x
Help Us Guide You Better
best online ias coaching in india
2020-02-07

Download Pdf

banner

Developmental Issues
www.thehindu.com

The report by a German cybersecurity firm that medical details of millions of Indian patients were leaked and are freely available on the Internet is worrying. The firm listed 1.02 million studies of Indian patients and 121 million medical images, including CT Scans, MRIs and even photos of the patients, as being available. Such information has the potential to be mined for deeper data analysis and for creating profiles that could be used for social engineering, phishing and online identity theft, among other practices that thrive on the availability of such data on the Darknet — restricted computer networks which exchange information using means such as peer-to-peer file sharing. The reason for the availability of this data is the absence of any security in the Picture Archiving and Communications Systems (PACS) servers used by medical professionals and which seem to have been connected to the public Internet without protection. Public data leaks have been quite common in India — from government websites enabling the download of Aadhaar numbers to electoral data rolls being downloaded in bulk, among others. Unlike the data protection regulations in place in the European Union and in the U.S., India still lacks a comprehensive legal framework to protect data privacy. The Draft Personal Data Protection Bill 2019 is still to be tabled but could enable protection of privacy.

The draft Bill follows up on the provisions submitted by a committee of experts chaired by Justice B.N. Srikrishna to the Ministry of Electronics and Information Technology in 2018. The committee sought to codify the relationship between individuals and firms/state institutions as one between “data principals” (whose information is collected) and “data fiduciaries” (those processing the data) so that privacy is safeguarded by design. While the 2019 version of the Bill seeks to retain the intent and many of the recommendations of the Justice Srikrishna committee, it has also diluted a few provisions. For example, while the Bill tasks the fiduciary to seek the consent in a free, informed, specific, clear form (and which is capable of being withdrawn later) from the principal, it has removed the proviso from the 2018 version of the Bill that said selling or transferring sensitive personal data by the fiduciary to a third party is an offence. There are other substantive issues with the Bill pertaining to the situations when state institutions are granted exemption from seeking consent from principals to process or obtain their information. Yet, considering the manner in which public data are being stored and used by both the state and private entities, a comprehensive Data Protection Act is the need of the hour.

You have reached your limit for free articles this month.

Register to The Hindu for free and get unlimited access for 30 days.

Already have an account ? Sign in

Sign up for a 30-day free trial. Sign Up

Find mobile-friendly version of articles from the day's newspaper in one easy-to-read list.

Enjoy reading as many articles as you wish without any limitations.

A select list of articles that match your interests and tastes.

Move smoothly between articles as our pages load instantly.

A one-stop-shop for seeing the latest updates, and managing your preferences.

We brief you on the latest and most important developments, three times a day.

*Our Digital Subscription plans do not currently include the e-paper ,crossword, iPhone, iPad mobile applications and print. Our plans enhance your reading experience.

Why you should pay for quality journalism - Click to know more

Please enter a valid email address.

Subscribe to The Hindu now and get unlimited access.

Already have an account? Sign In

Sign up for a 30-day free trial. Sign Up

To continue enjoying The Hindu, You can turn off your ad blocker or Subscribe to The Hindu.

END
© Zuccess App by crackIAS.com