Latest Updates on Privacy – May 2022

This is a rundown of last week’s news updates on Privacy:

New CERT-In Directives issued

The Indian Computer Emergency Response Team has recently issued new guidelines trying to combat cyber security incidents, with 6,07,220 incidents being reported in the first half of 2021. The directions prescribe mandatory data collection, retention and integration by data centers, virtual private network providers, cloud services providers and others. However, directions for the registration of data centres, virtual private server providers, and virtual private network providers and retention of metadata by them has raised privacy concerns, primarily that the purpose of such services would be defeated by the collection and storage of data by them. Additionally, the industry has voiced concerns over the reporting requirements, stating that it hampers the ease of doing business.

MEITY’s revised Draft National Data Governance Framework Policy released

The Ministry of Electronics and Information Technology’s move to release a revised draft comes after its precursor, the Draft India Data Accessibility and Use Policy, which permitted the licensing and sale of public data by the Government to the private sector, faced strong criticism. The Data Governance Framework would enable the government to create a data repository of anonymised non-personal data which would bolster the Digital India initiative, and also support research and startup ecosystems in India. The Framework also has a provision for private entities to volunteer their datasets to be added to the data repository. The Framework also calls for the creation of an Indian Data Management Office to oversee the implementation and review of the NDGFP.

Twitter to make huge payout in settlement of privacy infringement lawsuit

Twitter, the global social media giant, has reached a settlement with the US Department of Justice and Federal Trade Commission to pay USD 150 million for failing to secure the privacy of its users’ data, along with having to implement new protections. This comes as a result of a lapses in Twitter’s security measures which permitted hackers to access non-public user data, culminating in the FTC’s claim that Twitter had breached its 2011 ruling by misleading users about how well protected their non-public contact information was. The suit also alleged that Twitter had failed to comply with US accords with the EU and Switzerland, which prevented corporations from processing user data for purposes not expressly permitted by users.


Authored by Rohan Jacob (Associate).

About BananaIP Counsels Trademark Attorneys

This Privacy News Bulletin is brought to you by the Trademark/Copyright, and IP Transactional Strategy Divisions of BananaIP Counsels, a Top ranked IP Firm in India. BananaIP Counsels’ trademark attorneys are among the leading experts in the field. If you have any questions, or need any clarifications, please write to [email protected] with the subject: Privacy News.

The weekly intellectual property law news initiative is a part of their pro bono work and is aimed at spreading awareness about intellectual property and allied laws. You are free to share the news with appropriate attribution and link back to the source.


Kindly note that the news bulletin has been put together from different sources, primary and secondary, and BananaIP’s reporters may not have verified all the news published in the bulletin. You may write to [email protected] for corrections and take down.

Leave a comment