 Good evening friends, though it's quite odd as we're normally we don't take the session at this point of time. But once you have a speaker like just as Mohan Mushtaq, a judge of Kerala High Court, who we can say that has been patronizing various sessions. In respect of the sessions we have taken with him, we had requested him to take a session that we have been all reading about discussing about the digital protection personal data protection act 2023. And as usually was kind enough to take us into the deeper dives into this session. And before I request sir, I will just make a request, sorry, I just got myself muted. I request sir, because we know that it's all a working day, we will request sir to take over the session and you all know that we will have a deeper dive into this particular act. Over to you sir. Thank you, Vikas. After a long time I got an opportunity to come back to your platform. Thank you. Very good evening to all the audience who have here in the virtual mode. Some of them I personally know, some of them I am not know. I am Justice Mohan Mushtaq, a judge in Kerala High Court. A couple of occasions I came to this platform to discuss on different topics. This time Vikas asked me to speak on any topic I asked him to select. He has asked me to select either mediation enactment or digital personal data protection and act. So I prefer later obvious reason that mediation may be many of your associates. And this is a new enactment which have a lot of impact in the legal profession and which would give a lot of impetus to the legal profession. Those who are looking in terms of another new avenue for practice in the future. And this is a one place, one area where you can think about it. The lawyers, it's untreated path is not a beaten path. So some of us, some of you had to make a niche on this and make a difference. I would say the lawyers by and large in fact to celebrate the offering of two enactments which passed in the, not the last session of the parliament, the previous session of the parliament. Because this will bring a new dimension to the legal practice, both mediation act. As well as data protection enactment. To celebrate we should know the importance even and having not realized the importance even we may forget to celebrate it. That's what often happened with us. The legal profession is in crossroads in a way because they're not able to grapple the new challenges and they're not able to respond as a new challenges. This is one of the biggest challenges we face. Because the way in which we train is a different, I mean, different terrain. And so therefore we are not able to embark upon new journey. And we have a lot of constraints within ourselves because we are focusing on some areas. And then we have already put in significant amount of experience and training. And therefore we don't want to look upon another area, which we will have a lot of constraints. But certainly this is one area where many of you can think about. Trading a new path. Because essentially I would say it would be more decorative and will have a more monetary gain when you create your space in this. The platform provided by parliament. Prime Minister somewhere in 2015 spoke about digital India. Many could not comprehend what is a digital India. You could not realize the importance of digital transactions. How we said the ordinary person in the small vendor on the roadside would be able to have the idea of digital transaction. When we see that in small vendors who are selling a coconut or some tea, they enable us to pay online the digital transaction penetrate in such a level. You can see that we're very good. You will find the digital space that penetrates in such level. Ordinary man now is able to understand what is a digital transaction. We have around 700 million people in our digital space in India is half of our population. We are the second largest user in the world in terms of using Internet. Besides the China and we are far ahead of in terms of using digital space comparing to any other dollar country like you was in England, because obviously for the reason that we have a large population. The next decade of our revolution when Prime Minister spoke about digital India was speaking about growth of India in terms of economic growth, the GDP. One may realize we might be critical of population growth, the Malthusian theory, which rather put blame on the population one point of time. As something is ample, the economic growth. I think today's any economics may rewrite his ideas. Of course, I'm not an economics expert, but still I believe the economics may rewrite the principles relating to the economy that population may become a boom for the economic growth. The country like India and country like China will decide the digital space of the digital space of the world in the future because we have the largest users. The population itself become a big asset for deciding determining and become decisive in digital space. Population itself become an asset. The Google has to survey or any other search engine or in this survey, they need the users whether it be social media giants like the Facebook, WhatsApp and all. They need users without users they can't survey. So who can provide users in India? China has its own restrictions and limitations, but India has given a platform to every the tech giants to leverage or capitalize on populace. That means India can also have a say in the future to the regulations governing digital space. So India going to be