Data Theft Rules And Regulations_ Things You Should Know (Pt.2)

Data Theft rules and regulations_ Things you should know (Pt.2)

172 views

Share
Download

Embed
Email

From

Username or Email (please add comma after each username or email)

Name	Email

Back

Menu 3

Eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo.

SarthSharma

Uploaded on Apr 29, 2021

Category Computers & Mobile

The IT Act appears to be adequate in regards to data theft, it is insufficient in addressing the minute technical intricacies involved in such a crime, leaving gaps in the law and allowing the perpetrators to get away with it. Since this problem affects more than one country and has international implications, we have briefed the countries that have such law and how it works; Which will be covered in two parts.

Category Computers & Mobile

Comments

                     Data Theft rules and regulations_ Things you should know (Pt.2)
                     Data Theft rules and 
regulations: Things you should 
know (Pt.2)
Website : www.faidepro.com
Address :  417- Accurate Square, Tagore Road, 
Rajkot, India - 360002
E- Mail : [email protected]
Mobile No : +919510395794
8. Personal Data Protection Bill (PDPB) 
(India)
❏ On July 27, 2018, the national government’s “Srikrishna 
Committee” released its long-awaited draught legislation 
for a new Personal Data Protection Bill (PDPB). 
❏ The proposed mechanism aims to control how government 
and private entities (data fiduciaries) in India and abroad 
process personal data of individuals (data principals). It 
also explains how to gather, process, and store data.
Is India’s legal system adequate?
❏ The problem of data theft, which has emerged as one of the 
most significant cybercrimes in the world, has received little 
attention from Indian legislators. 
❏ Unlike the United Kingdom, which has the Data Protection Act of 
1984, India lacks clear legislation to address this issue, despite 
having the Information Technology Act of 2000 to address the 
ever-growing threat of cybercrime, including data theft. 
❏ The reality is that our Information Technology Act of 2000 is 
woefully inadequate to combat such crimes. The various 
provisions of the Information Technology Act of 2000 that deal 
with the issue to some degrees are discussed briefly below.
Is India’s legal system adequate?
➢ Section 43
❏ This section protects computer systems from 
destruction and unauthorised access by enforcing a 
heavy penalty of up to one crore. This section also 
covers the illegal uploading, retrieval, and copying of 
data. 
❏ This section’s clause ‘C’ imposes a penalty for the 
unintended introduction of computer viruses or 
pollutants. Clause ‘G’ outlines the consequences of 
assisting unauthorised entry.
Is India’s legal system adequate?
➢ Section 65
❏ This section contains the source 
code for computers. Anyone who 
knowingly or intentionally 
conceals, kills, alters, or allows 
another to do so faces a sentence 
of up to 3 years in prison or a fine 
of up to 2 lakh rupees. As a result, 
electronic source records have 
been shielded from tampering.
Is India’s legal system adequate?
➢ Section 66
❏ This section has been designed to protect against hacking. 
According to this section, hacking is described as any act 
committed with the purpose to cause wrongful loss or 
damage to another individual, or with the knowledge that 
wrongful loss or damage would be caused to another 
person, and information stored in a computer resource must 
be destroyed, erased, changed, or its value and usefulness 
diminished.
❏ The hacker faces a sentence of up to three years in prison or 
a fine of up to two lakh rupees, or both, under this clause.
Is India’s legal system adequate?
➢ Section 70
❏This section safeguards the information stored on the 
secured system. Safe devices are computers, computer 
systems, or computer networks that have been 
designated as such by the appropriate government by the 
publication of gazette information in the official gazette. 
❏Any access to that system, or any attempt to secure 
access to that system, in violation of the provisions of this 
section, would subject the person accessed to a penalty of 
up to ten years in prison and a fine.
Is India’s legal system adequate?
➢ Section 72
❏ This segment protects against data breaches in terms of 
confidentiality and privacy. According to this, anyone who 
has been given powers under the IT Act and related rules 
to secure access to any electronic record, book, log, 
correspondence, information paper, or other material and 
then discloses it to another person is punishable by up to 
two years in prison or a fine of up to one lakh rupees, or 
both.
9. Notifiable Data Breach (NDB) (Australia)
❏ On February 22, 2018, the Notifiable Data Breach 
(NDB) Scheme, which is part of Australia’s Privacy Act 
