ADVERTISEMENT
Definitions: What is to be protected?
DHNS
Last Updated IST
Credit: DH News Service
Credit: DH News Service

“Data” means and includes a representation of information, facts, concepts, opinions, or instructions in a manner suitable for communication, interpretation, or processing by humans or by automated means.

“Personal data” data about or relating to a natural person who is directly or indirectly identifiable, having regard to any characteristic, trait, attribute or any other feature of the identity of such natural person, or any combination of such features, or any combination of such features with any other information;

“Sensitive Personal Data” personal data revealing, related to, or constituting, as may be applicable— (i) passwords; (ii) financial data; (iii) health data; (iv) official identifier; (v) sex life; (vi) sexual orientation; (vii) biometric data; (viii) genetic data; (ix) transgender status; (x) intersex status; (xi) caste or tribe; (xii) religious or political belief or affiliation; or (xiii) any other category of data specified by the (proposed data protection) Authority.

ADVERTISEMENT

“Financial data” any number or other personal data used to identify an account opened by, or card or payment instrument issued by a financial institution to a data principal or any personal data regarding the relationship between a financial institution and a data principal including financial status and credit history;

“Genetic data” personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the behavioural characteristics, physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question;

“Data principal” the natural person to whom the personal data relates;

“Data fiduciary” any person, including the State, a company, any juristic entity or any individual who alone or in conjunction with others determines the purpose and means of processing of personal data;

“Processing” in relation to personal data, means an operation or set of operations performed on personal data, and may include operations such as collection, recording,organisation, structuring, storage, adaptation, alteration, retrieval, use, alignment or combination, indexing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction;

“Profiling” any form of processing of personal data that analyses or predicts aspects concerning the behaviour, attributes or interest of a data principal;

“Personal data breach” any unauthorised or accidental disclosure, acquisition, sharing, use, alteration, destruction, loss of access to, of personal data that compromises the confidentiality, integrity or availability of personal data to a data principal;

“Harm” includes— (i) bodily or mental injury; (ii) loss, distortion or theft of identity; (iii) financial loss or loss of property, (iv) loss of reputation, or humiliation; (v) loss of employment; (vi) discriminatory treatment; (vii) subjection to blackmail or extortion; (viii) denial or withdrawal of a service, benefit or good resulting from an evaluative decision about the data principal; (ix) restriction placed or suffered directly or indirectly on speech, movement or other action arising out of a fear of being observed or surveilled; or (x) any observation or surveillance that is not reasonably expected by the data principal.

ADVERTISEMENT
(Published 05 August 2018, 00:10 IST)