giant in terms of digital space and India will decide the future of economic space in the digital platform. So you are not looking in terms of an individual benefiting it or a corporate entity benefiting it on the digital space, but India as such would ensure a new economic order through measures consistent with the global standards. To look at the today's use of digital space, 80% of the railway bookings are done through IRC to the platform. The banking transaction has grown to such a level, the 40% of the consumers customers now use digital space. E-commerce contribution has risen to 10%, of course it was much more enduring COVID period. So every Indian now is having a footprint on digital space, but that is exactly the problem that we go to face in the future because we cannot retain the digital space under-regulated, the digital space to be regulated, so on growth, the steady growth. Today the Europe of course is much advanced in terms of the data protection law. They have gone to the next level of an acting Artificial Intelligence Act, which came somewhere in June or July 2023. But to regulate artificial intelligence, we need to have a very robust data protection law in our place. The data is the subject of artificial intelligence. That means there should be some sort of regulation for use, even with applications on a large language model like LLM. We call this a LLM, large language model. You might be now learning, you might have now all conversant with the charge GPT generative A, which has gone to a different level beyond the prediction. It also generates opinion. It can create images, it can create text to that level we have reached. For the cities in this background, we need to examine the recent digital, the law passed by the parliament, the Digital Personal Data Protection Act, 2023. The preamble of the act itself states it covers only digital personal data and not physical personal data. So we have to remember first, it is all speaks about digital personal data, not about physical personal data. Unlike the European General Data Protection Laws, regulations of Europe and parliament, which covers both physical and digital space, in the law is limited sphere and operation to digital space alone. Therefore, a lot of contentions, a lot of issues may arise in code in the future litigation, because what is exempted in the digital space may become a contention issue in the physical space. We look at the sum of the exempted provisions like exemption given to the code to process data, investigation team to collect data and process data, which are all exempted activity in this present enactment. Sometime also become a bone of contention in physical sphere, because that is not regulated so far by the law in India. The way back in 1980, OECD countries, guidelines were issued by OECD. OECD means organization for economic cooperation development. India is not a member, but it has been allowed certain kind of benefit of OECD organization. They formulated certain principles governing OECD countries. Fortunately, I believe that in developed countries, they issued certain guidelines for processing personal data, which later became the subject of European directives issued where back in 95, it's called 95 bar, European directives 95 slash 46, the guidelines in fact contain certain core principles related to personal data protection in digital space. So these core principles form part of, is the basic structure of data protection law either in Europe or in India. In GDPR and Article 5, narrates what are the principles. Of course, in Indian law, it's not specifically referred to those principles, but if you browse through the different provisions, different section, you will find the very, the core essence of these principles are reflected in those statutory provisions. I shall briefly refer to the few of the principles which originally I said found in European guidelines and later in European directives 95 slash 46 and of course in GDPR, GDPR in fact were formulated somewhere in 2016. The first principle is related to collection limitation principles. That means the data collection should be based on lawful and fair means with the knowledge and consent of the data subject. So collection limitation principles means you should put notice of the individuals whose personal data being subjected to such transaction or transmission. You should have a notice and you should have knowledge and in the law, the data protection law says any constitutionally recognized language such notice should be given to the data principle. Means the data principle means the individual who is subjected to whose data has been subjected to transmission. So section 6 of Indian law which says that a consent should be obtained with the knowledge. So one should know about is data is being transmitted and processed for certain legitimate purposes. So consent should be you cannot somebody cannot that means data fiduciary who is collecting who is determining the data cannot obtain such data without consent. Such if such a violation would have inevitably results in a huge penalty. If you look at the schedule of data protection law, the imposition of penalty varies from 50 crores to 250 crores. Only exceptional is a minimum kind of penalties on data principle when impersonate or individual impersonate or give wrong information. Because he's also have certain duties under the law under section 15. And if he violates, maybe he's visited with the penalty of 10,000. But in all other cases, the