Let's Build a Responsible Cyber Society


Suggestion IV:  Data Protection:
.

 

 It is recommended that a separate “Data Protection Act” may be considered with a definition of “Privacy Rights “of Indian Citizens defining responsibilities of data intermediaries, processors and users.

 Information Technology Act recognizes “Data Theft” as an Offence under Section 66 and as a Contravention under Section 43. Digital Signature provides the means for data encryption and accountability in storage and transmission. Adjudication covers the need for quick dispensation of justice in respect of civil liabilities. Hence there is adequate coverage of data theft from the point of view of the industry.  

Hence no amendment is required in the Information Technology Act on this account.  

However, if it is considered expedient to pass an amendment to assure the International community that India has strengthened the laws after the recent incidents, an amendment may be suggested to provide some clarification on data protection as an expansion of Section 43.

Suggested that the following section may be added in Chapter IX:

 (XY)

 Whoever,

 collects, stores, processes or otherwise manages data of personal nature belonging to a data subject, in any manner shall take such steps as may be necessary to ensure that the data is collected on a strict need basis, stored securely and accessed only on a need to know basis and in the event such data is compromised, shall be liable to pay damages to the data subject for a sum not exceeding RS 1 crore. 

(Comments welcome)

Naavi

July 5, 2005

For Structured Online Courses in Cyber laws, Visit Cyber Law College.com

 

Back To Naavi.org