The normative foundation of the proposed Personal Data Protection Bill, 2018 (hereinafter referred to as “Data Protection framework”) is the outcome of the judgment passed by way of the Hon’ble Supreme Court of India in Justice K.S. Puttaswamy (Retd.) v. Union of India1. That vide the said judgment proper to privacy has been diagnosed as a fundamental proper rising in the main from Article 21 of the Constitution. The Supreme Court vide the aforesaid judgment clarified that the right to privateness isn’t an absolute proper and that a person’s privateness interests may be overridden by using competing State and character hobbies.
In 2011, i.E. Before Justice Puttaswamy judgment (supra) judgment, the Government propounded the Information Technology (Reasonable Security Practices And Procedures And Sensitive Personal Data Or Information) Rules, 2011 (hereinafter known as the SPD Rules), have been issued beneath Section 43A of the IT Act. The said Rules study with Section 43A of the Act holds the simplest a body corporate responsible for compensation for any negligence in enforcing and retaining affordable security practices and strategies whilst handling sensitive personal information or records. However, the pace of development of the digital financial system and with the advent of right to privacy being diagnosed as a essential proper after the regulation laid down in by way of the Hon’ble Supreme Court in Justice Puttaswamy judgment (supra), it has gr