penalties are huge. That's what I said. This is something where lawyers can leverage the two wave lawyers can privilege this data protection law one way of it ensuring complaints by the companies or entities or individuals who are involved in collecting this data. The complaints aspect is a would ultimately result in I mean, setting up a robust environment of digital space for transactions. The banking companies, the credit information service companies, many other companies or many other entities collecting our data personal data including phone number, email address, except all this forming part of personal data. You might be required to advise on regarding complaints. And of course, the lawyers part, if there is any breach, they may be able to take up the cost of the client who is the data fiduciary, sorry, data principle for any violation. And that may ultimately results in huge penalty, as I mentioned earlier. The second principle, which is first principle I referred the data collection collection limitation principle. Second principle is the data limitation principle. Sorry, data quality principle. That means the data collects that must be relevant to the purpose for which they are used or they have been collected and must be complete and accurate. The quality principle would ensure the accuracy and complete and it requires it need to have a nexus with purpose for which it is being collected. That is the one of the principles referred in the Europe and guidelines as well as of course, I will not find exactly as a principle in our law, but you can find that underlying provisions, the provisions, the very basis of these provisions is related to these principles. Then there's a purposeful principle. Purposeful principle, cheese, it should have a purpose. We should be specified. I collect the data fiduciary collect this principle. It should collect this principle. I mean, I'm some questions have been posted. You can post questions later on because I would respond to your question if possible after the session is over and it's been popped up here. So we take questions from the YouTube also, so everybody knows who is there. We will take the question at the end of the session. Purpose should be specified. So that there should be a purpose and there should be specified while consent is being obtained. Use of limitation principles, personal data should not be disclosed if incompatible purpose so that we can't use beyond the purpose for which it is being collected. The security principle should be protected by reasonable security safeguards against such risk and loss and no risk to access, destructions, modification, disclosure etc. So you need to keep your data fiduciaries and the bound and duties to ensure that the data collected is protected and it is not leaked or some other entity, of course, reasonable guard-ups, safeguarded will have to be made. These are the core principles on which these, if you browse through the relevant provisions of law, because I'm not here to teach on each provisions of law and give a discourse on it. I know that limitation of the time you have. Now there are exemptions which you can find. Somebody asked the question which how to consent has to be obtained. This specifically stated in what manner the consent has to be obtained and it has to be the section 6, the purpose consent given by the principle shall be free, specific, informed and conditional under because with a clear affirmative action shall signify an agreement to the processing of personal data for specific purpose and limited research personal data as necessary such for specific purpose. That's what section 6 says. I have a copy of legislation with me on my table here. And it shall be in a particular language which is conversant to the data principle. And that's why the constitutional recognized language has been accepted for obtaining such consent. Now interestingly, this enactment, we have to call it the Xi enactment because instead of gender, normally it's found that it's this enactment specifically says all gender has to be addressed in the name of Xi Renan. And therefore we can call it the Xi enactment and Xi is understood includes E also. Now the problem may arise when you see that section 6, 17 of this enactment, 17 of this enactment given all sort of exemptions from the strict regiment of this enactment is including this much of the litigations happening today in the court. Many of the litigations have been touched before the court based on right to be foregold which is specifically referred in the GDPR but not here in our enactment. I'll explain what is the right to be foregold right to rise up. Of course both are interchangeably used in European GDPR but here the exemption has been accorded for certain class nature of class of personal data for enforcing a legal right or claim, processing personal data by any court tribunal, etc. Personal data is processed in the interest of prevention, detention of investigation, prosecution. Personal data principle not with the territory of India is processed personally in any contract and with any person outside the territory of India by any person based in India, etc. You will find that section 70 and calves out this exemption. This is exactly the problem I said earlier. When Supreme Court and Dr. Putusamy's case declared the privacy is an integral part of the fundamental right. It's the court to interpret what forms part of what particular actions or interactions would qualify in the privacy. In that