Showing posts with label GRC. Show all posts
Showing posts with label GRC. Show all posts

Decoding the Digital Personal Data Protection Act, 2023: A New Era for Data Privacy in India

January 13, 2025

The Digital Personal Data Protection Act, 2023 (DPDPA) marks a significant milestone in India's journey towards a robust data protection regime. This landmark legislation aims to establish a comprehensive framework for the processing of digital personal data, balancing the need for innovation with the fundamental right to privacy of individuals.

Key Provisions of the DPDPA:

  • Data Principal Rights: The Act grants individuals several key rights, including the right to access, correct, and delete their personal data, the right to data portability, the right to object to the processing of their data, and the right to withdraw consent.
  • Data Fiduciary Obligations: The DPDPA imposes several obligations on entities that collect and process personal data, commonly referred to as "data fiduciaries." These obligations include obtaining lawful and informed consent, ensuring data security, implementing appropriate data protection measures, and complying with data breach notification requirements.
  • Focus on Children's Data: The Act recognizes the unique vulnerabilities of children and introduces specific provisions for the processing of children's personal data, including stricter consent requirements and limitations on the use of children's data for targeted advertising.
  • Establishment of the Data Protection Board: The Act establishes the Data Protection Board of India, an independent body responsible for overseeing the implementation and enforcement of the DPDPA.

Significance of the DPDPA:

  • Enhanced Data Protection: The DPDPA provides a much-needed legal framework for data protection in India, addressing the increasing concerns about data breaches and the misuse of personal data.
  • Boosting Consumer Confidence: By empowering individuals with greater control over their personal data, the DPDPA aims to enhance consumer trust and confidence in the digital economy.
  • Driving Innovation: The Act aims to foster innovation by providing a clear and predictable legal framework for businesses to operate while respecting individual privacy rights.
  • Global Alignment: The DPDPA brings India in line with global best practices in data protection, aligning with international standards and frameworks such as the General Data Protection Regulation (GDPR).

Challenges and Considerations:

  • Implementation Challenges: The successful implementation of the DPDPA will require significant effort from both the government and the private sector. Challenges include building the necessary infrastructure for data protection, raising awareness among individuals and businesses, and ensuring effective enforcement of the Act.
  • Balancing Innovation and Privacy: Striking the right balance between promoting innovation and protecting individual privacy will be crucial. The DPDPA aims to achieve this balance by providing a framework that allows for the lawful processing of data while ensuring adequate safeguards are in place.

The DPDPA represents a significant step forward in India's journey towards a data-driven future. By fostering a culture of data responsibility and empowering individuals with greater control over their personal data, the Act aims to create a more secure and trustworthy digital ecosystem for all.

This article provides a general overview of the Digital Personal Data Protection Act, 2023. It is not intended as legal advice and should not be relied upon as such. For specific legal advice, please consult with a qualified legal professional.


 


Tags # Complinace # GRC # RiskMgmt Continue Reading
By at
Tags , ,

Australia Implements Social Media Ban for Kids Under 16

January 12, 2025

Australia has made headlines by becoming the first country to ban social media use for children under 16 years old. This new legislation, passed by the Australian Parliament, aims to protect young users from the potential harms of social media platforms.

The Legislation
The law, which was passed by the House of Representatives and the Senate, prohibits children under 16 from creating accounts on social media platforms such as TikTok, Facebook, Instagram, Snapchat, and others1. Social media companies are now responsible for ensuring that underage users do not have accounts on their platforms. Failure to comply could result in hefty fines of up to 50 million Australian dollars (approximately 33 million USD)1.

Reasons Behind the Ban
The primary motivation for this legislation is to safeguard children from online dangers, including cyberbullying, sextortion, and exposure to inappropriate content1. The tragic case of Mac Holdsworth, a young boy who took his own life after falling victim to an online sextortion scam, has been a driving force behind this initiative1. His father, Wayne Holdsworth, has been a vocal advocate for stricter online safety measures, sharing his story to raise awareness about the risks children face online1.

Implementation and Challenges
Social media platforms have one year to figure out how to enforce this ban before penalties are applied1. However, there are concerns about the practical implementation of this law. Critics argue that the legislation was rushed and lacks clarity on how it will be enforced1. Questions remain about the technical feasibility of verifying users' ages without infringing on privacy rights1.

