With the advancement in technology, the cyber-crimes are the order of the day. This crime knows no limit and boundaries. As of late Chinese hackers were accused by Government of United States for stealing their data and that too from the highly anchored system of Pentagon. Presently, one can undoubtedly envision if Pentagon isn’t safe then who else can be?
Recently, Ministry of health, Government of India’s website was hacked and all the links were directed to some pornographic websites. Likewise, cyber security of PMO was compromised. We can imagine the outcomes if some critical information may have been stolen. To ensure all these we require a solid cyber law as well as a viable cyber force to chip away at.
India being the biggest host of outsource information can be an obvious objective for cyber criminals for the most part because of absence of appropriate law. The Data Security Council of India (DSCI) and Department of Information Technology (DIT) should likewise revive their endeavors in such manner on the comparative lines.
Small Business Data Theft
As per Symantec’s 2016 Internet Security Threat Report, add up to online security breaches are up by 2% since 2014. Breaches with in excess of 10 million identities uncovered rose by 125%, and 431 malware variants have been included in 2015.
Thousands of small private companies are presented to email threats, malicious software, or spam bots daily. Intellectual property and competitive innovations are compromised. Startups are forced to close due to threat to sensitive data.
Presently the question is, being a noteworthy Super power in IT division, would India be able to bear to manage this important issue, in the way in which it has managed in the amendments to the IT Act?
Requirement for Separate Legislation in India
With the evolution in IT and BPO sectors, Indian organizations handle and have access to all sort of sensitive data of people over the world. It includes financial information, credit card details, and even medical history. These data are stored in electronic medium and is vulnerable in the hands of the employees. There have been numerous occurrences where this information is stolen. These ongoing patterns in the Indian IT segment have raised worries about data privacy.
Dealing with law, there is no express law dealing in India with the data protection. In spite of the fact that a bill was presented in the parliament in 2006, it is yet to see the light of the day. That bill is by all accounts on the framework of European Union Data Privacy Directive 1996. Note that pertinence of that bill was restricted to “Personal Data”.
Bills provides for both government and in addition private ventures occupied with data collection. Also, the appointment of “Data Controllers”, with general superintendence and adjudicatory jurisdiction over subjects, secured by the bill. It also includes penal sanctions to be imposed on offenders in addition to compensation for damages to victims. The bill was a positive step. But, because of the paucity of information, the bill is as yet pending.
IT Act has been amended in 2008 to address the evolving challenges of the cyber-crime. However, these amendments are still unable to deal with the present scenario. The amendment has added two provisions that have a strong bearing on data protection. These are section 43A and 72A. But the provisions pertaining to data security and privacy are terribly inadequate.
India Gears Up For Data Protection Law
Till now, privacy law in India provides little protection against misuse of your personal data. The transfer of personal data is currently administered by the SPD Rules (Sensitive Personal Data and information, 2011), which has progressively turned out to be inadequate.
The proposed Data Protection Bill 2018basically makes individual consent key to data sharing. The report notes that the right to privacy is a fundamental right. Unless you have given your free or explicit consent, your personal data can’t be shared or processed. Your data should be processed only for the purposes it was proposed for in any case.
If we analyze the present phase of data processing laws in India with the countries of Europe and USA, then we find that these countries are long ways ahead of India in this regard. Those countries have specific and comprehensive laws related to data protection and privacy.
There is one more thing that should be noted that different categorization of different types of data should be there as per the utility and importance. So, scheme that should be based on the categorical division of data as like USA, and even in the EU, is required. Although there is no such categorical division but still some type of data is defined as sensitive data; for the disclosure of this sensitive data.
A complete data security law is the need of hour in India. We also required to prepare practical guidelines that what type of personal data can be provided to others in specific circumstances, and what should not so, there are complexities as in case of UK. On the off chance that we go for the sanctioning of a comprehensive data protection law then it would lessen the cases of data theft and more and more number of foreign companies and firms would be interested in developing their business in India; it would work like a boom to Information Technology in India.
 Bharati Vidyapeeth (Deemed to be University), New Law College, Pune.
 Scroll Staff, Porn surfing by ministry staff compromised systems every two months, says former home secretary, Scrol.in (December 19, 2019), https://scroll.in/latest/875361/porn-surfing-by-ministry-staff-compromised-systems-every-two-months-says-former-home-secretary
 Al Gomez, 7-shocking-statistics-small-business-data-theft, business2community, (November 9, 2016) https://www.business2community.com/cybersecurity/7-shocking-statistics-small-business-data-theft-01702419
 Rohas Nagpal, Fundamentals of Cyber Law, 21 (2017).
 Data Protection Laws in India, Law Teacher, (Feb, 02, 2018)https://www.lawteacher.net/free-law-essays/business-law/.php
 Radhika Merwin, All-you-wanted-to-know-about, The Hindu Businessline, (August 06, 2018), https://www.thehindubusinessline.com/opinion/columns/slate/all-you-wanted-to-know-about/article24617362.ece,
Supra note 6.