sense, those who accepted category may qualify for an action in physical space when there is a violation on the ground that there is a violation of privacy. What is accepted? We can say the operation of law is limited in digital space and the act itself is called the digital personal data and protection law. In that sense, what are accepted in section 70 may be subject to a challenge in its physical space if there is a transmission of physical data through medium of print media or any other media. This is very problematic for the court to deal in the future, I believe. This is one issue which may likely to crop up in the future. See, I refer to the right to be forgotten, right to rest, and of course, both interchangeably used in GDPR, which, in fact, I'll explain what is the right to be forgotten. The French, the jurisprudence, recognize initially loudly the right to be forgotten. Long back, I believe this idea has developed in 18th century or 19th century, but later, who started applying this doctrine somewhere in late 90s, were an accused of criminal cases. He has every right to forget his past and live for the future. That's what the underlying principles. It has been recognized by the European directives, 95 bar 46, not in the same way of right to be forgotten, but it is in a way that's based on the storage principle, which I've not, of course, I've not mentioned it, because if you require a certain data for a certain period, or it's only purpose for it is, when the purpose is served, you cannot no longer retain that data. That is the core principle, the storage limitation principle. That means if you have secured certain data, that you can keep with you the data, initially can keep that data so long as it requires it to accomplish its purpose, that after you cannot. This exactly created an effort in the European Union where the Google faced an action, Google Spain versus APCD. APCD is an agency, European data protection body or agency in Spain. Where a person who's something similar to a securitization enactment, somewhere in his 90s, his house was auctioned and it came in newspaper, like now the banks are now advertising for the sale of the more property of the defaulters or the debtors of the bank in securitization enactment. Similar way that an ad came in a newspaper or some other medium. And of course, you know that online media once it came, the gonsallers, I believe its name is gonsallers. The gonsallers after a decade, when he Google the movement, what is surfaced in the digital space is that the sale of the more property, which happened somewhere in 90s. This action was initiated in 2001 or after, it was 2000. So European Union Code decided in favor of gonsallers and say on the storage limitation principles, which is reflected in laws in Europe in 95-46, sorry 95 slash 46 where it say that data cannot be storage beyond the purpose for which it was collected. So holding that, that he has a right and the data cannot be retained beyond it because Google is profiting out of it the search engine and Google was directed to remove. This is what famous case called Google Spain versus APCD. You may search in the Google, you'll find out the case details somewhere you can find. But in GDPR, which is brought in 2016, there is a specific reference to the right to be forevoted. That means that limitation of storage principles may not actually need to apply in such a construction. Were the special chapters provided on the right to be forevoted, of course, it is interchangeably used in right to eraser. That means one has a right to forget his past and live for a moment and lead to the future. But in the law, explicitly is absent in the law in regard to these right. So constitutional jurisprudence calls for us to decide on the parameters of borders of the privacy right to privacy where that falls in the right to privacy. In fact, I had an occasion to consider this issue dealing with a couple of batch of cases before me when court judgments are posted online and reflects the names of the accused and reflects the names of the parties. This is a dilemma for the court. But the court has to balance both. The court is a public institution. In Sopnit Thirupathi's case, Supreme Court has held that even the public should have an access to the view of the court process. That's why the live streaming has started by all the courts in India. In that sense, court is open and a public place. Everybody should have an access. We can't limit the such space. And being in a public space and data is bound to be disseminated except in the matters of law request to court protection. The family matters. The family court enacts men into marriage act and court certain protection of such details of personal details of the parties. In that case, party can signify their intention and request a court without personal information being disseminated in the public space of court information system. Apart from that court declined all the other relief in regard to the accused. Many of them were acquitted. Many of them were discharged. But it is not for the court cannot balance how I mean the individual interest and public interest. It's a matter for the police station to decide because one need to know the past of an individual. You can't deny the right of the public to know about the past of an individual. What extent, how long is all matters to be decided by the least literature, though they are made out of case based on the right to privacy, but court cannot enter into the arena of the