What India's Data Protection Bill Means for CISOsSupreme Court's Khushbu Jain on Potential Changes to Security, Privacy Practices
What does the latest version of India's data protection bill mean for CISOs, and what impact does it have on security practitioners? Khushbu Jain, advocate, of the Supreme Court of India, shares some of the fine print in the draft legislation and discusses some changes that CISOs may need to make.
The draft bill does not distinguish between personal and nonpersonal data and treats all data equally, Jain says. "Everything now is personal data, and CISOs would need to take the same security measures for everything. In terms of compliance, it can be good for CISOs to implement things, but in terms of business purpose, it can be tough."
In this video interview with Information Security Media Group, Jain also discusses:
- Changes in the data localization provisions;
- How to approach data erasure requirements;
- New provisions on data consent.
Jain is a practicing advocate before the Supreme Court of India and founding partner of Ark Legal. She also is a public speaker, a skills trainer, an opinion column writer and a frequent guest on national television broadcasts. Jain specializes in business litigation and handles legal matters related to information technology.