Transfer of personal data under U.N. treaty will be according to native laws

The U.N. Cyber Crime Convention, which has been at the negotiating table for the past three years, is expected to be ratified by the U.N. General Assembly in 2024; India’s suggestion is at the draft stage 

September 13, 2023 09:20 pm | Updated 11:40 pm IST - New Delhi

The Union Home Ministry recently reviewed the draft of the U.N. Cyber Crime Convention to discuss the necessary changes in the existing systems if this convention is signed and ratified by India. Image for representation purpose only. File

The Union Home Ministry recently reviewed the draft of the U.N. Cyber Crime Convention to discuss the necessary changes in the existing systems if this convention is signed and ratified by India. Image for representation purpose only. File | Photo Credit: Reuters

As United Nations member states negotiate a treaty to counter cybercrimes, India has made suggestions at the international forum that transfer of “personal data” under the convention will be done in accordance with the country’s domestics laws and not other applicable international laws.

The Digital Personal Data Protection Act enacted by the Parliament in August says that personal data can be processed “in the interest of sovereignty and integrity of India or security of the state” for “fulfilling any obligation under law”.

The Act that came into force on August 12 after receiving assent from the President of India requires firms to disclose to users the identity of other firms to which their data would be entrusted for processing, but they are explicitly exempted from disclosing or sharing of such data in the case of lawful interception of data.

The Union Home Ministry recently reviewed the draft of the U.N. Cyber Crime Convention to discuss the necessary changes in the existing systems if this convention is signed and ratified by India. The convention, which has been at the negotiating table for the past three years, is expected to be ratified at the U.N. General Assembly in 2024.

At the sixth session of the “Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes” held from August 21-September 1, India asked for the deletion of a clause encouraging state parties to “establish bilateral or multilateral arrangements” to facilitate the transfer of personal data.

India also agreed to the clause that state parties may transfer personal data to a third country or an international organisation only with the prior written authorisation of the original transferring state party, subject to effective and appropriate safeguards.

According to the draft, each state party shall designate a point of contact available 24 hours a day, seven days a week, in order to ensure the provision of immediate assistance for the purpose of investigations, prosecutions or judicial proceedings concerning criminal offences established in accordance with the convention.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.