least literature where their wisdom should be applied to balance both public and personal individual interest. This is how court decided those matters. But anyway, these are all a matter of contingent before the limited to different codes in the India as far as the dissemination of the information which is developing the court information system. So as such, we cannot apply in regard to the principles of right to be forgotten or right to erase that as referred in the European law in the same manner it has been contemplated in the European but in a limited way of governing privacy court may be able to use this principles to relate it to the protection of privacy in the light of judgment of export and Fukusami's case and apply in case to case basis. If for example, eraser sometime right eraser meant to be applied in certain occasion where the accused found to be totally in the sense of allegations at a level they can steam and it might be sometime you might have been implicated in the criminal offense due to mistake or some misunderstanding. In those cases, if his name surface in the digital space he should have a right to erase those data coming up in digital space. So these are all matters to be decided in case to case basis. We cannot have a uniform principle to be applied in such matters. As I already mentioned to you all, the bone of contention likely to happen before the court in the future may be in relation to matters that has now been accepted under section 17 may can be a subject matter of a challenge if same actions may violate privacy in physical case. This is a matter to be decided in an appropriate time. These are broader way of I, I mean I mentioned it about it. I'm not taking into the nitty-gritty of each provisions of the law which is mentioned but that we can also go back from the enactment. But I must refer to you as many of your academics and lawyers. There are platforms being provided in this enactment. One is a constitution of data protection board of India. That is a primary level of adjudicator. It would adjudicate all complaints relating to the violation of personal data. And the very important aspect of it, it operates in a digital space and digital office. You can raise your complaint online. The adjudicator will provide online platform for adjudication. And ultimately concluded that there is a violation it can impose any of the penalties as referred in the schedule. That is referred in Section 33 that after conducting enquiry that it can, it can impose such penalties as referred in the schedule. Next level of appellate authority is also formed. It has been assigned to TD-SAT that you know that telecom dispute appellate authority, TD-SAT. The TD-SAT is appellate authority and award and order passed by the, this also can be imposed as the civil court. So this is a significant aspect of it. The statute self-contemplate digital office of the data protection board of India. So from any part of the country, the one may be able to lodge the complaint or grievances, the digital platform. Now two aspect I want, I want you all to deploy on, I mean I need the audience or youngsters who are here to think about when we are leveraging this digital space, the data protection law may be regiment, certain levels, certain will accord protection. We don't have a law in this country in regulating artificial intelligence like manner the European Union has brought. European Union has brought to the Artificial Intelligence Act and which privates high risk taken out of its potential danger to the public. The consequence, ultimately this data which is coming to the digital space, ultimately used by someone else to leverage it. You know that how the camera channel, I believe camera channel, went to the trouble they used Facebook data for some other purposes and they also went into controversy. Maybe in a way this data protection law which would enable us to the data fiduciary and accountable, but next level of it, when it goes beyond the territorial decision of the country and when it's being used by the machines, used by algorithm, large language model I want to be mentioned about you, it's only an algorithm which will have a larger impact in our life. The European Union classifies high risk, medium risk and low risk. Low risk car, something is permitted. Its product category has been provided. That in civil war regimen, the next level of revolution through artificial intelligence. That perhaps may be one thing we may require of the future. Secondly, the law in application of state responsibility have not developed much in India. Though international law, you might be aware, many of the students might be aware there is state responsibility under international law, certain type of it. But law is to be evolved around state responsibility in the sense when there is a challenge from into the digital space. How far and what extent our country is responsible for such challenge in domestic law. It's something we need to point out on this. You might be knowing that the government of India has established a certain body which is watching all cyber attacks on our digital space. And state is also responsible to protect us from inevitable attack of our digital space. Of course, when a digital space is attacked, you know you will be using all your data and all what has been considered as a personal, what have been protected under law, will be also lost. So what extent of the state would be responsible if such attack or cyber spoofing or some sort of attack