Laws pertaining to Personal Data Protection in India
We all would agree to the fact that data is running this world directly or indirectly. Whether they are personal data or the private ones, data is something which is required by all the organisations to function and run. If an organisation is directly related to the public, organising and protecting data in the best way possible is what they must do to successfully run their business. There are certaining laws pertaining to Personal Data Protection and a Patent Attorney in India can answer all your queries related to this as data protection is a huge subject and expert advice is required on this.
As India does not have a specific law related to data protection, all data protection law comes under the Information Technology Act of 2000 which is also known as the “IT Act”. Also, the rules made in 2011 for reasonable security practices and sensitive data or information which relates to the IT Act directly
Apart from above acts and rules, the Indian Constitution also protects personal data under Article 21 which guarantees the Right to Privacy to every Indian citizen as their fundamental right. Also, personal information of a person and the right to access those information from that particular person comes under Article 21 which is “Right to privacy”.
Some of the relevant sections of the IT act which must be understood to understand the laws of data protection in India are discussed below.
Section 72 A of the IT Act
Section 72 A of the IT Act protects personal data of a person and any person who tries to manipulate it or access it for any loss of gain is dealt by the law strictly. The Constitution of India gives its citizens the fundamental right that their personal data is protected in every manner and not misused under any cause. Without the consent of the person, if the data is handled or accessed wrongfully and the investigation shows that it was done with malicious intentions i.e with the intention of causing harm to the person, it will be considered as a breach of law.
Infringement of the law might lead to serious problems and will be handled by the Patent Attorney in India lawfully
Person breaching the law under Section 72 A will be punished with an imprisonment that can extend upto for 3 years or with a monetary penalty of 5 lakh rupees or both. In such a case, the court of law will be the final authority in deciding the punishment whereas the infringer can claim to higher courts if he thinks that he is innocent.
Section 43 A of the IT Act
Almost similar to the IT act Section 72 A, the section 43 A of the IT Act in India ensures any organisation does not misuse any personal information/data of a person in any way. Any organisation, company or a corporate body that deals with any sensitive data of people must pay compensation to them if it is found that the data was misused, leaked or handed over to another organisation or a person and was used for gaining monetary benefit or with any other malicious intentions or done even negligence.
Organisations must adopt the best security practices to ensure data protection so that people do not lose trust and faith in the government as well as private organisations. If found guilty, apart from the penalties and imprisonments, the company must ensure that this will never happen in future or else they might lose their entity next time.
Limitations of the two sections
Every law has some limitations and loopholes and the sections 43 And 72 A of the IT Act have some limitations as well which we are listing below
- Only the section 72A guarantees penalty for data breach and not any other law
- There is a very narrow scope of the provisions of data protection in the IT Act
- The IT rules and the above sections are applicable only to the electronically generated information and not the manual ones
- The IT rules and laws are not applicable to the government bodies and are only applicable to private organisations which should not be the case at all.
- The law does not specify any government agency that will govern or protect data of a person and act as an alternative in case the private organisation is found guilty of misusing the data.
Tags : Data Protection Law , Patent Attorney in India