A startup provides a health-tracking app that collects sensitive health data from users. Under the digital personal data protection law in India, what additional precautions must the startup take compared to regular personal data?
- No additional measures are needed
- Ensure explicit consent and adopt higher security standards
- Store the data only with the government agencies
- Store the data only with the hospitals and other health care institutions
The Correct Option is B
Solution and Explanation
- Explicit Consent: The startup must ensure that explicit consent is obtained from users. This consent has to be "free, specific, informed, unconditional, and unambiguous with a clear affirmative action" and must be specific to the purpose of data collection.
- Higher Security Standards: Additional security measures need to be implemented to adequately protect sensitive health data. This includes adopting higher security standards than those required for regular personal data.
- Notice and Purpose Limitation: A clear notice containing details about data processing, including rights and grievance redressal mechanisms, must be provided. The data collected should be limited to what is necessary for the specified purpose.
- Data Subject Rights: Users have the right to withdraw consent, rectify or erase data, and obtain a summary of their data and details of its sharing with third parties.
As per the passage, what are the rights included under the digital data protection law of India?
- 1, 2, 3, 4, 5 and 6
- 1, 2, 3, 5 and 6
- 1, 3, 5 and 6
- 1, 2, 3, and 6
The Correct Option is D
Solution and Explanation
- The right to obtain a summary of all collected data and to be informed of the identities of third-party entities with whom their data has been shared, along with a description of the data.
- The right to correction, completion, updating, and erasure of their personal data.
- The right to withdraw consent if it forms the basis for data processing, ensuring it is "free, specific, informed, unconditional and unambiguous with a clear affirmative action" for a specified purpose.
- The right to obtain redressal for grievances related to their personal data.
- The right to nominate individuals who will receive their data.
An Indian company collects personal data from its users to provide personalized services. The company intends to share this data with a third-party vendor for targeted advertisements. Under the digital personal data protection law in India, what must the company do before sharing the data?
- Obtain explicit consent from the users
- Share the data by inferring the uses, as it is for business purposes
- Encrypt the data and share it with the third-party vendor
- Inform the third-party vendor that the data is sensitive
The Correct Option is A
Solution and Explanation
- Obtain Explicit Consent: The company must secure explicit consent from users whose data is to be shared. The law mandates that the consent should be "free, specific, informed, unconditional and unambiguous with a clear affirmative action" and related to a specific purpose.
- Provide a Clear Notice: The company must provide consumers with a clear and comprehensive notice about what data will be collected, how it will be used, the identities of third parties involved, and the rights afforded to the individuals.
- Inform About Rights and Grievance Mechanism: Users must be informed about their rights concerning data protection, such as the right to withdraw consent and the redressal mechanism available for grievances.
- Limit Data Collection: The collected data should be limited to what is necessary for the specified purpose as addressed when obtaining user consent.
A social media platform processes user data based on the consent given during account creation. A user now wishes to withdraw consent to process their data. Under the digital personal data protection law in India, what must the platform do?
- Refuse to accept the withdrawal request since consent was already given
- Comply with the legal requirements and stop processing the data
- Continue processing the data but notify the user
- Allow withdrawal only after 30 days
The Correct Option is B
Solution and Explanation
The digital personal data protection law in India provides specific guidelines regarding the handling of user consent. According to this law, individuals have the right to withdraw their consent for data processing. The main aspects of the law relevant to this situation include:
- Fundamental Right to Privacy: The Indian Supreme Court has established that the right to privacy is a fundamental right, including informational privacy.
- User Rights: The law grants users the right to withdraw their consent for data processing at any time if their data processing is based on consent.
- Compliance Obligation: Once withdrawal of consent is requested, the data processor (in this case, the social media platform) must comply with the legal requirements and stop processing the individual's data.
- Grievance Redressal Mechanism: The platform must also provide a clear notice to the users about their rights and the grievance redressal mechanisms.
Given that the user wishes to withdraw consent, the platform is legally obligated to comply with the legal requirements and stop processing the data. This ensures adherence to user rights under the digital personal data protection law in India.
A financial institution collects biometric data from its clients for verification purposes. If the clients wish to know what data has been collected, under the digital personal data protection law in India, what right allows them to request this information?
