The last date for comments on the draft Digital Personal Data Protection Bill 2022 is behind us but that shouldn't prevent us from understanding and discussing the bill, its contents and its impact.

In this interactive talk, I will pick a few key points from the draft bill to discuss with the audience. I recently delivered an informal version of this talk at the FOSS United Banglore meetup. The proposed talk will be a bit more formal, focusing on the key aspects of the bill instead of trying to read/skim the entire bill from the top to the bottom.

Specifically, I will focus on the definition of "Personal Data" as covered by the bill, what a "Data Fiduciary" is, the rights and responsibilities of a "Data Principal", the "Data Protection Board", ending with proposed limits on penalties that can be imposed by the "Board" for non-compliance.

Examples of audience interaction in the talk are

1. personal identifiable data e.g. PAN Card, Address, etc and examples of what isn't personal identifiable data e.g. food preferences.
2. Notices and Consent in relation to the personal data
3. Significant Data Fiduciary
4. whether or not the proposed fines are sufficient by comparing the fines against the revenue of Indian orgs that suffered a data breach recently.

This talk is not a policy analysis. I will point to reports put out by organizations like the FOSS United, IFF, eGov Foundation instead.

Note to organizers : From prior experience, given the audience interaction component of this talk, atleast 25 minutes are needed to do justice to this subject matter.