Data Protection Laws of India
December 26, 2010 by Personal Privacies
Filed under Information privacy law
Data Protection Laws of India
Free Online Articles Directory
Why Submit Articles?
Top Authors
Top Articles
FAQ
AB Answers
0 && $.browser.msie ) {
var ie_version = parseInt($.browser.version);
if(ie_version Hello Guest
Login
Register
Hello
My Home
Sign Out
Email
Password
Remember me?
Lost Password?
Home Page > Law > National, State, Local > Data Protection Laws of India
Data Protection Laws of India
Posted: Aug 26, 2008 |Comments: 1
| Views: 1,154 |
]]>
In the recent years India has emerged as one of the preferred destinations for offshore business outsourcing. Financial services, educational services, legal services, banking services, healthcare services, marketing services and telecommunication services . The factors that have turned India into one of the hotspots for offshore outsourcing are the educated and unemployed masses, enterprising nature of Indians who have excellent spoken English skills and relatively cheap labour.
In June 2005, one BPO was in the eye of the storm when one of its employees sold personal data belonging to a large number of British nationals to an undercover reporter from the British tabloid ‘The Sun’. The incident sparked off a debate among the offshore industry circles, media and the legal world as to how safe foreign data is in Indian hands. The discussions were also veered towards the need for some kind of protection for personal data in India which is absent currently.
Data Protection Issues have time and again raised concern in the authorities about the cyber extortion, privacy, confidentiality, data protection and national security. With the increasing penetration in the online usage of more and more people towards internet, e-banking, e-shopping etc. the concerns of data protection and related issues are growing day by day.
Privacy is closely connected to Data Protection. An individual’s data like his name address, telephone numbers, profession, family, choices, etc. are often available at various places like schools, colleges, banks, directories, surveys and on various web sites.
Passing on such information to interested parties can lead to intrusion in privacy like incessant marketing calls.
It would be a misnomer to say that India does not have ‘data protection’ legislation at all.
This is factually wrong. The fact is that there exists data protection legislation in India.
The subject matter of data protection and privacy has been dealt within the Information
Technology Act, 2000 but not in an exclusive manner.
Data protection is not a subject in any of the three lists in Schedule VII of the
Constitution of India. But Entry 97 of List 1 states: “any other matter not enumerated in
List II and List III …….” Thus only the Indian Parliament is competent to legislate on
data protection since it can be interpreted as any other matter not enumerated in List II
and List III.
Data protection is, thus, a Central subject and only the Central Government is competent
to frame legislations on issues dealing with data protection. In fact, the Information
Technology Act, 2000,and the Indian Copyright Act, 1957 , enacted by the Indian Parliament are the main legislations in this field, which contains provisions on data protection. There is also a proposed Personal Data Protection Bill, 2006, which deals with the protection of personal data.
THE INFORMATION TECHNOLOGY ACT, 2000
The Indian Parliament enacted an Act called the Information Technology Act, 2000. It
received the assent of the President on the 9th June, 2000 and is effective from 17th October, 2000. This Act is based on the Resolution A/RES/51/162 adopted by the General Assembly of the United Nations on 30th January, 1997 regarding the Model Law
on Electronic Commerce earlier adopted by the United Nations Commission on International Trade Law (UNCITRAL) in its twenty-ninth session.
It was a foresight on the part of the Government of India to initiate the entire process of
enacting India’s first ever information technology legislation in the year 1997 itself.
It is significant to note that by enactment of the Information Technology Act, 2000, the
Indian Parliament provided a new legal idiom to data protection and privacy. The main
principles on data protection and privacy enumerated under the Information Technology
Act, 2000 are:
(i) defining ‘data’, ‘computer database’, ‘information’, ‘electronic form’, ‘originator’, ‘addressee’ etc.
(ii) creating civil liability if any person accesses or secures access to computer, computer system or computer network
(iii) creating criminal liability if any person accesses or secures access to computer, computer system or computer network
(iv) declaring any computer, computer system or computer network as a protected system
(v) imposing penalty for breach of confidentiality and privacy
(vi) setting up of hierarchy of regulatory authorities, namely adjudicating officers, the Cyber Regulations Appellate Tribunal etc.
