Advocate (Dr.) Prashant Mali's Blog

Digital Address Code (DAC) as address for eKYC, property tax, online shopping ! The Department of Posts, Government of India, is in the process of creating an unique  Digital Address Code (#DAC) as a  proof of address  which can be used for booking an online delivery or for paying property tax.DAC would help in digitally authenticating an address. --Currently, Aadhaar is commonly used as a proof of address. But the address mentioned on the Aadhaar card cannot be digitally authenticated.  --DAC would be an unique address identity and is usable by all stakeholders.  DAC is expected to identify each address in the country uniquely and link the address to its geospatial coordinates represented numerically or alphanumerically. --DAC is proposed as a solution. It would be an input that could be keyed in or captured out of a QR Code by apps of service providers and would be cognizable by digital maps. --However, in the case of sensitive establishments, the DAC may not be issued or it may be l

What does the Pegasus spyware do? Don’t Overthink  Did you imagine some super spy software which tracks you even when your mobiles internet or data connection is off. According to the software’s description on the NSO Group’s website, the Pegasus spyware is capable of complete data extraction from the victim’s phone. What makes this software worse is that it can be used for remote and stealth monitoring, without the victim even realising that they are being watched. The NSO Group’s website notes that the spyware can extract data remotely via untraceable commands. The Pegasus spyware could essentially make it unnecessary to have physical access to a device to spy on victims. For instance, iPhones, which are usually touted for being secure, reportedly have a  gaping security issue  in iMessage that allows remote access and duplication of data. But if you are common man please don’t overthink all the above to operational day in day out requires cash to be burnt and if you are common man l

Brazilian LGPD & European GDPR Compared  Brazilian LGPD & European GDPR Compared  Brazilian General Data Protection Law ( Lei Geral de Protecao de Dados  or LGPD) , a law with many similarities to the European Union’s General Data Protection Regulation (the “GDPR”) is now effective.  On April 29 of this year, Brazil’s President issued Provisional Measure 959 that, amongst other things, postponed the effective date of the LGPD, which was originally set to be effective August 2020, to May 3, 2021.  Brazil’s Chamber of Deputies amended the measure so that the LGPD would take effect in December 2020.  The Senate then decided that any postponement was void because the effective date had already been decided by Congress.  The amended measure was sent to the President for his signature, providing him with the date of September 17, 2020 to sign the measure, which would make the law effective as of the original effective date, or veto it.  The President sanctioned the law and the LGPD i

What’s Changed in the CPRA?  The California Privacy Rights Act of 2020   The California Privacy Rights Act of 2020 (CPRA) is the law now. With some exceptions, the CPRA expands privacy protections afforded under the current California Consumer Privacy Act of 2018 (CCPA), giving consumers more rights over their personal information and requiring greater transparency and obligations from businesses. Beyond new rights, the CPRA establishes a privacy enforcement agency - the California Privacy Protection Agency - that would be the first of its kind state agency dedicated to privacy enforcement. The CPRA also reaches areas of digital privacy untouched by the CCPA, including dark patterns, behavioral advertising, and profiling. In addition to these remarkable changes, the CPRA significantly amends existing rights and responsibilities presently enforced under the CCPA. The CPRA’s amendments serve to clarify ambiguous areas of the CCPA and, if passed, will better align the law’s text with its

What does Google know about YOU? Did you know that unlike searching , when you search on Google, they ? That means they know every search you’ve ever done on Google. That alone is pretty scary, but it’s just the shallow end of the  that they try to collect on people. What most people don’t realize is that even if you don’t use any Google products directly, they’re still trying to track as much as they can about you. Google trackers have been found on . This means they're also trying to track most everywhere you go on the internet, trying to slurp up your browsing history! Most people also don’t know that Google runs most of the ads you see across the internet and in apps – you know those ones that follow you around everywhere? Yup, that’s Google, too. They aren’t really a search company anymore – they’re a tracking company. They are tracking as much as they can for these annoying and intrusive ads, including recording every time you see them, where you saw them, if you clicked

Can GDPR Fines be covered under Cyber Insurance coverage in India? By Prashant Mali,  Cyber Law & Privacy Expert. Cyber policies usually grant cover for civil fines provided that these fines are “ insurable at law ”. Where insurance for fines and penalties is available, this is usually as part of an operator’s general liability policy, although, as set out above, there is no general rule and some such policies routinely exclude such cover). In addition, prudent directors of port and terminal operators who are faced with the possibility of personal exposure to civil fines will take steps to ensure that their D&O policy will cover them if they are investigated personally.  Example Policy Terms Insurance coverage is available for fines and penalties. A popular form of cyber insurance includes, as an item of covered loss: [C]ivil fines or penalties imposed by a governmental agency and arising from a Regulatory Action, unless the civil fine or penalty i