Public and Expert Opinions
The ban has received mixed reactions. While 77% of Australians support the legislation, according to a recent poll, some experts and digital rights advocates have expressed concerns2. They argue that the law does not address the root causes of harmful content and that children might find ways to bypass the restrictions12. Additionally, there are worries about the potential impact on children's digital literacy and their ability to navigate the online world safely2.

Moving Forward
As Australia leads the way with this pioneering legislation, other countries are watching closely. The success and challenges of this ban will likely influence global discussions on how to protect young internet users. In the meantime, the focus remains on finding effective ways to implement the ban while balancing privacy and safety concerns.

Australia's bold move underscores the importance of safeguarding children in the digital age. As the world continues to grapple with the complexities of online safety, this legislation marks a significant step towards creating a safer online environment for the youngest users. 



Tags # Complinace # GRC Continue Reading
By at
Tags ,

Singapore's Cybersecurity Guidelines; Keeping Up with the MAS

January 12, 2025

The Monetary Authority of Singapore has proved itself beyond any doubt to act as a regulator of the primary institution for safeguarding the financial sector in Singapore. Noting the danger of the aforementioned cyber-attacks that multiply in number day after day, the MAS has also put in place a solid cybersecurity infrastructure committed to the integrity and resilience of financial institutions (FIs). In this blog, we will look into the deep and key aspects of Technology Risk Management (TRM) by the MAS and what they mean for your financial institution.

The Monetary Authority Singapore is beyond doubt the regulator of the principle institution for safeguarding the financial sector in Singapore. No one, except MAS, has put a stronger and much advanced bandage on the key work that is cybersecurity infrastructure committed to the integrity and resilience of financial institutions (FIs).

Thus, this blog will go into key aspects of Technology Risk Management (TRM) by the MAS and what that means for your financial institution.

MAS TRM Guidelines: A Breakdown

The MAS TRM Guidelines outline a comprehensive set of expectations for FIs regarding cybersecurity. Here are some key highlights:

  • Board and Management Oversight: MAS places strong emphasis on the need for robust leadership commitment to cybersecurity. Typically, boards and senior management oversee and take accountability for an FI's cybersecurity posture.
  • Cybersecurity Risk Management Framework:All financial institutions shall have a veritable framework for cybersecurity risk management. It needs to identify, analyze, and contain risk related to cybersecurity threat.
  • Incident Response and Business Continuity Management: It is required by MAS that a financial institution has a well-defined incident response strategy to handle a cyber attack efficiently. Further, having very strong business continuity management plans for minimum disruption in case of a cyber incident is essential.
  • Vulnerability Assessments and Penetration Testing: Regular vulnerability assessments and penetration testing are essential to identify and address weaknesses in an FI's IT systems.
  • Data Security:The MAS has a strong emphasis on data security. Financial institutions (FIs) must implement adequate measures to shield sensitive customer information from effects such as compromising due encryption and access controls.
  • Third-Party Risk Management: With that, MAS understands the increasingly notified FIs on their reliance on third-party vendors. The guidelines provide FIs an explicit obligation to conduct full due diligence with risk management when using the services of third-party service providers.

Why is MAS Cybersecurity Compliance Important?

Cyber attacks are more dangerous for the financial sector as it can cause massive financial losses, damage reputations, and disrupt critical service delivery. Financial institutions would significantly enhance their cybersecurity posture and commit to protecting customer data by implementing the MAS TRM Guidelines.

Taking Action Towards Compliance

MAS cybersecurity compliance can seem daunting, but several resources can help you navigate the process. Here are some steps you can take:

  • Familiarize yourself with the MAS TRM Guidelines: A thorough understanding of the guidelines is crucial for effective implementation.
  • Conduct a cybersecurity risk assessment: Identify your vulnerabilities and prioritize areas for improvement.
  • Develop and implement a cybersecurity program: This program should address all aspects of the MAS TRM Guidelines.
  • Seek professional guidance: Consider consulting with cybersecurity experts to assist you with compliance efforts.

To function in the thriving financial environment of Singapore signifies that one must prepare to accept sound cyber security practices, which, when followed through the MAS TRM Guidelines, enable one to build confidence with customers with respect to sensitive data and contribute to the stability of the financial sector.