Further, the Information Technology Act, 2000 defines certain key terms with respect to data protection, like access [S.2 (1)(a)], Computer [S.2 (1)(i)], Computer network [S.2 (1)(j), Computer resource [S.2 (1)(k)], Computer system [S.2 (1)(l)], Computer database
[S.43, Explanation (ii)],Data [S.2 (1)(o)], Electronic form [S.2 (1)(r)], Electronic record
[S.2 (1)(t], Information [S.2 (1)(v)], Intermediary [S.2 (1)(w)], Secure system [S.2(1)(ze)] and Security procedure [S.2 (1)(zf)].
Civil liability in case of data, computer database theft, privacy violation etc.
The Act provides a complete Chapter (Chapter IX) on cyber contraventions, i.e., section
43 (a) – (h) which cover a wide range of cyber contraventions related to unauthorised
access to computer, computer system, computer network or resources.
Section 43 of the Act covers instances such as: (a) computer trespass, violation of privacy
etc. (b) unauthorised digital copying, downloading and extraction of data, computer
database or information;. theft of data held or stored in any media, (c) unauthorised
transmission of data or programme residing within a computer, computer system or
computer network (cookies, spyware, GUID or digital profiling are not legally
permissible), (d) data loss, data corruption etc., (e) computer data/database disruption,
spamming etc., (f) denial of service attacks, data theft, fraud, forgery etc., (g)
unauthorised access to computer data/computer databases and (h) instances of data theft
(passwords, login IDs) etc.
Criminal liability in case of data, computer database theft, privacy violation etc.
The Act also provides a complete Chapter (Chapter XI) on cyber offences, i.e., sections
65-74 which cover a wide range of cyber offences, including offences related to unauthorised alteration, deletion, addition, modification, alteration, destruction, duplication or transmission of data, and computer database.
For example, section 65 [Tampering with computer source documents] of the Act is not
limited to protecting computer source code only, but it also safeguards data and computer
databases; and similarly section 66 [Hacking with Computer System] covers cyber offences related to (a) Illegal access, (b) Illegal interception, (c) Data interference, (d)
System interference, (e) Misuse of devices, etc.
Interestingly, section 72 [Penalty for breach of confidentiality and privacy] is aimed at
public (and private) authorities10, which have been granted power under the Act to secure
access to any electronic record, book, register, correspondence, information, document or
other material information. The idea behind the aforesaid section is that the person who has secured access to any such information shall not take unfair advantage of it by disclosing it to the third party without obtaining the consent of the disclosing party.
INDIAN COPYRIGHT ACT, 1957 protects “Databases” as ‘literary works’ under Section 13 (1) (a) of the Act which says that Copyright shall subsists throughout India in original literary, dramatic, musical and artistic works
Copyright Act 1957 – Section 2(6)–Literary work–Compilation of list of clients /customers developed by a person by devoting time, money, labour and skill amounts to a literary work wherein the author has a copyright.
Section 2(o) defines `literary work’ to include (among others) computer programmes, tables and compilations including computer databases.. Under section 14, literary work is one of the items wherein exclusive rights can be claimed so as to amount to copyright. Under Section 17(c) if a work is made in the course of other’s employment under a contract of service or apprenticeship it is the employer who is the first owner of the copyright therein in the absence of any agreement to the contrary.
THE PERSONAL DATA PROTECTION BILL, 2006 : The purpose of this bill is to provide protection of personal data and information of an individual collected for a particular purpose by one organization, and to prevent its usage by other organization for commercial or other purposes and entitle the individual to claim compensation or damages due to disclosure of personal data or information of any individual without his consent and for matters connected with the Act or incidental to the Act.
Section 2 (c) defines “personal data” as information or data which relate to a living individual who can be identified from that information or data whether collected by any Government or any private organization or agency.
