What is Data?
Data means raw facts and figures, a small word for big concept. Data encompasses of every single bit of information, which could pertain to just about anything including information on you, such as where you live, what you do, where do you keep your money, your likes, dislikes almost everything is data. Data is both a boon and bane depending on who controls it, after all knowledge is power. Even big Companies and businesses generate a lot of data with regards to their financials, products, clients etc. Hence in the light of the importance attached to data, it is pertinent that it is protected. Nowadays data is mostly stored electronically on data drives and other data storage devices. Data in the wrong hands could be disastrous and leave a person or business vulnerable. A lot of this data is generated through a network of computers, leaving data vulnerable to cyber-attacks or misuse, further wrong use of data is also an eminent threat for the person furnishing it. Why does data protection matter? With a populace of over a billion, there are around 500 million dynamic web clients and India's online market is second just to China. Collecting the information of individuals along with their behavior has become a profitable business plan. However, it is also a matter of grave concern as it can lead to revelation of private information of an individual. Organizations, governments, and political parties use this information to advertise the information to your, based on your interests and likes. Also, until now, there are no laws on the use of individual data and thwarting its maltreatment, despite the fact that the Supreme Court kept up the privilege to protection as a central right back legitimately in 2017. Data Protection law India To prevent the misuse of data and to protect data from leaking, the governments throughout the world have enacted data protection legislations. In India there is no specific legislation dealing with data protection yet, however currently data is protected and governed under the Information Technology Act of 2000 (the Act) and its allied rules. Under the Act, data means the representation of information, knowledge, facts, concepts or instructions which are prepared or have been prepared in a formalized manner, and are intended to be processed or have been processed in a computer system or computer network. Chapter V of the Act deals with data protection, particularly section 16 which necessitates the requirement of following security procedures and practices for the protection of electronic records (which includes data) especially by intermediaries (persons collecting, using or storing the data and or providing services using the data). Pursuant to section 16 of the Act the ministry of electronics and information, issued the following rules for the protection of data:
- Information Technology Rules, 2011:
- Information Technology Rules, 2009:
- In terms of applicability following the practice similar to the GDPR the bill has extended the applicability of the Act to platform, websites, online services, networks located outside India but providing services or operating in India.
- The bill lays down the obligations of data fiduciary in regards to the dealing and handling of data provided by a user, especially with the collection of data, and seeking confirmation and consent of the user.
- The bill lays down the rights of persons furnishing data to any data fiduciary, including rights to modify wrong data and the right to have the data forgotten.
- The bill provides for a copy of data being collected by data fiduciaries located outside to be made available at data servers or centers located in India.
- The bill also provides for the establishment of data protection regulator, the Data Protection Authority.