People Vs Data Giants: Ministry Mulls Severe Penalties For Not Reporting Privacy Breach Post Multiple Leaks Protesters outside of Facebook headquarters over data privacy (Photo by Justin Sullivan/Getty Images)

Indian Ministry of Electronics and Information technology (MeitY) is drafting the final data protection law and new rules under the IT Act imposing harsh penalties for not reporting a data breach, as reported by Economic Times.

The decision comes after massive data breaches reported in public statements of the companies. In particular, tech giants Google and Facebook have had multiple data breaches of significant magnitude in recent times. The former leaked data of about half a million Indian users and the latter about 50 million. Google had decided to shut down Google+ services after the massive breach.

On the breach, a Google spokesperson told ET that the company goes beyond legal requirements to apply several user-focused criteria to determine whether to provide notice, like the type of data involved, evidence of misuse, possible actions that could be taken by the developer etc. He added that the recent breach did not qualify any of these criteria.

Despite the IT Act 2008 introducing financial penalties for not reporting data breaches, companies have repeatedly failed to inform the government even after multiple attempts by latter to contact them. Officials feel that government penalties rarely exceed one lakh rupees, an amount too low to incentivise action.

Public policy lead Nehaa Chaudhari at Ikigai Law was quoted as saying, “increasing penalties to increase reporting of incidents is one way of looking at it. Regulators around the world, be it under GDPR or the data protection bill are resorting to fairly high penalties but it only goes so far, we also need a legal and regulatory framework to support them”. She added that there should be clarity in the law about what constitutes a data breach and how quickly the company has to report it.

An Appeal...

Dear Reader,

As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.

Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.

We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.

Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.

Become A Patron
Become A Subscriber
Advertisement