LIFE
The ministry of electronics and information technology (MeitY) has impressed upon the big tech companies and other data fiduciaries to decide on the parental consent framework themselves for processing children’s personal data, people aware of the matter said. The ministry’s move assumes significance as the Digital Personal Data Protection (DPDP) Act, which was passed last year, makes it mandatory for platforms to get parental consent before using data of children below 18 years of age. However, there was no clarity given on how the data fiduciaries will follow this framework, and what method can be adopted to comply with the Act. The DPDP rules to implement the Act have not been released so far, owing to issues with regard to processing of children data. Now, with some clarity on the issue, the government is soon expected to release the draft rules for public consultation, officials said. Earlier, the government was thinking of three ways to seek consent for children data. The platforms can either rely on the details of identity and age available with them or collected with the consent of such users, or they can use token in the electronics form being mapped to the details of such individuals generated either by a government agency or through DigiLocker. Officials in the know said, there was difficulty in establishing a parent-child relationship with the Aadhaar in cases of data update. Therefore, the technical feasibility of any of the prescribed solutions seemed difficult, they said. In a meeting with the platforms, MeitY has urged them to follow the best possible technology to comply with the parental consent norm. This means that the government will not give any modalities around it. The same is in line with the global norms such as in US where the authorities have left it to the data fiduciaries to use a relevant technology. In case of any lapses basis the user complaint once the Act is implemented, the government will then step in to access what kind of steps were followed by the platforms to comply with the provision of the Act, people in the know said. Industry executives said, the big tech companies could also seek additional time from the government to comply with such provision as it would require architectural changes. The government has likely exempted educational institutions, health establishments, and certain government entities from the restrictions on the processing of children’s data, sources said. For healthcare institutions, the exemption is restricted to the provision of healthcare services to a child, whereas educational institutions will be allowed to undertake behavioral monitoring and tracking of educational activities of children. The DPDP Act was passed by the Parliament in August last year. As per the Act, the firms concerned will need to collect data afresh from users and spell out clearly its purpose and usage. They will be booked for data breach if they depart from the purpose for which it was collected, according to the provisions of the Act. The government will also notify a Data Protection Board that will levy the penalty of up to Rs 250 crore on the company in case of any incidents of data breaches and non-compliance of provisions of the Act. Get live Share Market updates, Stock Market Quotes , and the latest India News … Read More and business news on Financial Express. Download the Financial Express App for the latest finance news. None
What’s New
Spotlight
Advertisement
Featured News
Latest From This Week
Popular News