Tags # Complinace # CyberSecurity # GRC Continue Reading
By at
Tags , , ,

California Privacy Rights on Your Radar? A Look at CCPA and CPRA Compliance

January 12, 2025

Operating a venture in California? Your utmost concern is data privacy concerns of you and your clients: The California Consumer Privacy Act (CCPA) along with the California Privacy Rights Act (CPRA), which amends CCPA, serves as the strongest pillars of consumer privacy rights in their state. Knowing all these acts and complying with them is useful for any organization that will collect data from California residents.

This is a business in California, and data privacy is a very key concern for you and your clients. The California Consumer Privacy Act (CCPA), along with the California Privacy Rights Act (CPRA), which amends the CCPA, provides the strongest basis for consumer privacy rights across the state. Knowing these laws and complying is essential for any organization collecting data from California residents.


 

What is the CCPA?

Enacted in 2018, the CCPA empowers California residents with the right to:

  • Know what personal information a business collects about them.
  • Access their collected personal information.
  • Delete their personal information.
  • Opt-out of the sale of their personal information.

The CCPA applies to businesses that meet certain thresholds, such as having over $25 million in gross revenue or handling the personal information of more than 50,000 California residents.

What is the CPRA?

The CPRA, effective as of January 1, 2023, expands on the CCPA and introduces new consumer rights, including:

  • The right to correction of inaccurate personal information.
  • The right to limit the use of their sensitive personal information.
  • The right to know about the use of their personal information for profiling purposes.

The new law also intensifies the current rights of the CCPA and imposes more rigorous business standards concerning sale and sharing of information.

What does this mean for your business?

Shall your enterprise do business in California or collect data from the residents of the state, then compliance with CCPA and CPRA becomes mandatory. Such compliance includes:

    Development of robust data practices around privacy: This should involve identifying personal Identifiable Information collected, how it is used, and with whom it is shared.
    Establishing procedures for consumer requests: This means being prepared for requests to access, delete, or opt-out of the sale of personal information.
    Finalizing an up-to-date privacy notice: Explicating the data privacy practices, including how customers can exercise their rights under the CCPA and CPRA.

Compliance can be complex, but it's essential. Failing to comply with CCPA and CPRA can result in hefty fines and damage your reputation.

Here are some resources to help you get started:

By taking proactive steps towards compliance, you can demonstrate your commitment to protecting consumer privacy and build trust with your California customers.

Tags # Complinace # CyberSecurity # GRC Continue Reading
By at
Tags , , ,

The New York SHIELD Act and NYDFS Cybersecurity Compliance

January 10, 2025

The New York State Stop Hacks and Improve Electronic Data Security Act ("SHIELD Act") has added stronger requirements for data security applicable to businesses transacting in the state. Together with the rigorous cybersecurity regulations imposed by the New York State Department of Financial Services (NYDFS), organizations face considerable challenges and opportunities under this legislation.


 

Key Provisions of the SHIELD Act:

  • Expanded Scope: In addition, other parts of the SHIELD Act broadened the definition of "private information" to cover biometrics and usernames/passwords with security questions-"several things sensitive or not-so-sensitive types of data feel sensitive.
  • Enhanced Security Requirements: The Act compels the businesses to have and uphold reasonable protections safeguarding the security, confidentiality, and integrity of personal information. This includes measures such as:
    • Data security assessments: Regular assessments to identify and address vulnerabilities.
    • Employee training: Educating employees on cybersecurity best practices.
    • Incident response plans: Developing and testing plans to respond to data breaches effectively.
  • Stricter Notification Requirements:The Act specifies that businesses should inform affected people without undue delay along with the New York State Attorney General about any breaches..

NYDFS Cybersecurity Regulations:

The NYDFS has promulgated extensive regulatory measures regarding cybersecurity that shall affect a multitude of financial institutions operating within New York. These regulations require:

  • Cybersecurity Programs: Implementing robust cybersecurity programs that address risks across the organization.
  • Third-Party Risk Management: Assessing and managing the cybersecurity risks of third-party vendors.
  • Incident Response Planning and Testing: Developing and regularly testing incident response plans.
  • Senior-Level Oversight: Appointing a Chief Information Security Officer (CISO) or equivalent and ensuring senior management oversight of cybersecurity matters.

Compliance Challenges:

  • Meeting Regulatory Expectations: Navigating the complex and evolving regulatory landscape can be challenging for businesses.
  • Staying Ahead of Threats: The ever-evolving threat landscape requires continuous monitoring, adaptation, and investment in cybersecurity technologies.
  • Demonstrating Compliance: Effectively documenting and demonstrating compliance with the SHIELD Act and NYDFS regulations can be complex and time-consuming.