and contains 13 guidelines about organisations’ 
responsibility for personal data management, went 
into effect. 
❏ Companies that manage personal data, such as bank 
account information or medical records, must report 
data breaches to the Office of the Australian 
10. Administrative Data Security Measures 
(China)
❏ China’s Cyberspace Administration (the “Measures”) 
issued a draught of its Data Security Administrative 
Measures (the “Measures”) for public consultation on 
May 28, 2019. As a result, China has entered the list of 
countries calling for tighter data security laws around the 
world.
❏ The Measures add to China’s Cybersecurity Law, which 
went into force on June 1, 2017, by establishing strict and 
comprehensive rules for network operators who collect, 
store, distribute, process, and use data on Chinese soil.
10. Administrative Data Security Measures 
(China)
❏ Network operators who collect confidential personal 
information or critical data for the purpose of 
conducting business must register with the cyberspace 
administrative departments. 
❏ The Personal Information Protection Specification was 
released in March 2018, and it included comprehensive 
guidelines for data processing enforcement. 
❏ The Initiatives are structured to include legally binding 
technical standards and best practices in the field of 
data protection.
Is Data Theft protected by the IPC?
➢ The Indian Penal Code, Section 378, describes ‘theft’ 
as follows:
❏ Theft — Someone who moves movable property out of 
the hands of another person without that person’s 
permission with the intent of taking that property 
dishonestly is said to be committing theft.
Is Data Theft protected by the IPC?
➢ Movable property is described as follows in Section 22 of the I.P.C., 
1860:
❏ Land and objects attached to the earth or permanently fastened to 
something attached to the earth are excluded from the definition of 
movable property.
❏ Data is not protected under the concept of “theft” since Section 378 
I.P.C. only applies to movable property, i.e., corporeal property, and 
data is intangible. However, if Data is stored on a movable medium (CD, 
floppy disc, etc.) and the medium is stolen, the theft is protected under 
the concept of ‘theft.’ However, if Data is distributed electronically, 
rather than intangibly, it is not considered fraud under the IPC.
Is Data Theft protected by the IPC?
➢ Movable property is described as follows in Section 22 of the I.P.C., 
1860:
❏ Land and objects attached to the earth or permanently fastened to 
something attached to the earth are excluded from the definition of 
movable property.
❏ Data is not protected under the concept of “theft” since Section 378 
I.P.C. only applies to movable property, i.e., corporeal property, and 
data is intangible. However, if Data is stored on a movable medium (CD, 
floppy disc, etc.) and the medium is stolen, the theft is protected under 
the concept of ‘theft.’ However, if Data is distributed electronically, 
rather than intangibly, it is not considered fraud under the IPC.
Is Data Theft protected by the IPC?
➢ Movable property is described as follows in Section 22 of the I.P.C., 
1860:
❏ Data, in its intangible nature, can be compared to electricity at best. 
In the case of Avtar Singh vs. State of Punjab, the Hon’ble Supreme 
Court was asked if electricity could be stolen (AIR 1965 SC 666). 
❏ However, when Section 39 of the Electricity Act made Section 378 of 
the IPC applicable to electricity, it became explicitly protected under 
the scope of Theft. 
❏ As a result, it is critical that a clause similar to that found in the 
Electricity Act be incorporated into the IT Act of 2000, extending the 
scope of section 378 IPC to data theft in particular.
Summary
❏In today’s world, it is important for an emerging IT superpower like India 
to have robust legislation in place to protect its burgeoning IT and BPO 
industries (the worst-affected industries) from such crimes. 
❏Web Development Company are aware of these laws and legislations. 
Kindly check out for help. Though the IT Act appears to be adequate in 
this regard, it is insufficient in addressing the minute technical 
intricacies involved in such a crime, leaving gaps in the law and allowing 
the perpetrators to get away with it. 
❏Since this problem affects more than one country and has international 
implications, India should seek to become a signatory to any 
international convention or treaty on the subject. It is also past time for 
our national police forces to be equipped to deal with such crimes.
FaidePro
Website: https://faidepro.com
Blog: http://blogs.faidepro.com/
LinkedIn: https://in.linkedin.com/company/faidepro
Twitter: https://twitter.com/faidepro
Instagram: https://www.instagram.com/faidepro/
Facebook : https://www.facebook.com/Faidepro-103150408248729
Source: https://faidepro.medium.com/