CYBER SECURITY LEGISLATION IN INDIA

INTRODUCTION

Cybersecurity is the practise of keeping sensitive data and important systems safe from threats that come from the Internet. Data breaches, identity theft, monetary theft, and theft of valuable internet time are only some of the most common types of cybercrime. More than 4.5 million Air India passengers had their personal information exposed after a cyberattack. Domino’s India had their database breached, exposing personal information for almost 180 million customers. The Indian government had started to review how it governs cybersecurity and criminality in reaction to the quickly changing digital revolution, outdated cybersecurity legislation, and the absence of clear, comprehensive data protection regulations.

CYBER SECURITY LEGISLATIONS IN INDIA

This study will focus on just four pieces of cyber security legislation. 

1. The Information Technology Act 2000

The most significant law in India that deals with cybercrime and e-commerce is this one. The primary purpose of this act is to carry out electronic, digital, and online transactions that are legitimate and trustworthy, as well as to relieve or minimise instances of cybercrime. 

India, in 2021, replaced its decade-old regulations on social media intermediaries (SMIs) with the IT Rules, 2021, which were primarily aimed at placing obligations on SMIs to ensure an open, safe, and trusted internet. 

2. Indian SPDI Rules 2011 for Reasonable Security Practices

The provisions of the SPDI Regulations include those that regulate the Processing of Personal Data/Information and/or Sensitive Personal Data/Information, as well as those that prescribe security policies and procedures for the handling of Personal Data/Information and/or Sensitive Personal Data/Information.

3. The National Cyber Security Policy 2013

Its purpose is to defend against cyberattacks both the public and private sectors of the infrastructure. In addition, the policy seeks to protect “information, such as personal information (of online users), financial and banking information, and sovereign data.” 

In the years leading up to 2013, India did not have a cybersecurity policy. With the NSA surveillance scandal that broke out in 2013, the necessity for it became clear to everyone. 

4. Aadhar Card Act, 2016

The Aadhaar Act of 2016 places the responsibility for securing individuals’ identity records and identification credentials on the UIDAI. The Aadhaar Act stipulates that the Unique Identification Authority of India is responsible for maintaining the confidentiality of any and all information within its sphere of influence or under its control, including data held in the Central Identities Data Repository. It is safeguarded against illegal access, use, or disclosure in accordance with this Act or its rules, as well as accidental or intentional destruction, loss, or damage. It is safe and protected.

These are the primary regulatory entities in India that are responsible for enforcing cybersecurity legislation and ensuring that all Indian enterprises comply with applicable laws and standards.

1. Computer Emergency Response Team (CERT-In)
2. National Critical Information Infrastructure Protection Center (NCIIPC)
3. Cyber Regulations Appellate Tribunal (CRAT)
4. Securities and Exchange Board (SEBI) of India
5. Insurance Regulatory and Development Authority (IRDAI)
6. Telecom Regulatory Authority of India (TRAI) & Department of Telecommunications (DoT)

CONCLUSION

To summarise, even if a society that is completely devoid of crime is an ideal that will never be realised, there should still be ongoing efforts to establish norms that will reduce the rate of crime to a minimum. Especially in a society that is becoming more and more dependent on technology, the rate of crime that is based on breaching the law through electronic means is sure to rise, and lawmakers will need to go the additional mile in comparison to the impostors to keep them at bay. Because of the pandemic, a significant portion of the workforce has been forced to transition into a remote working module, which has increased the demand for app security.

Author: G Deepika, a Student of NMIMS, Navi Mumbai