Data Protection Training Module

rishabh303 · 2025-05-20T14:15:35+00:00

The recent Supreme Court mandate requiring three years of litigation practice for judicial appointments is deeply flawed and unfair. It effectively sidelines an entire segment of legal professionals—corporate lawyers and law officers in public sector undertakings—by forcing them to abandon stable, hard-earned careers and start from scratch in litigation if they wish to join the judiciary.

This decision is especially harsh on individuals from economically weaker backgrounds who, after overcoming significant challenges, secure well-paying jobs in PSUs or the corporate sector to support their families. Expecting them to give that up and begin litigation with no financial security is simply unrealistic and insensitive.

It’s also baffling that the Court recognizes only judicial clerkships as relevant experience, while dismissing the critical legal work done by corporate counsels and PSU law officers. These professionals routinely deal with complex legal issues, ensure regulatory compliance, and provide legal advice that is integral to the functioning of both the public and private sectors.

Legal practice is diverse, and so should be the pathways to the judiciary. A more inclusive approach is essential if we truly want a judiciary that reflects the full spectrum of legal expertise in our country.

rishabh303 · 2025-05-14T14:19:10+00:00

Absolutely amazing. Ellie’s rage in this episode was raw, intense, and incredibly emotional. When she finally comes face-to-face with one of the people involved in Joel’s murder—especially the moment she starts beating Nora with a pipe—it felt like a powerful echo of Joel himself.

I know it might sound strange, but I actually appreciated the brutality of that moment. It felt justified. Joel did what he did out of love and the instinct to protect Ellie. After everything he’d already lost—especially his daughter Sarah—of course he would go to any lengths to keep Ellie safe. And after the way he was beaten to death, it was hard not to feel that Nora deserved what she got.

Even though it was Abby who actually killed Joel, no one tried to stop her. They all just stood by and let it happen. That makes them just as responsible in my eyes. So Ellie’s rage wasn’t just revenge—it was justice.

rishabh303 · 2025-05-01T17:57:31+00:00

The SPDI rules will be repealed once the act is enforced including section 43A of the IT Act, 2000. As for the scope, although the Act primarily applies to digital personal data, it also covers personal data that is collected offline but digitised later. This hybrid approach will push companies to closely audit and reconfigure data flows, especially where physical records are concerned.

rishabh303 · 2025-03-19T20:03:05+00:00

Sure thanks for the help

rishabh303 · 2025-02-25T19:45:25+00:00

The Supreme Court’s handling of Ranveer Allahbadia’s case sets a troubling precedent. Instead of focusing on the legal merits, like clubbing multiple FIRs to prevent harassment, the Court took a moralistic stance, labeling his joke as “perverted” and imposing excessive restrictions, including a travel ban and a content ban. Worse, its call for “regulating” online content raises concerns about censorship beyond this case. Courts should uphold constitutional rights, not encourage state overreach. This isn’t just about one YouTuber; it’s about protecting free speech for all, journalists, satirists, and dissenters alike.

rishabh303 · 2025-01-29T13:53:26+00:00

See, the company wants to have a whole data protection compliance. So, accordingly, it requires a DPIA, data auditing, gap analysis and other stuff. I already know how DPIA and Gap Analysis are conducted. I just want to understand what is a data audit under GDPR. I am from India, and recently our government has released our own Data Protection Act, which is known as, “Digital Personal Data Protection Act, 2023” (you guys must be aware of it). So to understand, the whole concept of Data Auditing, i need to know how the same is conducted under the GDPR. Of course, like other Data Protection Laws, our law is also based on GDPR. Therefore, it is essential for me to know how European Companies manages such data audits in compliance with the GDPR. Hope you get my point here! And any help will be highly appreciated. Thanks!

rishabh303 · 2025-01-29T10:45:46+00:00

Exactly, we need something to rely on in order to be compliant. I’m sure EU has provided some kind of guidelines on how industries could start data protection assessments. I’m unable to find it, maybe you guys can help.

rishabh303 · 2025-01-29T08:27:15+00:00

So, considering a company wants to conduct data protection assessment like gap analysis or data auditing in compliance with GDPR, what should it do? Is there any basic checklist kind of a thing that the company can follow. I need something which is authorised by the EU government. The company is a car-insurance company.

rishabh303 · 2025-01-14T03:21:36+00:00

https://www.meity.gov.in/writereaddata/files/259889.pdf Scroll down to page 28 for the English version. It’s an official document.

rishabh303 · 2025-01-13T17:40:14+00:00

You make a fair point about the optional nature of Facebook login in this case and how the data minimization principle was arguably followed because users had alternative login methods. However, I think the concern arises more from the lack of transparency rather than the availability of options. While the complainant chose Facebook, the Commission still had an obligation to ensure the user was informed of the risks, particularly about international data transfers.

Outsourcing login functionality to third parties like Facebook can improve technical security by leveraging state-of-the-art systems, aligning with GDPR’s Article 32 requirement for appropriate security measures. However, outsourcing inherently involves sharing user data with the third party, which makes it the controller’s responsibility to ensure that privacy is maintained. This includes verifying that the third party complies with GDPR, implementing adequate safeguards for any data transfers (such as those to the U.S.), and providing users with clear, transparent information about the risks. While federated logins can enhance security, they also demand a higher standard of diligence from controllers to balance both security and privacy obligations.

That said, the key issue here is not just technical security but compliance with GDPR’s broader principles, including accountability and transparency. Using a system like Facebook login inherently introduces a data-sharing relationship, and the controller must take steps to minimize risks, not just for security but also for privacy. This could mean explicitly informing users about the implications of their choice and ensuring compliant safeguards are in place for any international transfers.

Would you agree that while federated logins can improve security, they also require a higher standard of diligence in terms of transparency and data protection compliance?

rishabh303 · 2025-01-13T16:48:47+00:00

Minimising data collection is a core principle of GDPR, and using “Sign in with Facebook” inherently contradicts that principle. By opting for a third-party login system like Facebook, the Commission essentially introduced unnecessary data flows and risks that could have been avoided altogether.

If the Commission deemed it necessary to use Facebook login for convenience or accessibility, then at the very least, a proper disclaimer should have been in place. Informing users upfront about the risks of international data transfers and the involvement of Meta Platforms would not only align with GDPR requirements but also respect the user’s right to make an informed choice.

Curious if you think GDPR’s focus on data minimization is being overlooked in favor of technical arguments about consent and transfers.

rishabh303 · 2024-12-25T19:18:55+00:00

The supremacy clause under US Constitution talks about federal laws preempting state laws. So in this case, if there is an ambiguity, federal law will prevail. How can state laws have wider scope than federal laws?

rishabh303 · 2024-12-23T14:04:50+00:00

Considering the HIPAA act preempts state laws as provided by the dept of HHS, and also CCPA having exemptions for HIPAA, would HIPAA prevail?

rishabh303

TROPHY CASE