Functions of Data Protection Authority
The function of the data protection authority shall also include –
- Monitoring and enforcing application of the provision of the act
- Taking prompt and appropriate actions as per the provisions of the act, in case of breach of personal data
- Maintaining a database on its website containing names of significant data fiduciaries along with ratings in the form of trust score. Specifying the qualification, code of conduct, practical training and functions to be performed by such data auditors
- Examination of data audit reports
- Issuance of certificate of registration to data auditors and renewal, withdrawal, suspension or cancellation
- Classification of data fiduciaries
- Monitoring cross border transfer of personal data, technological developments, commercial practices
- Specifying code of practice
- Promoting awareness and understanding of the risk, rules, safeguards and right in respect of protection of personal data
- Promoting measures and undertaking research and innovation in the field of protection of personal data
- Advising Central Government, State Government and any other authority on measures required to be taken to promote protection of personal data.
- Specifying fees and other charges
- Receiving and inquiring complaints
- Performing such other functions as prescribed
Code of Practice
The Authority is mandated to specify code of practice to promote good practices of data protection and facilitate compliance with the obligations under this act.
Power of Authority to issue directions
Under section 51 authority may discharge its function, issue such direction. From time to time as it may be necessary.
Power of Authority to Call for Information
The Authority may require a data fiduciary or data processor to provide information as reasonably required in order to discharge the function such requisition to be made in writing by stating the reason.
Power of Authority to Conduct information
The authority either suo moto or on a complaint may inquire or cause to be inquired into the matter in issue between the data fiduciary and data principal or anyone contravening with the provisions of the Act.
Action to be taken by authority
After the successful inquiry the Authority may pass an order in writing against the party at fault, issuing a warning, issuing a reprimand, cease and desist order, temporary suspension or discontinuance of business or activity etc.
Search & Seizure
The inquiry officer shall conduct the search seizure in accordance with the provisions of Cr.P.C., 1973.
Picture credit- https://yourstory.com