Skip to main content

Privacy under Information Technology Law

 


Author: DCRK ASHOK, REVA UNIVERSITY 



Introduction

                        Social media is influencing people in a drastic manner. Every individual is spending their bare minimum amount of time on this social media which is leading to one of the largest databases which are stored in multinational companies which they tend to use for monetary value. privacy in the social media which led to a very crucial issue which we are not able to tackle the situation. In an example, any studio outlet once you suggest that they can immediately do that social media influence is in so much demand that it leads to the delicate or suppressing issue.

                                According to survey conducted bya grou , 50% of the population keep their accounts in a privacy mode and  another 50% in public. efforts were being implemented  to tackle the privacy issue which is so crucial that in the year 2019 there are more than 1,000,0000 social media accounts data was breached into the cyber space

                                                                The Internet led to so many improve,ent in the world communication and others aspects of the internet. each and every state is dependent on internet, starting from the schools to employment where there is an immense chance of leaking the data. 

                            In April 2019, the Mumbai-based local search engine Justdial was hit by a data breach that leaked details, including names, mobile numbers, email ids, occupations and addresseof nearly 10 crore (100 million) users: https://www.businesstoday.in/technology/story/sbi-data-leak-what-happened-sbi-data-breach-financial-data-168220-2019-02-01


                In November 2020, the bangalore-based online grocer bigbasket suffered a data breach that leaked the details of their over 2 crore users, including email IDs, phone numbers, order details, and addresse.- https://indianexpress.com/article/explained/explained-how-big-is-the-bigbasket-data-breach-7026688/

On 22 May 2021, it was reported that Dominos India, subsidiary of Jubilant FoodWorks, had witnessed a cyberattack and the data of 18 crore orders were leaked on the dark web including order details, email addresses, phone numbers and credit card details-https://www.indiatoday.in/technology/news/story/leaked-data-of-dominos-india-users-now-available-on-search-engine-created-by-hacker-1805595-2021-05-22

  One of the largest reported data leaks as of January 2020 was the early 2018 security breach of India's national ID database Aadhaar, with over 1.1 billion records lost. This included biometric information such as iris and fingerprint scans which could be used to open bank accounts and receive financial aid, among other government services. Two years before this a 2014 hack of online platform Yahoo was uncovered, affecting at least 500 million users' accounts. In December 2016, the company revealed another hack dating back to 2013, which affected 1 billion user records. The impact of the second reported Yahoo hack was updated in October 2017, when the company revealed that 3 billion accounts had been affected, making it one of the largest data breaches of this type to date:-https://www.statista.com/statistics/290525/cyber-crime-biggest-online-data-breaches-worldwide


 The royalty of the multinational companies in the greediness of the employees sometimes leads to the infringement of the privacy off an  individual, In  India right to privacy is a  fundamental right, where which it is absolute with certain restrictions for any person to have The big images like Domino's Nike Facebook and visa were the victims of cyber-attacks which led to the publication of so many individuals privacy.

Right to privacy is an individual accessory by the birth of any citizen which means every individual should be left alone to do his work and shouldn’t be interfered between. Right privacy is a natural right.

                                    Right to privacy in India is mentioned under article 21 of the constitution and is very crucial for any person. The preamble of the Indian constitution itself states the word liberty, it’s so important that all our laws are based on those principles of preamble , it can be any law made in the sense of rights of the citizens which are enforceable. The question was lifted in the case of kharak Singh v. State of UP AIR 1963 Sc 1295-( https://privacylibrary.ccgnlud.org/case/kharak-singh-vs-state-of-up)  the court held that the surveillance kept under the appellant does not violate the fundamental privacy rights. As he is a criminal These views somehow diverted from the views of the Supreme Court wherein Justice Frankfurter believed that the security of one’s privacy is basic to a free society and hence, it should be protected from unreasonable intrusion from police authorities. However, the supreme court held that the right to privacy is a fundamental right but however it is subjected to restrictions.

 The  use of the internet is expansionary increasing and its risky for the world as the growth is increased its easy to exploit the citizens. Social media is one such area where the governmenets were not able to fulfill the idea of privacy.

 The Information Technology Act and the Rules 

provide for protection to the information shared on the internet by the user. The protection can be summarized as follows-

    These provisions require the corporate bodies to implement and maintain reasonable security practices concerning the information that they receive, store, deal with, transfer, etc.

  The corporate bodies must declare their privacy policy to the user and obtain their consent to the same.-  Section 43A of the Act and Rule 4 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.


    It is necessary to obtain the consent of the users before collecting any sensitive information and to state the lawful purposes for which the same shall be used by the corporate body.- Section 43A of the Act and Rule 5(1) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 



    The rules prohibit the retention of the information collected beyond a reasonable time for the purpose for which it is collected.-] Under Section 43A, any body corporate that fails to observe data protection norms may be liable to pay compensation if it is negligent in implementing and maintaining reasonable security practices, and thereby causes wrongful loss or wrongful gain to any person. "Wrongful loss" and "wrongful gain" have been defined by Section 23 of the Indian Penal Code.