- Right to Data Portability
- Right to Correction
- Right to Access
- Right to be Forgotten
The Correct Option is C
Solution and Explanation
According to the digital personal data protection law in India, individuals have been granted several rights concerning their personal data. One of these rights is particularly relevant when a client or individual seeks to know what data has been collected by a financial institution for verification purposes. This right is known as the "Right to Access".
The "Right to Access" enables individuals to request and obtain information concerning their personal data that has been collected by any entity. This includes the capability to receive a summary of all the data collected, as well as insights into who else might have received their data. This right is part of a broader attempt to ensure transparency and control for individuals over their personal data.
| Rights | Description |
|---|---|
| Right to Data Portability | Enables the transfer of data from one service provider to another. |
| Right to Correction | Allows individuals to correct inaccurate personal data. |
| Right to Access | Allows individuals to request and obtain information about their data collected by entities. |
| Right to be Forgotten | Permits the erasure of personal data when it is no longer necessary. |
Hence, when clients wish to know what biometric or other data a financial institution has collected about them, they can exercise their "Right to Access" to request this information.
Top Questions on Fundamental Rights and Duties
- Same-sex marriage has no legal recognition in India as per the recent Supreme Court's judgment, where it was decided that this is an issue for Parliament to address. While Hindu marriages between transgender persons and cisgender men are permissible, and the Court acknowledged systemic discrimination and the right to choose a partner, it held that there is no fundamental right to marry. The government has been urged to form a panel to consider granting more legal rights to same-sex couples, but the legal status of marriage remains unchanged for now. The five-judge bench of the Supreme Court of India in Supriya Chakraborty & Anr. v. Union of India (2023), in a majority verdict, ruled that there is no fundamental right to marry under the Indian Constitution, making it beyond the court's scope to legislate on same-sex marriage.
The Court stated that the power to legislate on same-sex marriage rests with the Parliament and state legislatures. The judgment affirmed constitutional rights for LGBTQ+ citizens and the right to choose a partner. The government agreed to set up a panel to explore legal rights and benefits for same-sex couples, though these benefits are not the same as those conferred by marriage. Same-sex couples cannot legally marry and do not receive the same legal rights, such as automatic inheritance, pension, or adoption rights, that legally married couples do. Despite the ruling, LGBTQ+ couples continue to face legal discrimination and have no social recognition of marriage. The Court affirmed the right of same-sex couples to cohabit privately. While the Supreme Court's verdict brought limited benefits and acknowledgments, it has not legalized same-sex marriage in India, deferring the ultimate decision to the Parliament. (279 words)
[Extracted, with edits and revisions, from "The Hindu", dated 27th October 2023]- CLAT - 2026
- Legal Studies
- Fundamental Rights and Duties
- Arrange the following as per the Articles of the Constitution of India: (A) Power of the Parliament to modify the Fundamental Rights
(B) Remedies for the enforcement of Fundamental Rights
(C) Freedom to manage religious affairs
(D) Abolition of Titles Choose the correct answer from the options given below:- CUET (PG) - 2025
- LLM
- Fundamental Rights and Duties
- Which one of the following Fundamental Rights are available to citizens only?
- CUET (PG) - 2025
- LLM
- Fundamental Rights and Duties
- What do you mean by Right to Life?
- Bihar Board XII - 2025
- Political Science
- Fundamental Rights and Duties
- From where was the term `equal protection of law' taken?
- Bihar Board XII - 2025
- Political Science
- Fundamental Rights and Duties
Questions Asked in CLAT exam
- In a language laboratory, students were given an interesting puzzle involving the word "ELECTROCARDIOGRAPH." The teacher explained that such exercises not only test logical skills but also sharpen attention to detail. According to the challenge, the word had to undergo a series of transformations. First, the class was asked to take the first half of the letters, reverse their order and make the arrangement of letters look quite different from the original. Next, the students were told to identify the last but one letter of the original word and place it at the very beginning, a step that changed the opening appearance of the sequence completely. Finally, as a finishing touch, they had to add the letter 'S' at the end. Following these steps carefully would lead them to the correct transformed word, and only those who adhered to each condition in the exact order could solve the puzzle successfully. (150 words)
- CLAT - 2026
- Coding Decoding
On the night of October 12th, the "Sunburst Medallion" was stolen from the highly secured display case in the city museum. The theft occurred sometime between the museum closing at 10:00 PM and the night guard, Mr. Hemant, completing his final round at 1:00 AM. Three primary suspects were identified, all of whom had recently been dismissed from their museum positions: Anjali, the former curator; Bharat, the former security expert; and Chitra, the former exhibits designer.
