Author-Ridhima, student at Panjab University Regional Centre, Ludhiana
To the point
Data privacy and protection refers to the ethical and legal framework that governs how personal or sensitive data is collected, stored, processed and shared by organizations or individuals. It aims to safeguard personal information from misuse, unauthorized access or disclosure. In the modern era, most of our daily works are done online and the data is to be saved in electronic devices. People nowadays do not prefer to write anything with pen and paper. They prefer to note data in electronic devices. This is very personal information of people. And that’s why it needs to be protected. Data privacy and protection is fundamental right of every person provided under constitution of India.
Abstract
Everyone has something personal in their lives. Data is need to be protected and secured. These kind of cases came under cybercrime. The surge in cybercrime can be attributed to several factors, including the increasing reliance on digital transactions and online activities. The COVID-19 pandemic further accelerated this trend, with more people relying on online platforms for education, work and communication. Several measures have been implemented to combat cybercrime, including the establishment of the Indian Cyber Crime Coordination Centre and the National Cybercrime Reporting Portal.
There are many ways to protect ourselves from cyber attacks. Like keeping software and operating system up to date ensures the benefits from the latest security patches to protect computer system. Using anti-virus or a comprehensive internet security solution is a smart way to protect your system from attacks. Anti-virus software allows you to scan, detect and remove threats before they become a problem. A classic way that computers get infected by malware attacks and other forms of cybercrime is via email attachments in spam emails, so never open an attachment from a sender you do not know. Another way people become victims of cybercrime is by clicking on links in spam emails or other messages, or unfamiliar websites. Also a good antivirus can protect from the threat of cybercrime.
Use of legal jargon
1. Digital Personal Data Protection Act, 2023 (DPDP Act)
It applies to all digital personal data collected in India, including foreign entities offering goods and services to individuals in India. Data must be collected with clear and informed consent. This act provides penalty upto Rs.250 crore for data breaches or violations.
2. Information Technology Act, 2000
Section 43A and 72A of Information Technology Act, 2000 are relevant to data protection. Companies handling sensitive personal data must implement reasonable security practices. Compensation can be claimed if personal data is mishandled or leaked due to negligence.
3. IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or information) Rules, 2011
IT rules are issued under IT Act. These rules define sensitive personal data. It includes passwords, financial information, health conditions, biometric data, etc. It requires companies to obtain consent before collection and use data only for the purpose collected by maintaining a privacy policy.
4. Indian Contract Act, 1872
This act provides with the consent agreements for data processing.
5. Indian Penal Code, 1860
IPC provides criminal penalties for theft or misuse of data.
6. Consumer Protection Act, 2019
It was enacted to protect consumer’s rights in both offline and online transactions. It implicitly supports data protection, especially through provisions related to e-commerce, unfair trade practices and consumer rights.
The proof
It is challenging to pinpoint an exact number, but cybercrime is a widespread problem affecting billions of people. According to Astra Security and Exploding Topics, in 2023, there were 33 billion account breaches, equating to roughly 2328 per day. This means 97 cybercrime victims per hour. Over the past two decades, atleast 6.5 million individuals have been victims of cybercrime, resulting in an estimated $26 billion in losses, according to Astra Security. According to Astra Security, the number of cybercrime victims also increased substantially during the COVID-19 pandemic, with a 69% increase in 2020 compared to 2019.
In recent years, cybercrime in India has seen a significant increase, with millions of complaints reported annually. According to NDTV report, in 2024, nearly 20 lakh cybercrime complaints were registered, a substantial rise from 15.6 lakh in the previous year and ten times more than in 2019. Specifically, in the first half of 2025, over 12 lakh cybercrimes were reported, exceeding the annual figures for 2022 and 2021. Maharashtra has been the worst affected state with 1.6 lakh cases, followed by Uttar Pradesh (1.4 lakh) and Karnataka (1 lakh).
Case laws
1.Justice K.S.Puttaswamy (Retd.) vs. Union of India (2017)
The SC in this case recognizes the right to privacy as a fundamental right under Article 21. This case emphasizes that informational privacy is a crucial aspect of personal liberty and laid down the foundation for data protection laws in India.
2. Karmanya Singh Sareen vs. Union of India (2017)
This case is concerned with WhatsApp’s privacy policy and its data sharing with Facebook. It raised issues about user consent and data transfer to third parties. The court ruled that users have the freedom to stop using the service if they disagree with the policy.
3. Anuradha Bhasin vs. Union of India (2020)
While primarily about internet shutdowns, the case reinforced the importance of access to the internet as essential for exercising rights like freedom of expression and information privacy. This case reaffirmed the constitutional protection of digital rights.
4. Internet and Mobile Association of India vs. RBI (2020)
In this case, RBI’s ban on cryptocurrencies was challenged. The court emphasized informational privacy and data rights of users involved in digital transactions.
5. People’s Union for Civil Liberties vs. Union of India (1997)
This case is related to telephone tapping and privacy of communication. The court held that telephone tapping violates privacy under Article 21 unless authorized under procedure established by law.
Conclusion
In conclusion, I just want to aware the people through this article to protect themselves from cyber attacks. These cyber attacks are increasing day by day. Protecting ourselves from cyber attacks is extremely important because cyber threats can cause serious harm to individuals, businesses and governments. Cyber criminals often target bank accounts, UPI apps or credit card data. A single click on a fake link can result in losing your savings. Protecting yourself from cyber attacks is not just about privacy, it’s about safety, financial security, mental well-being, and social responsibility.
FAQs
How privacy is infringed by cyber attacks?
Cyber attacks infringe on privacy by gaining unauthorized access to personal and sensitive information. Hackers may break into your devices or online accounts to steal data such as photos, videos, messages, medical records, or financial details. This stolen information can be misused for identity theft, where attackers impersonate victims to commit fraud, apply for loans or conduct illegal activities. Social media accounts can also be hijacked, allowing cyber criminals to post content or send messages without the user’s knowledge, often damaging reputations. Overall, cyber attacks deeply violate an individual’s right to privacy and can have lasting emotional, financial and legal consequences.