Opportunities:

  • Enhanced Security Posture: By implementing strong cybersecurity measures, organizations can significantly reduce their risk of data breaches and improve their overall security posture.
  • Competitive Advantage: Demonstrating strong cybersecurity practices can enhance customer trust and provide a competitive advantage in the marketplace.
  • Innovation: The need to comply with these regulations can drive innovation in cybersecurity technologies and best practices.

The SHIELD Act and NYDFS cybersecurity regulations have raised the stakes significantly for data security in New York. Organizations need to understand and comply with these requirements to protect themselves against cyber threats and gain their customers' and stakeholders' trust.

For specific guidance and compliance assistance, it is essential to consult with legal and cybersecurity professionals.

Tags # CyberSecurity # GRC Continue Reading
By at
Tags ,

Continuous Threat Exposure Management (CTEM): A Proactive Approach to Cybersecurity

January 10, 2025

In today's rapidly evolving threat landscape, traditional cybersecurity approaches are increasingly inadequate. The need for a more proactive and continuous approach has led to the emergence of Continuous Threat Exposure Management (CTEM).  



What is CTEM?

CTEM is a holistic framework that goes beyond simply identifying vulnerabilities. It focuses on:  
 

  • Continuous Assessment: Constantly monitoring and analyzing an organization's entire digital footprint, including internal and external assets, for potential threats and vulnerabilities. This involves leveraging various technologies like vulnerability scanners, threat intelligence feeds, and security information and event management (SIEM) systems.   
  • Prioritization: Prioritizing threats based on their potential impact and likelihood of exploitation. This allows organizations to focus their resources on the most critical risks.  
  • Remediation: Implementing and tracking the remediation of identified vulnerabilities and exposures. This may involve patching systems, updating software, implementing security controls, and improving security configurations.  
  • Continuous Monitoring: Continuously monitoring the effectiveness of implemented controls and adjusting the approach based on the evolving threat landscape.  

Key Benefits of CTEM:

  • Proactive Risk Mitigation: By proactively identifying and addressing threats, organizations can significantly reduce their risk of cyberattacks.   
  • Improved Security Posture: CTEM helps organizations achieve a stronger and more resilient security posture by continuously improving their defenses.  
  • Reduced Downtime and Costs: By preventing breaches before they occur, CTEM can help organizations avoid costly downtime, data loss, and reputational damage.  
  • Enhanced Compliance: CTEM can help organizations comply with various industry regulations and data privacy standards.  
  • Data-Driven Decision Making: CTEM provides valuable insights into an organization's security posture, enabling data-driven decisions regarding security investments and resource allocation.  

Implementing CTEM:

Implementing a successful CTEM program requires a multi-faceted approach, including: 

  • Leadership Commitment: Strong leadership support and buy-in are essential for successful CTEM implementation.   
  • Dedicated Resources: Allocating sufficient resources, including budget, personnel, and technology, to support the CTEM program.  
  • Clear Processes and Procedures: Establishing clear processes and procedures for identifying, assessing, and mitigating threats.  
  • Continuous Improvement: Regularly reviewing and refining the CTEM program based on evolving threats and organizational needs.  

In today's dynamic threat landscape, Continuous Threat Exposure Management is no longer an option but a necessity. By adopting a proactive and continuous approach to cybersecurity, organizations can significantly enhance their resilience against cyberattacks and protect their valuable assets. 

Tags # CyberSecurity # GRC Continue Reading
By at
Tags ,

Ensuring Online Safety for Children: Online Child Safety Guidelines 2076

December 29, 2024

In today's digital age, the internet is an integral part of our lives and its offering countless opportunities for  us learning and entertainment. However, this opportunity also  presents risks, especially for children. Addressing this, the Nepal Telecommunications Authority (NTA) launched the "Online Child Safety Guidelines 2076" to guide parents, guardians, and educators protect children online.  

 

Key Points of the Guidelines

Awareness and Education: The guidelines emphasize the importance of educating children regarding online risks and safe best practices. Parents and educators are highly encouraged to discuss following topics eg. cyberbullying, privacy, and the dangers of sharing personal information online.

Parental Controls and Monitoring: Implementing parental controls on devices and monitoring children's online activities can help prevent exposure to inappropriate content and interactions. The guidelines recommend using software tools to filter and block harmful content.

