# 82 Re-identification and processing of de-identified personal data

Sponsored by: Jamku CA Practice Management Software

# Bare Act

# Section 82(1)

Any person who, knowingly or intentionally

  • (a) re-identifies personal data which has been de-identified by a data fiduciary or a data processor, as the case may be; or
  • (b) re-identifies and processes such personal data as mentioned in clause (a), without the consent of such data fiduciary or data processor, then, such person shall be punishable with imprisonment for a term not exceeding three years or with a fine which may extend to two lakh rupees or both.

# Section 82(2)

Nothing contained in sub-section (1) shall render any such person liable to any punishment under this section, if he proves that—

  • (a) the personal data belongs to the person charged with the offence under sub-section (1); or
  • (b) the data principal whose personal data is in question has explicitly consented to such re-identification or processing as per the provisions of this Act.

The contents of the website is provided "as is", without warranty of any kind, express or Implied, including but not limited to the warranties of merchantability, Fitness for a particular purpose and noninfringement. In no event shall the Authors or copyright holders or sponsorers be liable for any claim, damages or other Liability, whether in an action of contract, tort or otherwise, arising from, Out of or in connection with the website or the use or other dealings in the website.

Helpful Links:

Last Updated: 01 Oct 2020