The personal data of any person collected for a particular purpose or obtained in connection with any transaction, whether by appropriate Government or by any private organization, shall not be put to processing without the consent of the person concerned. Provided that personal data of any person may be processed for any of the following
purposes:—
(a) the prevention or detection of crime;
(b) the prosecution of offenders; and
(c) the assessment or collection of any tax or duty.
Provided further that no consent of the individual shall be required if the personal data details of the individual are obtained through sources which have been made public.
Provisions contained in this Act are relates to data to be obtained of any person collected by an organization whether government or private, shall not be disclosed to any other organization for the purposes of direct marketing or for any commercial gain and if there is a contravention to this the person shall be entitled to compensation in addition to imprisonment for a term, which may extend to three years or with fine, which may extend upto ten lakh rupees or with both if contravenes or attempts contravene or abets the contravention of any provisions.
If the person committing the contravention is a company, then , every person who, at the time the contravention was committed, was in charge of, and was responsible to, the company for the conduct of business of the company as well as the company, shall be guilty of the contravention and shall be liable to be proceeded against and punished accordingly:
Data controllers have been proposed to be appointed to look upon the matters relating to violation of the proposed Act
JUDICIAL APPRAISAL
· In the matter of Himalaya Drug Company V/s. Sumit 2006(32) PTC 112 (DEL), the Delhi High Court proceeded ex-parte against the defendant who admitted to pass a Herbal Data Base as that of plaintiff’s and violated the trade dress.
The Delhi High Court not only restrained the defendant by an order of permanent injunction from reproducing, communicating to the public, adopting, using or infringing in any other manner the plaintiff’s Copyright in the Herbal Data Base as well as each Herbal Write-up /Description that comprises the Herbal Data Base, but also awarded punitive damages to the extent of Rs. 8 lacs.
· In the recent case of, Daljit Titus, Advocate & Ors. V/s. Alfred A. Adevare & Ors. 2006(32) PTC 609 (DEL), the Delhi High Court protected the works done by the defendant in the plaintiff’s law firm as an employee of the firm for the benefit of clients of the plaintiff under their contract of service.
It observed that the defendants were free to carry on their profession, utilize the skills and information they had mentally retained, but restrained them from using the copied material of the plaintiff in which the plaintiff alone has a right. The defendants were also restrained to utilize the agreements, due diligence reports, list of clients and all such materials which came to their knowledge or have been developed during their relationship with the plaintiff.
The above case raise the issue of well drafted contracts before entering into any kind of relationship with the parties. It envisaged the need of the proper clauses to be drafted as to the dealing of Data, Computer Data Base while in relationship or at the termination of such agreements. Para 6.28 of P.Narayanan on Copyright and Industrial Design – (Third Edition) says that “Whenever an employee of a Solicitor firm drafts a document, the employer is the first owner of the Copyright document”, which means that to protect the Data, computer Data Bases of an organization, one needs to have good drafted contracts with an employee so that no dispute arises after the termination of service of an employee.
· In Burlington Home Shopping Pvt. Ltd. Vs. Rajnish Chibber, 1995 IVAD (Delhi) the highcourt of delhi observed that”Trade catalogues are generally compilations, and as such are capable of protection as literary works. On similar principles, a computer database, stored on tape, disk or by other electronic means, would also generally be a compilation and capable of protection as a literary work”
· In the recent case of Dr. Harsh Pathak vs Union of India & Ors. , a PIL filed by a lawyer in the supremecourt regarding unsolicited Phone calls, the apex court passed an interim order restricting cellular companies to make promotional calls.
CONCLUSION
The Information Technology Act, 2000 is not data or privacy protection legislation per
se. It does not lay down any specific data protection or privacy principles. The Information Technology Act, 2000 is a generic legislation, which articulates on range of
themes, like digital signatures, public key infrastructure, e-governance, cyber contraventions, cyber offences and confidentiality and privacy. It suffers from a one Act
syndrome. It would be erroneous to compare the Information Technology Act, 2000 provisions with the European Directive on Data Protection (EC/95/46), OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, 1980, and the Safe Harbor principles of the US.
