EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
Recent Searches
In the fifth episode of our ‘Gateway to data privacy and protection' podcast series, we explore the extensive implications of the Digital Personal Data Privacy Protection (DPDP) Act, 2023 on telecom companies, with Mini Gupta, Cybersecurity Consulting Partner at EY India. In this podcast, Mini shares insights on several critical topics, including data fiduciaries within the telco ecosystem, cross-border data transfers, the handling and potential misuse of personal data, penalties for data fiduciaries, and the necessary institutional framework for monitoring and addressing data breaches.
In conversation with:
Mini Gupta
EY India Cybersecurity Consulting Partner
Key takeaways
- According to the DPDP Act, if telecom service providers and OTT partners have tied up to provide services, both are data fiduciaries as they seek personal data to provide services.
- The DPDP Act outlines a multi-tiered escalation process for resolving data breaches, thereby safeguarding the interests of data principals.
- In cases where multiple data principals use IoT services in a household, the service subscriber's consent will suffice.
- In case the roamer is traveling from India to overseas, personal data transfer may not be required. However, when a foreign individual is visiting India and becomes a roamer here, the GSMA Act would apply.
In the digital age, safeguarding data is a shared responsibility, with multiple data fiduciaries ensuring privacy and accountability.
For your convenience, a full text transcript of this podcast is available on the link below: Read the transcript
If you would like to listen to our podcasts on the go:
Podcast
Duration
14m 51s
How EY can help