Safe Communication: Children should be taught to communicate safely online. This includes not talking to strangers, being cautious about sharing personal information, and reporting any suspicious or uncomfortable interactions to a trusted adult.

Reporting Mechanisms: The guidelines provide information on how to report online abuse or exploitation. Parents and children should be aware of the procedures for reporting and obtaining assistance if they encounter any online threats.

Creating a Safe Online Environment: Encouraging positive online behavior and creating a supportive environment where children feel comfortable discussing their online experiences is crucial. This helps in building trust and ensuring that children seek help when needed.

Roles and Responsibilities
The "Online Child Safety Guidelines 2076" outline specific roles and responsibilities for various entities to ensure comprehensive protection for children online:

Parents and Guardians:

  • Education and Awareness: Teach children about online safety, including the risks of sharing personal information and interacting with strangers.
  • Monitoring and Supervision: Regularly monitor children's online activities and use parental control tools to block inappropriate content.
  • Communication: Maintain open lines of communication with children about their online experiences and encourage them to report any uncomfortable situations.


Educators and Schools:

  • Curriculum Integration: Incorporate online safety education into the school curriculum to raise awareness among students.
  • Workshops and Training: Conduct workshops and training sessions for students, teachers, and parents on online safety practices.
  • Support Systems: Establish support systems within schools to assist students who encounter online issues and provide guidance on reporting mechanisms.


Government and Regulatory Bodies:

  • Policy Development: Develop and enforce policies that promote online safety for children, including regulations for internet service providers and content creators.
  • Awareness Campaigns: Launch nationwide awareness campaigns to educate the public about online child safety.
  • Reporting and Enforcement: Create and maintain reporting mechanisms for online abuse and ensure strict enforcement of laws related to child protection online.


Internet Service Providers (ISPs) and Technology Companies:

  • Content Filtering: Implement robust content filtering systems to block harmful content and ensure a safer online environment for children.
  • Privacy Protection: Ensure that children's data is protected and not misused by implementing strong privacy policies.
  • Collaboration: Work with government bodies and NGOs to promote online safety initiatives and support reporting mechanisms.


Non-Governmental Organizations (NGOs):

  • Advocacy and Support: Advocate for children's online safety and provide support services for victims of online abuse.
  • Research and Development: Conduct research on online safety trends and develop resources and tools to help protect children online.
  • Community Engagement: Engage with communities to raise awareness about online safety and provide training and resources to parents and children.


Conclusion
The "Online Child Safety Guidelines 2076" are a valuable resource for anyone responsible for a child's online safety. By following these guidelines and understanding the roles and responsibilities of different entities, we can create a safer online environment for children, allowing them to explore the digital world securely and confidently.

Disclaimer: This article is for informational purposes only and should not be considered legal advice.

Note: This article provides a general overview of the Child Online Safety Guidelines 2076. For a comprehensive understanding, it is recommended to refer to the official guidelines issued by the Nepal Telecommunications Authority (NTA) in Nepal.

Tags # GRC # Nepal Continue Reading
By at
Tags ,

Cybersecurity and Privacy in Nepal: Insights from the 2015 Constitution

December 28, 2024

The Constitution of Nepal 2015, a landmark document for the nation, provides a foundational framework for addressing the challenges of the digital age, including cybersecurity. While not explicitly a cybersecurity act, several provisions within the Constitution have significant implications for how Nepal approaches cybercrime and digital security.


Part 3: Fundamental Rights and Duties
Article 16: Right to Live with Dignity

Every individual has an inherent right to live a dignified life. In cyberspace, this translates to protecting individuals from:

  • Online harassment, 
  • Trolling, and 
  • Cyberbullying.

Misuse of personal or private information to harm their reputation or well-being. 

It mandates the government to enforce laws that ensure respect for digital identity and personal space online.

Article 17: Right to Freedom

Broadly covers the freedoms essential for a democratic society, extended to the digital sphere:

  • Opinion and Expression: The right to freely express opinions on digital platforms, including social media, blogs, and forums.
  • Media Freedom: Online journalism and blogging are protected as forms of free press.
  • Assembly and Association: Participation in digital communities, online activism, and virtual organizations is a protected right.
  • Restrictions:Cyber activities should not incite violence, disrupt public harmony, or threaten national security. Preventing misuse like fake news, hate speech, and online extremism.