In fact the Information Technology Act, 2000 deals with the issue of data protection and
privacy in a piecemeal fashion. There is no an actual legal framework in the form of Data
Protection Authority, data quality and proportionality, data transparency etc. which properly addresses and covers data protection issues in accordance with the principles of the EU Directive, OECD Guidelines or Safe Harbor Principles. Accordingly, even if the new proposed amendments to the Information Technology Act, 2000 were adopted, India
would still lack a real legal framework for data protection and privacy.
Retrieved from “http://www.articlesbase.com/national-state-local-articles/data-protection-laws-of-india-536297.html”
(ArticlesBase SC #536297)
Liked this article? Click here to publish it on your website or blog, it’s free and easy!
Anandakrishnan.S -
About the Author:
Anandakrishnan.S, Pune
]]>
Questions and Answers
Ask our experts your National, State, Local related questions here…200 Characters left
My laptop has gone to repair centre, and they’ve sent it out to someone else by mistake, how does the data protection act help me
Who is exempt from data protection act ?
What are the best data entry companies in india?
Rate this Article
vote(s)
0 vote(s)
Feedback
RSS
Print
Email
Re-Publish
Source: http://www.articlesbase.com/national-state-local-articles/data-protection-laws-of-india-536297.html
Article Tags:
information technology act, copyright act, array personal dataprotection bill
Latest National, State, Local Articles
More from Anandakrishnan.S
How to Secure Your Business Data
Hattie explains the importance of having a data protection plan (04:59)
How to Sell Software Consultancy Support Contracts
Learn how to sell more virus protection-focused software consultancy support contracts. Stop putting your company’s survival at risk by ignoring your recurring revenue stream. One shot deals are for amateurs. This short video introduces 3 tips to help you sell more virus/data protection focused support contracts to your software consultancy clients. Then learn more proven software consultancy secrets now at http://SoftwareConsultancySecrets.com
(05:57)
How to Password Protect Your iPhone
You have a lot of things on your iPhone. Email, documents, pictures, and lots more. To keep that data safe you may want to password protect your iPhone to keep others out. You can even factory reset your iPhone after a given number of failed password attempts. While it won’t soften the blow of a lost iPhone, at least you’ll know your data, passwords and email are safe. (01:38)
How to Stop Data Leaks with Code Green Networks
Data loss protection is still a new field, but Code Green Networks brings a comprehensive solution to stopping leaks of confidential data to unauthorized users. Is your IT leaving with employees that are getting downsized? Is your customer list now the property of one of your competitor’s? Then you might be interested in the latest data leak prevention appliance from Code Green Networks. (04:07)
How to Protect Company Files – Information Security
What can you do to protect your company’s records from the enemy within? (01:16)
Wrongful Death Attorneys Austin Texas
Move your eye around and you will discover many accident cases. The major reason behind this accident is the lack of care of either of the two parties or both of them concerned in it.
By:
john britel
Law>
National, State, Locall
Dec 24, 2010
Internet in Society: From Email and Social Media, To Cyberstalking and Cyberspying
In this article, we’ll be talking about the use of computers and the internet and how family law cases may be affected. Part of this discussion will focus on issues involving shared information by email and social media networking. We’ll also introduce some very serious matters that may rise to the level of criminal activity. Those are cyberstalking, cyberharassment, cyberbullying, and cyberspying. The “cyber” in all of these activities refers to the use of computers and electronic devises…
By:
Scott David Stewartl
Law>
National, State, Locall
Dec 24, 2010
Know more about US Court Reporting Program
In the past few years, US court reporting program is gaining popularity in legal fields because of its benefits and effectiveness. Those days are gone when stenographers or typists in the courtroom were having maximum significance.
By:
Thomas Martinl
Law>
National, State, Locall
Dec 24, 2010
How to Beat Speeding Ticket Violations in California
Speeding ticket violations have become a common occurrence in California with unsuspecting motorists going over the speed limit accidentally. With the assistance of an expert attorney, or competent online service, you stand a better chance with any speeding ticket violations in California.