is perpetrated beyond the territory of how far and what extent the state is responsible. These are broader area where law need to be developed. Anyway, this digital and personal data protection act would lay down certain foundational principles for us to grow. The next level of our growth would depend upon how the lawyers and academics leverage this enactment for the growth of e-commerce, the growth of digital space and whatever level. When the population, I said earlier the population itself become a big asset for us for leveraging a new milestone. And strengthen our GDP. So these words I just, I would conclude any questions, of course, subject to my limitation. Many might know I'm a sitting judge of this. I could have my own limitations which would apply to me. I cannot express opinion about, except I can only refer to some of the provisions if so required. I would like to go through again the statute of provision to make you understand what actually the provision of the law is. Beyond that I have my own limitation commenting upon contentious issue which may come before me in a different form in the future. Thank you. Only one question so far has come on the chat and Santosh has divided it into two parts. About the data collection principle, it said about the consent. How do you obtain the consent for the legacy data? The consent has been mentioned. I said in section six, I believe, section six and he is referring to form of consent. I mean, is it not the question that form of consent? That's of course just like whenever we buy some things in some way that I agree. He is saying it is on the same tangent. It says, how do you obtain the consent for the legacy data? Legacy data, you mean, say that the personal data which you have been consenting for transmission. It has to be current. You are referring to legacy data. I mean, what context do you mean? He will post. Meanwhile, AK Sharma says, is the data protection board of India being constituted? It has to be notified. All this has to be notified. I believe it is not not notified, I believe. Yes, and Akshay Panwar says, the consent is section six and all. And it's also referred to the, some of the provisions relieved. It has the constitutional language, recognized languages, even in vernacular language. It has to be signified. And he must expressly affirm that consent or processing data. For example, in banking transactions, the data will be processed and it has to be in a language known to the data principle. The consent has to be most affirmative, not a passive consent. That's what the provision says. The passive consent, of course, you know that nowadays you click some button and give a passive consent, but it has to be very affirmative action. That's what the law says. The next question is, what topics do you feel that one has to study to make career in this act? I think there are way of looking at an act at a different angle. That's what I said. One has to, in terms of complaints, many, many entities would require a lot of complaints. You need to know the technical parameters. You need to know kind of issues, likely to arise in the future. If any, for example, the security ankle, one need to know what kind of security need to be, what extent, what level of security to be afforded by the data fiduciary. You need to know what are the steps to be taken to protect such data. You need to know the, you need to, I mean, ensure that complaints are all living. That's one way of looking at it in terms of a lawyer's perspective. Another way of looking at this in terms of any violations of this and what manner the violation has to be established. Both involves a lot of skills in a way, you know, because the violation, it would be easy to say that it's a violation at what level, in what manner, how to establish. So it all involves a lot of inquisiteness like a lawyer. So in both ways, the study, you can't be at merely looking at the data protection law. It need to go beyond. You also need to know how the system operates in a digital space. That may be an occasion where the cyber attack or cyber stealing might be perpetrated by an machine algorithm. So it's not necessary to be perpetrated by some other machine. What extent that algorithm could be made accountable in what action, what manner. These are all technical parameters. I'm not very conversant on those areas. But in a way, there are broader ankle for young law students, young lawyers to study and focus on these issues which will definitely will grapple the code in the future in whatever in different multi-dimensional way. It may come as a new challenge against orders of bodies like the data protection board or TDSAT or in a way which you may find that is being more bordering the issues of fundamental rights like violation of privacy. And different angle it may come. This is by Krishnan. He says. Legacy data. I don't know the legacy that it has not been mentioned about it because it can have a really prospective application but legacy data is steadily to be protected. That's what I've said. It is only because consent because already we have all of us have provided all data to the bank officials. In what manner is legacy data? I have no clue on how about this in the particular legislation. Anybody of any opinion, of course they can share the data already collected. That's what I'm saying. To my view, I'm only a learner of this. I'm not expert only I came across this legislation as though I've learned about data protection law of European Union long