Title: Data Theft rules and regulations: Things you should know (Pt.2)
1Data Theft rules and regulations Things you
should know (Pt.2)
- Website www.faidepro.com
- Address 417- Accurate Square, Tagore Road,
Rajkot, India - 360002 - E- Mail faidepro_at_gmail.com
- Mobile No 919510395794
28. Personal Data Protection Bill (PDPB) (India)
- On July 27, 2018, the national governments
Srikrishna Committee released its long-awaited
draught legislation for a new Personal Data
Protection Bill (PDPB). - The proposed mechanism aims to control how
government and private entities (data
fiduciaries) in India and abroad process personal
data of individuals (data principals). It also
explains how to gather, process, and store data.
3Is Indias legal system adequate?
- The problem of data theft, which has emerged as
one of the most significant cybercrimes in the
world, has received little attention from Indian
legislators. - Unlike the United Kingdom, which has the Data
Protection Act of 1984, India lacks clear
legislation to address this issue, despite having
the Information Technology Act of 2000 to address
the ever-growing threat of cybercrime, including
data theft. - The reality is that our Information Technology
Act of 2000 is woefully inadequate to combat such
crimes. The various provisions of the Information
Technology Act of 2000 that deal with the issue
to some degrees are discussed briefly below.
4Is Indias legal system adequate?
- Section 43
- This section protects computer systems from
destruction and unauthorised access by enforcing
a heavy penalty of up to one crore. This section
also covers the illegal uploading, retrieval, and
copying of data. - This sections clause C imposes a penalty for
the unintended introduction of computer viruses
or pollutants. Clause G outlines the
consequences of assisting unauthorised entry.
5Is Indias legal system adequate?
- Section 65
- This section contains the source code for
computers. Anyone who knowingly or intentionally
conceals, kills, alters, or allows another to do
so faces a sentence of up to 3 years in prison or
a fine of up to 2 lakh rupees. As a result,
electronic source records have been shielded from
tampering.
6Is Indias legal system adequate?
- Section 66
- This section has been designed to protect against
hacking. According to this section, hacking is
described as any act committed with the purpose
to cause wrongful loss or damage to another
individual, or with the knowledge that wrongful
loss or damage would be caused to another person,
and information stored in a computer resource
must be destroyed, erased, changed, or its value
and usefulness diminished. - The hacker faces a sentence of up to three years
in prison or a fine of up to two lakh rupees, or
both, under this clause.
7Is Indias legal system adequate?
- Section 70
- This section safeguards the information stored on
the secured system. Safe devices are computers,
computer systems, or computer networks that have
been designated as such by the appropriate
government by the publication of gazette
information in the official gazette. - Any access to that system, or any attempt to
secure access to that system, in violation of the
provisions of this section, would subject the
person accessed to a penalty of up to ten years
in prison and a fine.
8Is Indias legal system adequate?
- Section 72
- This segment protects against data breaches in
terms of confidentiality and privacy. According
to this, anyone who has been given powers under
the IT Act and related rules to secure access to
any electronic record, book, log, correspondence,
information paper, or other material and then
discloses it to another person is punishable by
up to two years in prison or a fine of up to one
lakh rupees, or both.
99. Notifiable Data Breach (NDB) (Australia)
- On February 22, 2018, the Notifiable Data Breach
(NDB) Scheme, which is part of Australias
Privacy Act and contains 13 guidelines about
organisations responsibility for personal data
management, went into effect. - Companies that manage personal data, such as bank
account information or medical records, must
report data breaches to the Office of the
Australian
1010. Administrative Data Security Measures (China)
- Chinas Cyberspace Administration (the
Measures) issued a draught of its Data Security
Administrative Measures (the Measures) for
public consultation on May 28, 2019. As a result,
China has entered the list of countries calling
for tighter data security laws around the world. - The Measures add to Chinas Cybersecurity Law,
which went into force on June 1, 2017, by
establishing strict and comprehensive rules for
network operators who collect, store, distribute,
process, and use data on Chinese soil.
1110. Administrative Data Security Measures (China)
- Network operators who collect confidential
personal information or critical data for the
purpose of conducting business must register with
the cyberspace administrative departments. - The Personal Information Protection Specification
was released in March 2018, and it included
comprehensive guidelines for data processing
enforcement. - The Initiatives are structured to include legally
binding technical standards and best practices in
the field of data protection.
12Is Data Theft protected by the IPC?
- The Indian Penal Code, Section 378, describes
theft as follows - Theft Someone who moves movable property out of
the hands of another person without that persons
permission with the intent of taking that
property dishonestly is said to be committing
theft.
13Is Data Theft protected by the IPC?
- Movable property is described as follows in
Section 22 of the I.P.C., 1860 - Land and objects attached to the earth or
permanently fastened to something attached to the
earth are excluded from the definition of movable
property. - Data is not protected under the concept of
theft since Section 378 I.P.C. only applies to
movable property, i.e., corporeal property, and
data is intangible. However, if Data is stored on
a movable medium (CD, floppy disc, etc.) and the
medium is stolen, the theft is protected under
the concept of theft. However, if Data is
distributed electronically, rather than
intangibly, it is not considered fraud under the
IPC.
14Is Data Theft protected by the IPC?
- Movable property is described as follows in
Section 22 of the I.P.C., 1860 - Land and objects attached to the earth or
permanently fastened to something attached to the
earth are excluded from the definition of movable
property. - Data is not protected under the concept of
theft since Section 378 I.P.C. only applies to
movable property, i.e., corporeal property, and
data is intangible. However, if Data is stored on
a movable medium (CD, floppy disc, etc.) and the
medium is stolen, the theft is protected under
the concept of theft. However, if Data is
distributed electronically, rather than
intangibly, it is not considered fraud under the
IPC.
15Is Data Theft protected by the IPC?
- Movable property is described as follows in
Section 22 of the I.P.C., 1860 - Data, in its intangible nature, can be compared
to electricity at best. In the case of Avtar
Singh vs. State of Punjab, the Honble Supreme
Court was asked if electricity could be stolen
(AIR 1965 SC 666). - However, when Section 39 of the Electricity Act
made Section 378 of the IPC applicable to
electricity, it became explicitly protected under
the scope of Theft. - As a result, it is critical that a clause similar
to that found in the Electricity Act be
incorporated into the IT Act of 2000, extending
the scope of section 378 IPC to data theft in
particular.
16Summary
- In todays world, it is important for an emerging
IT superpower like India to have robust
legislation in place to protect its burgeoning IT
and BPO industries (the worst-affected
industries) from such crimes. - Web Development Company are aware of these laws
and legislations. Kindly check out for help.
Though the IT Act appears to be adequate in this
regard, it is insufficient in addressing the
minute technical intricacies involved in such a
crime, leaving gaps in the law and allowing the
perpetrators to get away with it. - Since this problem affects more than one country
and has international implications, India should
seek to become a signatory to any international
convention or treaty on the subject. It is also
past time for our national police forces to be
equipped to deal with such crimes.
17FaidePro
- Website https//faidepro.com
- Blog http//blogs.faidepro.com/
- LinkedIn https//in.linkedin.com/company/faidepro
- Twitter https//twitter.com/faidepro
- Instagram https//www.instagram.com/faidepro/
- Facebook https//www.facebook.com/Faidepro-10315
0408248729 - Source https//faidepro.medium.com/