Article 19: Right to Communication

Focuses on secure and unrestricted communication through digital means:

  • Ensures accessibility to communication platforms without censorship or undue interference.
  • Protects individuals from unauthorized surveillance or interception of digital communications.
  • Promotes net neutrality to ensure equal access to online content and services.

Exceptions: The state may impose restrictions to prevent cyber threats, protect privacy, and maintain public order.

Part 4: Directive Principles, Policies, and Responsibilities of the State
Article 28: Protection, Promotion, and Use of Local Resources

Envisions technology as a crucial resource for national development:

  • Promotes the use of information and communication technology (ICT) for modernization and economic growth.
  • Encourages the creation of an enabling environment for startups, IT industries, and innovation in technology.

Cybersecurity and Data Protection:

  • Policies to ensure the safety of digital infrastructure and protection of sensitive data.
  • Strengthening local capacity to address cybercrimes and improve cybersecurity measures.

Public Services: 

Integration of IT to improve governance, transparency, and service delivery through e-governance initiatives.

Broader Implications

These constitutional provisions emphasize balancing digital freedoms and responsibilities while addressing the challenges of cybercrime, privacy breaches, and online abuse.

They provide a foundation for laws like the Electronic Transactions Act, 2008 and pave the way for future legislative developments in cybersecurity and IT governance.

The state is tasked with fostering technological growth while ensuring its ethical use to protect citizens and promote national interests.


Tags # GRC Continue Reading
By at
Tags

Individual Privacy Act, 2018 (2075) Nepal- A legislative framework

December 28, 2024

The Privacy Act, 2018 of Nepal, officially known as the Individual Privacy Act, 2075 (2018), is a legislative framework aimed at protecting the privacy and personal data of individuals. The act will aligns with the principles established in the Constitution of Nepal, 2015, particularly the right to privacy as a fundamental right under Article 28. Here are the key aspects of the act:


 Key Features of the Privacy Act, 2018

  1. Right to Privacy

    • The Act emphasizes that every individual has the right to privacy, covering personal, family, and confidential information.
    • Unauthorized surveillance, interception, or disclosure of private information is prohibited.

  2. Scope of Privacy

    • Protects the confidentiality of:
      • Personal information (identity, health, finance, etc.).
      • Private communications.
      • Private residences and locations.
      • Digital and physical data.

  3. Data Collection and Usage

    • Organizations collecting personal data must:
      • Obtain explicit consent from the individual.
      • Inform individuals about the purpose, duration, and use of the data.
    • Data collection is restricted to what is necessary for the stated purpose.

  4. Prohibited Activities

    • Publishing, broadcasting, or sharing private information without consent.
    • Misusing private data for fraud, defamation, or unauthorized commercial purposes.
    • Conducting unauthorized surveillance or monitoring of individuals.

  5. Government Surveillance

    • Allows government surveillance under strict legal provisions, ensuring that it does not violate individual privacy unnecessarily.
    • Requires a court order or legal authorization for any surveillance or monitoring.

  6. Protection of Sensitive Information

    • Strict rules for handling sensitive data, such as financial records, health information, and biometric data.
    • Institutions managing sensitive data must implement robust security measures.

  7. Penalties for Violations

    • Violations of privacy rights can lead to:
      • Fines for individuals or organizations.
      • Imprisonment for severe breaches.
      • Compensation for victims of privacy violations.

  8. Digital Privacy

    • Covers digital platforms, ensuring online data and communications are secure.
    • Addresses cybercrimes involving unauthorized access, hacking, or data breaches.

  9. Oversight Mechanism

    • Establishes mechanisms to monitor and enforce the provisions of the Privacy Act.
    • Encourages individuals to report violations of their privacy rights.

Implications of the Privacy Act, 2018

  • For Individuals: Ensures a legal framework to safeguard personal and digital privacy.
  • For Businesses: Requires companies to adopt transparent practices for collecting, storing, and processing personal data.
  • For the Government: Balances the need for security and surveillance with the protection of individual rights.

The Privacy Act, 2018 is a significant step in Nepal’s legal landscape, addressing modern privacy concerns and aligning with global trends in data protection and cybersecurity.

Disclaimer: This article is for informational purposes only and should not be considered legal advice.

Note: This article provides a general overview of the Privacy Act, 2075. For a comprehensive understanding, it is recommended to consult the full text of the Act and seek professional legal advice.

 

Tags # GRC Continue Reading
By at
Tags