back for my academic purpose. I don't know of any other connection. Those who have any idea of legacy data or the data now being collected for prospective use and that could be a matter of a deliberation among all of us. This is on the WhatsApp. I've just received from Sumesh Anthony. He says what will be the impact on the educational institutions will those data also fall under the data fiduciaries? So it's not on the chat. I've just received the WhatsApp. It is by Advocate Sumesh Anthony. He says what will be the impact on the educational institutions whether that will fall within the data fiduciaries? Yes, definitely. See the accepted categories enumerated on the section 17. The last question we will take because we know that you were tight-pressed with the time but still you... Section 17 enumerated only certain class of exemptions. Which is more related to the investigations processing through the court or some other merger and amalgamation or financial information. Information is received or collected for some credit worthness or something. In that only accepted categories are enumerated on section 17 not beyond that. The last question by Dr. R.P. Gupta. He says if some corporate holds a technology where they can pull the data by just using my mobile then is it illegal or how to act against that person? Pardon? He says that somebody uses the data, he pulls up the data by using just the mobile. Then is it illegal or how to act as an individual? Like normally we see that they ask you, let's assume we also get that you should get yourself registered for a Zoom call. And then I share those data. What will be the impact thereof? You are bound to protect the personal data. You cannot share that because you become a data fiduciary. Data fiduciary has been defined in this enactment. Means any person who alone or in conjunction with other person determines purpose and means for processing personal data. So you collected this data only for the purpose of this meeting. Everybody actually feels... I think that this Digital Personal Data Protection Act will actually help because it was always said that once you have the data then you become the king. And that's what in the marketing team and sector they were using. And I think there's one last question and then we will not take any question. See the... I mean the study has to be... I mean the academics and the young lawyers have to look at the GDPR, how it is grown in the European Union and how the personal data laws have become so robust and so regimented in Europe. And try to apply certain principles into the Indian context. As I mentioned earlier, the core principles under both GDPR and Indian law are the same. But operational limitation is there in both... I mean in Indian law which classifies certain... is accepted and there's also some part lighten up certain loose ends. But nevertheless it's the basic structure of both regime is same. So one is looking at the European Union's decisions and all may be able to have a more broader idea how the European courts have dealt with this kind of issues. Which is maybe the most useful repository for all of us for our guidance to understand the many of these flaws. For example, which one I mentioned earlier like the Google Spades case, the same thing. The limitation principle. The today we all see that securitization enactment. What would be an exempt rate? Maybe how long, what extent? That would be a contention issue with the future. It might not be today but after 10 years. This collective purpose is over. Then why should remain in the digital space? It would be an issue. The last question because we are in a grey area but Advocate Leena says, to what extent we can make use of this statue to regulate the activities of new gen online news channel reporters etc. who reveal everything about the crime under investigation of personal issues like matrimonial issues. The news channel is a public space in a way. They are not collecting your data but they are only revealing it the news identity. It may be bordering an action under many laws like the Joellen Protection Act. FOXO cases were covered certain protection. They can't reveal the identity. The Lloyds is not the digital data protection law but the Joellen Protection Act I believe there are provisions under the FOXO Act what we call as a protection of action. Some of the provisions says that you can't reveal the identity in what manner. If that provision alone would be attractive in those cases not digital data protection act including matrimonial. That's only news coverage of a particular issue because data principle is not concerned and brought for data transmission. Thank you for sharing your knowledge and we are deeply indebted. On Saturday do connect it with us on this platform of Beyond Law. The art of mooting by Professor Nelima Barbade at 6pm. Thank you everyone. Stay safe, stay blessed. Thank you Justice Mohammed Mishraq for sharing his knowledge. You always look upon to have insights on topic which is fresh and it's I can say in the baby steps. Thank you. Thank you because thank you to all I don't know I've done justice to you but in a way what all knowledge I have I try to share with you. Not a academic, not a person I don't have much time now to spend on. The chat shows that so many thank yous means that they have appreciated whatever you shared. I can say on my side that they say that the heart is on the left but it always thinks right. So I know that I've understood a much better deeper side.