By:
Michaeltrentl
Law>
National, State, Locall
Dec 24, 2010
Choosing A Truck Accident Attorneys
Truck accident is governed by particular traffic rules, and these laws typically differ for all state. If you have been in a truck accident in Austin Texas, you have to stand for by individual laws in this state pertaining to truck accidents.
By:
john britel
Law>
National, State, Locall
Dec 23, 2010
Wills and Trusts Lawyer in Oakland County Donates Christmas Gift to Animal Shelter
In spite of the slump in the economy of Detroit, a Wills and Trusts Lawyer in Oakland County donates a Christmas gift to animal shelter. In his most humbling motive and generosity, this just proves that nothing can be a hindrance for a great cause.
By:
Joe Dadichl
Law>
National, State, Locall
Dec 23, 2010
The Truth About Accident Compensation Claims Inside The Factories And Farming Sector
The amount of accident compensation claims submitted regarding factory workplace settings are quite high. Another extra hazard here comes from fork lift vehicles or reach trucks that obtain as well as place stuff on elevated
By:
Michelle Sandsl
Law>
National, State, Locall
Dec 23, 2010
Signs That a Couple May Need a Divorce
Couples get married with the aim of living together for the rest of their lives. However, not all couples enjoy successful married relationships. There are a lot of factors that cause marriages to fail. One of these reasons is incompatibility. This happens when couples fail to discover each other’s flaws and weaknesses prior to joining hands in marriage.
By:
aleciacrownl
Law>
National, State, Locall
Dec 23, 2010
This article tries to see the existing data protection legislations in India, with cases
By:
Anandakrishnan.Sl
Law>
National, State, Locall
Aug 26, 2008
lViews: 1,154
lComments: 1
Add new Comment
Your Name: *
Your Email:
Comment Body: *
Verification code:*
* Required fields
Comments on this article
0
1. Renu 03/08/2009
I have recently undertaken a study of the various Data Protection Laws existing in various countries and international organizations as part of my LLM dissertation paper. So, i fully agree with the author on this fact that the existing legal system does not address the problem relating to data protection and confidentiality. The ITA as amended after 2008, also does not provide for the data protection principles envisaged in the EU Directive or OECD Guidelines, it does not look after the rights of the individual over the personal data being held by a data processor or controller. So, a well defined and comprehensive law is required in India now, after the recent cases of data theft and fraud by BPO employees, as the BPO industry is developing in India at a rocket speed and requires well established legal scenario to bind its employees and protect its customers.
Submit
Your Articles Here
It’s Free and easy
Sign Up Today
Author Navigation
My Home
Publish Article
View/Edit Articles
View/Edit Q&A
Edit your Account
Manage Authors
Statistics Page
Personal RSS Builder
My Home
Edit your Account
Update Profile
View/Edit Q&A
Publish Article
Author Box
Anandakrishnan.S has 1 articles online
Articles Categories
All Categories
Advertising
Arts & Entertainment
Automotive
Beauty
Business
Careers
Computers
Education
Finance
Food and Beverage
Health
Hobbies
Home and Family
Home Improvement
Internet
Law
Marketing
News and Society
Relationships
Self Improvement
Shopping
Spirituality
Sports and Fitness
Technology
Travel
Writing
Bankruptcy
Copyright
Criminal
Cyber Law
Health and Safety
Immigration
Intellectual Property
Internet Law
National, State, Local
Patents
Personal Injury
Regulatory Compliance
Trademarks
]]>
Need Help?
Contact Us
FAQ
Submit Articles
Editorial Guidelines
Blog
Site Links
Recent Articles
Top Authors
Top Articles
Find Articles
Site Map
Webmasters
RSS Builder
RSS
Link to Us
Business Info
Advertising
Use of this web site constitutes acceptance of the Terms Of Use and Privacy Policy | User published content is licensed under a Creative Commons License.
Copyright © 2005-2010 Free Articles by ArticlesBase.com, All rights reserved.
Anandakrishnan.S, Pune
