NEW DELHI: The IT Act has legal framework for privacy and security of data in digital format and provides for compensation to the victim in the case of unauthorised access and leakage of sensitive personal information, the government said today.
“Section 43, Section 43A and Section 72A of the Information Technology Act, 2000, and the IT Rules (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) 2011 provide comprehensive legal framework for privacy and security of data in digital form,” Telecom Minister Manoj Sinha informed Rajya Sabha today.
He was responding to a query on the government’s plan to ensure there is no violation of user privacy through Internet-based messaging services.
“Sections 43 and 43A of the Act provide for compensation to be paid to the victim in the case of unauthorised access of information and leakage of sensitive personal information, respectively,” Sinha said.
Many mobile applications at the time of their installation in mobile phones force upon users to give permission to access content in their mobile phones, access to call records, microphone and the like without their intervention. Such permissions can be misused for breach of privacy of users.
Sinha said the Section 43A also mandates that the corporate body which collects personal data or information must provide privacy policy for handling of or dealing in personal information, including sensitive personal data or information on their websites.
“They are also required to implement reasonable security practices and procedures to protect the information. The government has already notified as per the provisions of Section 46 of the IT Act that Secretary of Department of Information Technology of each state and UT to act as adjudicating officers for the purpose of the IT Act,” Sinha said.
Further, a Cyber Appellate Tribunal has been set up in accordance with the provisions under Section 48(1) of the Information Technology Act, 2000. (AGENCIES)