Skip to main content

Types of Data under Digital Personal Data Protection Act 2023

After the introduction of the Digital Personal Data Protection Act 2023, we can expect a significant enhancement in data governance and the legitimate use of data without infringing on an individual's personal information. This Act lays the foundation for a harmonious coexistence between humans and technology, allowing technology to flourish while also protecting individuals from breaches and grievances.

The Act categorizes data into three primary types: Digital Data, Personal Data, and Non-Personal Data. Understanding these definitions is crucial to comprehending the scope of this legislation.



Digital Data

Digital Data refers to any information that has been converted from non-digital form to digital form. This encompasses various forms of digital data, including:

  1. Video files: Captured or recorded video content.
  2. Audio files: Recorded sound files, such as music or voice recordings.
  3. Image files: Photographs, graphics, and other visual content.
  4. Text file: Documents, emails, and other written content stored digitally.
  5. Database records: Structured collections of data, such as customer information, inventory levels, or financial transactions.

The Act also recognizes Critical Data, which is a subset of Digital Data that requires special protection due to its sensitive nature.

By categorizing and defining these different types of data, the Digital Personal Data Protection Act 2023 aims to ensure that individuals' personal information is protected while also promoting responsible data handling practices and technological innovation.




Personal Data

Refers to any information that identifies an individual, including:

  • Name: First name, last name, pseudonyms, or initials
  • Identification numbers: Passwords, email addresses, Aadhaar numbers, driver's license numbers, or other government-issued identification numbers
  • Financial information: Bank account numbers, credit card numbers, or other financial data
  • Health information: Medical records, medical history, or health-related data
  • Contact information: Address, phone number, or other contact details
  • Biometric data: Fingerprints, facial recognition data, DNA profiles, or other biometric identifiers
  • Browsing history: Search queries, login information, or other online activities
These examples are not exhaustive, as personal data can include any information that can identify an individual.


The Digital Personal Data Protection Act 2023 aims to protect the personal information of individuals by:

  1. Restricting access: Limiting who can access personal data to ensure it is only shared with authorized parties.
  2. Complying with transparency: Requiring companies to maintain transparency on what information is collected and used, ensuring individuals are aware of how their data is being handled.
  3. Holding organizations accountable: Punishing organizations for breaches and misuse of personal data and compelling them to take remedial actions to mitigate any harm caused.
  4. Compelling robust security systems: Mandating organizations to have robust security measures in place to protect personal data from unauthorized access, use, or disclosure.

By implementing these measures, the Digital Personal Data Protection Act 2023 aims to promote trust between individuals and organizations while ensuring the responsible use of technology and innovation.

Non Personal Infromation:

Any information which is related to information which makes keeps the identity of an induvial hidden but still give away information about the person, Anonymous Data is any information that cannot be used to identify an individual. It is data that does not relate to a specific person and does not contain personal identifiers, such as names, addresses, or other unique characteristics. Examples of Non-Personal Information include GPS location, data collected for statistic or research  

Non-Personal Information can be collected and used without obtaining consent from the individual, as it does not pose a privacy risk. However, organizations must still comply with applicable laws and regulations regarding the collection and use of Non-Personal Information.

In contrast to Personal Data, which is protected by data protection laws and requires informed consent before being collected or used, Non-Personal Information is often subject to less stringent regulations. However, organizations must still ensure that they handle Non-Personal Information in a responsible and transparent manner.




Critical Data:

Critical Data, as per the Data Protection and Privacy Act (DPDP), refers to sensitive and essential information that requires robust protection to prevent unauthorized access, use, or disclosure. 

By prioritizing the protection of Critical Data, organizations can minimize the risk of data breaches and ensure the confidentiality, integrity, and availability of their most sensitive information.

Comments

Post a Comment

Popular posts from this blog

PHI, PII, and Indian Health Data Laws Explained

If you are a law student or a newbie in the legal field, then it is very common to scratch your head around these concepts. In this blog, we will deal with the understanding of not only the concept of PHI and PII, but we will also dive into Indian laws to investigate similar concepts in the Indian legal landscape. PHI (Personal Health Information) is data associated with information about an individual's health. There is a list of 18 pieces of information that fall under the category of Personal Health Information. This data is often collected by medical practitioners or hospitals for providing better health services. HIPAA, the Health Insurance Portability and Accountability Act, protects the PHI of an individual from being disclosed without his/her consent. Personal data of an individual's health status can cause damage in insurability, employability, and can engrave damage to their privacy. It is obvious to be curious about what elements can be considered as PHI. This includ...
Post a Comment
Read more

Important case laws in Constitutional law.

     It is difficult for students to recall case laws. It becomes even more difficult when each resource material has a different case law to prove a particular concept. When it comes to constitutional law, it can be tricky, and I always find it difficult to find suitable and important precedents to write down doctrines. That's why we have made a list of important case laws that should never forget. 1. Indrani sawhney v/s Union of India:        Indra Sawhney v. Union of India is a landmark case in Indian constitutional law that deals with the issue of reservation in public employment and education. The case was heard by a nine-judge bench of the Supreme Court and resulted in the famous Mandal Commission judgment.         The case arose from a challenge to the government's policy of reserving a certain percentage of seats in public employment and educational institutions for m...
Post a Comment
Read more

AI vs. Copyright: Unraveling the Puzzle

The growth of tools such as ChatGPT, MidJourney, Adobe Firefly, Stability AI, and many more has raised two very prominent questions. 1. Whether a work created by an individual with the help of AI can be protected by law. Does that individual get the right to reproduce that work, sell it, license it, and sue another individual for unauthorized use of the work? 2. Is AI infringing on the rights of authors by using their work to get trained and using them to provide information to the users? The world has taken a leap from reading books to obtain particular information to googling any information. Today, instead of reading through several articles on Google, people prefer to ask ChatGPT, where they have the freedom to tailor the type of information they need. one can guide the length of the information to a brief paragraph or an essay of several pages. But from where do these Generative AIs get all that information? Technically speaking, they get trained on the data available on the inter...
Post a Comment
Read more