  The rules require the corporate bodies to allow the user to access the information that has been shared and to correct it if the user intends.-  Section 43A of the Act and Rule 5(6) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011


   It is also provided that any failure on the part of a corporate body in this regard shall attract a penalty in the form of compensation to the person affected by any such failure and may also result in incurring a criminal liability if the consequence of any such failure is wrongful loss or gain.- Under Section 43A, any body corporate that fails to observe data protection norms may be liable to pay compensation if it is negligent in implementing and maintaining reasonable security practices, and thereby causes wrongful loss or wrongful gain to any person. "Wrongful loss" and "wrongful gain" have been defined by Section 23 of the Indian Penal Code


 The law also provides for the grievance mechanism, which can be used by the affected person to claim the remedy for a privacy violation.-  Section 43A of the Act and Rule 5(9) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011


   The Act provides for stringent punishments for the offenses like hacking, sending offensive messages, voyeurism, child pornography, etc. The protection is also provided to the copyrighted data by disallowing any use of this data without proper authorization.- Sec.66 and all its subsections of IT Act. 2000


  The cybercafés are regulated by providing for different security measures to be adopted by them and also for their timely inspection in this regard by the authorities created there forth.-  Information Technology (Guidelines for Cyber Cafe) Rules, 2011


                                       The Internet Service Providers are entitled to licenses in India provided they follow the condition of adopting all necessary measures for privacy protection and information security. The telecom Regulatory Authority of India, which is responsible for maintaining and regulating the standards of telecom services in India, has also framed guidelines for the unsolicited telemarketing calls, etc., which also make serious inroads into the privacy of an individual in  India.- Telecom Commercial Communications Customer Preference Regulations 2010.

                                               The absolute protection of privacy on the internet as discussed above is difficult to imagine and achieve. However, in the present IT age, it is not equally advisable to stay away from its use. The cyber experts and the regulators at a national and international level are already busy unfolding how the threat to the privacy of the individual on the net can be minimized. The evolution of the technology and the law for the same is already on the move.

                                                   The self-restraint by the users on their ‘web habits’ is the basic solution that may yield positive results in this direction. The user must understand the potential risks of unmindful and unsecured use of the internet. It is necessary to exercise due diligence in sharing personal information of various nature from being disclosed on the internet. 

                                                     It is also necessary for the internet users especially the young internet users develop in themselves a sense of responsibility towards their personal information, while using the fast-growing social networking phenomenon. These networking websites have some inbuilt security measures, whereby the users can restrict the sharing of information to the desired recipients only, which must be used and banked upon by the users. The computer system used for internet transactions must be properly protected and secured, by installing various security and privacy preferences. Internet users mustn't use public cyber cafés for important internet transactions without ensuring the security measures adopted therein. It is important to log out before the user closes the system or leaves it  unattended.

                                                      Online shopping must be preferred by the web portals that assure users of the highest security of the information that is shared with them. The software updates must be properly installed, the unused accounts must be closed and strong passwords must be used to enhance security. The web service providers and the internet service providers also are under an obligation not to ply with the privacy of the internet users and shall adopt all the necessary measures to ensure maximum protection for them.





conclusion 

Privacy become such an important aspect in our real life that we need to safe guard it all the times, in 2017 supreme court held that  right to privacy is a fundamental right. the infingement of privacy in cyber world is emeneint and it need to be controled with active legislations and regulations.


Comments

  1. You deserve thanks for your commitment to bringing the public such vital information.

    ReplyDelete

Post a Comment

Share your views

Popular posts from this blog

Registration of LLP and Laws

  Name – Shweta Pandit College - National Law School Of India University, Bangalore. Introduction- LLP(Limited Liability Partnership) is a limited liability company, you will find the characteristics of both a corporation and a partnership in this form of a company. LLP came into effect in 2008 when the Limited Liability Partnership Act was passed in India..  LLP- Limited Liability Partnership, is a partnership where partners have limited liability and are responsible only for the loss/damage created by themselves and not by any of their partner or partners. Partners in LLP have a fair share of say in the workings of the business.  Registration of LLP- It is a long process to register a LLP, the few steps involved in the process are discussed as follows: First step is to get the DSC, which is a Digital Signature Certificate from the government agencies such as E-Mudra, NSDL, IDRBT Certifying Authority, National Informatics Center, CDAC and each agency has its own costs of providing ser

Indian Depository Receipts: Requisites and Benefits

  Yash Miniyar Maharashtra National Law University, Aurangabad A. INTRODUCTION Depository Receipts are a form of transferable instruments, which aid in the flow of general trade in a stock exchange at a given time. They are classified as financial securities in the form of equity that are issued by listed companies. The depository receipt is a form of certificate which denotes the valid holding of the security or shares of a given company. One of the most recognised and busiest forms of depository receipts in the world is the American Depository Receipts, which allows in trading of shares or securities of foreign companies. These receipts act as a form of investment for potential investors in order to diversify their assets and hold shares of their desired companies. This not only allows the economic diversification but also the geographic diversification. These depositories act as mediums to curb the hindrances or the obstacles which prevented people from making foreign investments,

Attestation , Revocation, Alteration and Revival of Wills

  Author: Amit Sheoran, Symbiosis Law School, Nagpur People were worried about their lives after the corona pandemic. Because in Corona, no one was aware that anything could happen at any time. That is why they start thinking that if they die, then what will happen with their property and, as a result, they start making plans. A question arises in our mind after hearing the word will. What is will? It is defined under 2(h) of the Indian Succession Act, 1925. A will is a testamentary document by which a person bequeaths his property in the name of any other person. It will be effective after the death of the testator. The property will devolve on the person in whose favour it is bequeathed after the death of the testator. A will can be changed, revoked, or altered at any point of time after it is made. A will can be written more than once.All wills are revocable at any time during the life of the person and are confidential documents. A will can be attested, revoked, altered, and also r