CHAPTER #13 DATA PROTECTION

Question 1

Data Subject:?

Answer 1

Natural Persons whose personal data is being collected/processed

Question 2

Personal data?`

Answer 2

Personal Data:
Information of a Data Subject which is in possession of a Data Controller
and from which he can be identified.
>It includes Sensitive Personal Data.
>It does not include encrypted data.

Question 3

Sensitive Personal Data?

Answer 3

It means data of access (i.e. usernames and passwords) which provides access
> to Financial information,
> Medical Records (including physical ,pshycological or mental health report)
> Biometric Data
> passprt
> Religious beliefs,ethnicity

Question 4

Key Principles for Personal Data

Processing?

Answer 4

1. Lawfulness, fairness and transparency
2. Data minimisation.
3. Purpose limitation
4. Accuracy
5. Security
6. Storage limitation
7. Accountability

Question 5

Rights of Individuals regarding

Processing of Personal Data?

Answer 5

1. Right to be informed
2. Right of access to data
3. Right to rectification of errors
4. Right of erasure / Right to forgotton
5. Right to object to processing and marketing
6. Right to restrict processing
7. Right to data portability
8. Right to withdraw consent
9. Right to complain to regulator authorities

Question 6

define
Unauthorized Access:?\
Damage to Data:?

Answer 6

Unauthorized Access:
It means accessing data not available for general public, without authoriztion or violation of terms and conditon of authorization

Damage to Data:
it means unauthorized addition, deletion,
alteration of data or making it unavailable.

Question 7

What is Critical Infrastructure and its consequences:?

Answer 7

it means those elements of infastructure (i.e, assets,facilities,network,systemor processes) whose loss may result in adverse impact on:
>availability or delivery of essential services and taking into account significant ecnomic or social impact.
> national security, national defence or functioning of state
GOVT May direct any public or private infastructure to be critical infastructure

Question 8

Punishment for
Unauthorized access: of non critical infastructure?
Unauthorized copying or transmission of data
Damaging information system or data:

Answer 8

Unauthorized access:
     > upto 3 months AND OR  Rs. 50,000
Unauthorized copying or transmission of data
     > upto 6 months + Rs. 100,000
Damaging information system or data:
     >2 Years + Rs. 500,000

Question 9

Punishment of
Unauthorized access: of critical infastructure?
Unauthorized copying or transmission of data
Damaging information system or data:

What is Glorification of an offense and its punishment?

Answer 9

Unauthorized access:
    >3 Years AND/OR Rs. 1,000,000 (1M)
Unauthorized copying or transmission of data
   >5 Years + Rs. 5,000,000 (5M)
Damaging information system or data:
  >7 Years + Rs. 10,000,000 (10M)
 Glorification of an offense:
  >same as interference with critical infrastructure
  >7 years AND /OR 10,000,000 (10M)

Question 10

Glorification of an offense?

Answer 10

Glorification(i.e, showing praise or clelbration ) of offence:

if someone prepare or spread information to GLORIFY a terrorist or offence of terrorism or activities of such prescribed person or organization
Punishment:
>imprisonment upto 7 Years AND/OR fine upto Rs. 10,000,000