Here are the established facts and their alibis:
- The security system logs show that the display case was opened using a specific five-digit code, which only Anjali and the museum director (who was out of the country) knew.
- Bharat's alibi is that he was at a distant relative's birthday party from 8:00 PM to 1:30 AM. Multiple independent witnesses confirmed his presence throughout the entire period.
- Chitra's alibi is that she was working late at a downtown graphic design studio. A time-stamped security camera from the studio's entrance shows her entering at 7:00 PM and exiting at 11:45 PM. The studio is a 20-minute drive from the museum.
- Mr. Hemant, the night guard, stated he checked the medallion at 10:30 PM, and it was still there.
Further investigation revealed that a small, distinctive silver button was found near the display case. Anjali is known to frequently wear a coat with similar unique silver buttons. The security expert, Bharat, had previously boasted that he could remotely disable a certain type of magnetic lock—the same type used on the medallion's case—without needing the code, though the log suggests the code was used. (269 words)
- CLAT - 2026
- Assertion and Reason
In a small town lived a close-knit family where every relation could be expressed through simple symbols. For instance, when they said \( A \times B \), it meant \( A \) is the father of \( B \), while \( A \div B \) meant \( A \) is the mother of \( B \). The younger ones were often introduced with \( A + B \), meaning \( A \) was the daughter of \( B \), and the bond of brotherhood was shown by \( A - B \) (A is brother of B).
One day, the children in the family turned these symbols into a playful code. Instead of introducing their parents and siblings in words, they spoke only in symbols. “Look,” giggled little Meena, “\( M + N \div O \)!” Everyone laughed, because they knew it meant Meena was the daughter of \( N \), and \( N \) was the mother of \( O \), making her \( O \)’s sister. What started as a code soon became a family game, making the bonds of father, mother, daughter, and brother not just relations, but symbols of love and togetherness. (165 words)
- CLAT - 2026
- Blood Relations
Four teams – Red (R), Blue (B), Green (G), and Yellow (Y) – are competing in the final four rounds of the Inter-School Science Olympiad, labeled Round A, Round B, Round C, and Round D. Each round consists of one match between two teams, and every team plays exactly two matches. No team plays the same opponent more than once.
The final schedule must adhere to the following rules:
- Rule 1 (Consecutive Play): The Green team (G) must play their two matches in consecutive rounds.
- Rule 2 (Fixed Appearance): The Yellow team (Y) must play in Round B.
- Rule 3 (Positional Constraint): The Red team (R) must play against the Blue team (B) in a round that is immediately before a round in which neither R nor B is playing.
- Rule 4 (Timing): The Blue team's (B) first match must occur in an earlier round than the Green team's (G) first match.
- Rule 5 (Opponent Link): The team that plays against the Red team (R) in the round that is not against the Blue team (B), is the same team that plays in Round D.
(193 words)
- CLAT - 2026
- Seating Arrangement
Health insurance plays a vital role in ensuring financial protection and access to quality healthcare. In India, however, the extent and nature of health insurance coverage vary significantly between urban and rural areas. While urban populations often have better access to organized insurance schemes, employer-provided coverage, and awareness about health policies, rural populations face challenges such as limited outreach of insurance schemes, inadequate infrastructure, and lower awareness levels. This urban-rural divide in health insurance coverage highlights the broader issue of healthcare inequality, making it essential to analyze the factors contributing to this gap and explore strategies for more inclusive health protection. A state-level health survey was conducted.
The survey covered 1,80,000 adults across urban and rural areas. Urban residents formed 55% of the sample (that is, 99,000 people) while rural residents made up 45% (that is, 81,000 people). In each area, coverage was classified under four heads – Public schemes, Private insurance, Employer-provided coverage, and Uninsured. In urban areas, Public coverage accounted for 28% of the urban population, Private for 22%, Employer for 18%, and the remaining 32% were Uninsured. In rural areas, where formal coverage is generally lower, Public coverage stood at 35%, Private at 10%, Employer at 8%, while 47% were Uninsured.
For this survey, “Insured” includes everyone covered by Public + Private + Employer schemes, and “Uninsured” indicates those with no coverage at all. Officials noted that public schemes remain the backbone of rural coverage, while employer and private plans are relatively more prevalent in urban centres. (250 words)
- CLAT - 2026
- Ratio and Proportion