Data protection law in India

Recently whatsapp updated its privacy policy in India which will allow it to share the business data on whatsapp with facebook. After the announcement there has been a situation of panic among the people af fear of data leak has arisen in the minds of people. Although whatsapp claims that there won’t be such a situation as only business data and no personal data will be shared with facebook but whatsapp’s credibility is doubtful as it has a different privacy policy for European countries. The announcement also comes in the backdrop of news of sensitive data leaks from companies like dominos and AirIndia although for quite some time news of data leaks from different companies has been coming but the issue is really serious now. To put this into context India saw a 37% increase in data leaks in 2020 and this year already cases of various data breaches have come out hence the question arises what framework does our government have for such data breaches.

Although India does not have any data protection law as vast as that of other countries especially European countries but information technology Act which was passed in 2000 provides legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication commonly referred to as electronic commerece which involve the use of alternative to paper based methods of communication and storage of information to facilitate electronic filing of documents with the government agencies.

The Act also defines cyber crimes and prescribes penalties for them.

Section 65- tampering with computer source document

Section 66- hacking wit a computer system

Section 67- publishing of information which is obscene in electronic form

Section 68- the power of controller to give direction

Section 69- directions of the controller to a subscriber to extend facilities to decrypt information

Section 70- protected system

Section 71- penalty for misrepresentation

The Act was amended in 2008amended in 2008 which introduced the following offences:

Section 66B- receiving stolen computer or communication device

Section 66C- using the password of another person

Section 66D- cheating using computer resource

Section 66E- publishing private images of others

Section66F- Acts of cyberterrorism

Section67A- publishing images containing sexual acts

Section67B-  publishing child porn or predating children online

Section67C- failure to maintain records

Section 72A- disclosure of information in breach of lawful contract

Section73- publishing electronic signature certificate false in certain particulars

Section74- publishing for the fraudulent purpose

The punishment for the above-mentioned offence can extend to imprisonment for life and or an indefinite amount of fine.

The act has faced a great amount of scrutiny and has been constantly criticized for its narrow scope and applicability as it seems ineffective concerning recent data leaks. The critics have also argued that the act does not deal sufficiently with the offence of data breach section-72A of the act which specifically deals with the offence of data breach states that section 72A- punishment for disclosure of information in breach of lawful contract. Saves as otherwise provided in this act or any other law for the time being in force any person including an intermediary who, while providing services under the terms of the lawful contract has secured access to any material containing personal information about another person with the intent to cause or knowing that he is likely to cause wrongful loss or wrongful gain discloses without the consent of the person concerned or in breach of a lawful contract such material to any other person shall be punished with imprisonment for a term which may extend to three years or with fine which may extend to five lakhs or with both.

Therefore in reaction to the rising cases of data breaches and the act’s low applicability in dealing with such breaches a committee was constructed in 2017 headed by Retd. Justice BN Srikrishna propose a statute on data protection committee tabled its opinion and the personal data Data Protection Bill was introduced by the Ministry of Electronics and Information Technology in 2018. The bill was not passed by the parliament and also received heavy criticism. The bill received heavy criticism because it was deemed to be giving excessive power to the state. Retd. Justice BN Srikrishnan himself termed the bill as having the ability to turn India into an Orwellian state hence a revised bill was introduced in the parliament in 2019.

The amended bill aims to provide for the protection of the privacy of individual relating to their data specify the flow and usage of personal data create a relationship of trust between persons and entities processing the personal data protect the fundamental rights of individuals whose personal data are processed to create a framework for organizational and technical measures in the processing of data laying down norms for social media intermediary, cross-border transfer, accountability of entities processing personal data remedies for unauthorized and harmful processing and to establish a data protection authority of India for the said purposes for matters connected therewith or incidental thereto. The bill was sent for further analysis expert analysis to a Joint Parliamentary Committee headed by a member of  Parliament Meenakshi Lekhi As of 2021 it is still with the committee and awaits introduction in the parliament.


Leave a Reply


2023#1 Canna Bitz CBD Gummies – 100% Original & Effective

Before using Canna Bitz CBD Gummies, you should know the details about this item. Here in this blog you will get complete information about it. Overall, this is a CBD medical supplement manufactured by a popular brand name, and luckily, this item is needed more than ever. The style of this article is very sharp. We […]

Read More

asbestos garage roof replacement

If your garage has an asbestos roof, it’s crucial to prioritize its replacement to ensure the safety of yourself, your family, and the environment. Asbestos, once widely used in construction due to its fire-resistant properties, has been linked to serious health risks, including lung cancer and mesothelioma. To eliminate these hazards, replacing your asbestos garage […]

Read More
Top 5 Ecommerce Certifications to Boost Your Resume

Top 5 Ecommerce Certifications to Boost Your Resume

If you are hoping to enter the ecommerce industry, you must ensure that your resume differentiates you from other candidates. The most effective method to accomplish this is getting certified in various ecommerce-related subjects. This blog post will outline the top five ecommerce certifications that will enhance your resume and provide you with the advantage […]

Read More