavanduggal
https://in.linkedin.com/in/pavanduggal

Dr. Prashant Mali is an acclaimed international cybersecurity and cyber law expert, practicing as a lawyer at the Bombay High Court with 25 years of experience. He holds advanced degrees in computer science and law, and has authored 8 books and 16 research papers on cyber law and data protection. Mali frequently appears on TV and at international conferences, offering expert legal opinions on a wide range of technology-related issues. His landmark legal work includes numerous acquittals and influential policy contributions.

https://x.com/AdvPrashantMali
https://in.linkedin.com/in/prashantmali

Advocate Puneet Bhasin is a Pioneer in Cyber Laws in India and Awarded the Best Cyber Lawyer in India. She is an advisor to the Rajya Sabha Committees on Internet laws and Recipient of 13 National Awards for contribution in Cyber laws one of them being "Best Cyber Lawyer in India".

https://x.com/cyberlawpuneet
https://in.linkedin.com/in/advpuneetbhasincyberlawyer

Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.

https://twitter.com/bikashbarai1
https://www.linkedin.com/in/bikashbarai/