In the modern world, data is like gold because as civilization evolves, stealing by educated people has become more common. Data is the key to one’s life; if it is stolen, someone can alter it and learn about your personal life, financial situation, political and social opinions, and more.
A few examples of how this data theft can harm your finances are online banking thefts and phishing. Thieves can close your account in a matter of seconds by stealing your biometric information, sim card data, and credit card information. This type of financial fraud is most prevalent in India.
Data theft is the unlawful copying, removal, or theft of valuable or personal information from a corporation, business, or individual without that person’s knowledge or consent.
A person is at risk of having their password, private information, banking information, or financial information taken in this incident. Businesses and corporations face the risk of having sensitive information such as client data, software source code, corporate trade secrets, and confidential information stolen.
A person who downloads, copies, or extracts any data, computer databases, or information from a computer, computer system, or computer network without the owner’s or another person in charge of those devices’ permission is considered to have committed data theft under the IT Act 2000’s section 43 sub-clause (b), which defines the crime. It refers to any illegal copying or taking of data in any form from a company or another person without that person’s knowledge or consent.
Rules Applicable for data theft in India
In India, the IT Act 2000 primarily governs data theft. Sections 65, 70, and 72 of the act discuss the penalties applied in cases of data theft, while Section 43 of the act discusses the definition and categories of data theft.
In the event of a data breach, specific IPC provisions may also be used, such as Section 403 of the IPC, which deals with the imposition of criminal penalties for dishonest misappropriation or conversion of movable property for one’s use. Although data is abstract now, Section 378, which deals with the theft of immovable property, can still be used if it is stored on a hardware drive such a floppy disc, pen drive, or other storage device and is taken.
Section 63B of the Indian Copyright Act provides that any person who knowingly makes use of a computer or an infringing copy of a computer program shall be punishable. In cases such as Govindan v. Gopalakrishna and McMillan v. Suresh Chunder Deb and others, the courts have stated that:
“a compilation created by devoting capital, time, skill, and energy, even if being taken from a common source, is a literary work and is thus subject to copyright protection”.
Credit Information Companies Regulation Act, 2005 (CICRA) also deals with data theft. In this act norms are made that how can an entity can collect and maintain a data of an individual and if there is any leak or alteration of this data then the entities will be held liable.
What type of data falls within the scope of IT act?
There are two types of data according to the IT Act Personal Information and Sensitive Personal Data.
Any information that may be used to directly, indirectly, or in conjunction with other information to identify a specific person is referred to as personal information. Sensitive personal data is dealt with in Section 43A of the IT Act, but it is not precisely defined there. Instead, it is stated that sensitive personal data is any information that the government has designated as sensitive. Sensitive personal data are described as “personal information relating to: passwords; financial information, such as bank account or credit card details; physical, physiological, and mental health; sexual orientation; medical records and history; and biometric information” in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data and Information) Rules of 2011.
How can you register a complaint regarding the data leak?
There are two options of filing a complaint in the cyber cell:
• Offline Mode:
File a written complaint in the cyber cell of the closest police station. Regardless of the jurisdiction, it can be registered in any city or location where you happen to be at the time. Regardless of the jurisdiction, filing a complaint is required by Section 154 of the CrPC.
Where you are registering a complaint, address the letter to the director of cybercrime. also include all of your contact information in the application.
If submitting a complaint to the cyber cell is not possible, you can file a FIR at the closest police station.
You can submit a written complaint to the Commissioner or the Magistrate who has jurisdiction over that police station if they declined to write the FIR in the police station.
According to Section 80 of the IT Act of 2000, a police officer has the authority to search and detain a suspect without a warrant.
The IPC makes many cybercrimes cognizable offences, which means the police must file a FIR and transfer it to the police station that has jurisdiction over the matter.
• Online mode:
Regardless of where the perpetrator of the crime was from, each state has a cybercrime cell with an internet portal where residents can lodge complaints.
A person from any region of India can file a complaint on the Central Government’s online cybercrime cell webpage, which is separate from this. The Ministry of Home Affairs is responsible for it. Anyone who wants to lodge a complaint can do so by going to the web portal at https://cybercrime.gov.in/Accept.aspx
Additionally, an anonymous complaint may be made if you do not want your name to be disclosed.
Punishment for data theft:
- Criminal breach of trust is punishable under Sections 405 and 408 of the IPC by up to three years in prison, a fine, or both. If the accused is found guilty, they might face up to seven years in prison, a fine, or even both.
- According to Section 43 of the IT Act, the accused computer system may face fines of up to one crore rupees as well as compensation for computer damage.
- According to Section 66 of the IT Act, those convicted of a computer-related offence face up to three years in prison, a fine of up to 5 lakh rupees, or both.
- A monetary fine will be imposed on the accused in accordance with the seriousness of the offence in cases where Section 2(o) and Section 63 of the Copyright Act are violated. Additionally, copyright infringement is a crime.
- Under Section 65 of the IT Act, anyone found guilty of tampering with computer source documents faces a maximum sentence of three years in prison, a fine of two lakh rupees, or both.
- The accused may face up to 10 years in prison, a fine, or both under Section 70 of the IT Act for failing to protect data in a protected system.
- In Section 72 of the IT Act which attracts the breach of confidentiality and privacy of the data accused can be punished with imprisonment which may extend to two years or with a fine which may extend to one lakh rupees or both.
India lacks the legislative framework necessary to protect its citizens’ personal data, while being one of the nations with the highest percentage of internet users in the world. The outdated IT laws in India are unable to address the issues that today’s youth are dealing with. Neither the executive nor the legislature properly implements IT laws. In many states, the selection of adjudicating officers—who were intended to be chosen to settle disputes—is not carried out. The legislature has not even announced any standard standards or penalty structures that adjudicating officers are required to follow. Because various cops follow different processes and make decisions based on their senses, this causes chaos. We require a robust technical law that can offer the nation’s citizens a strong data protection mechanism. Laws must serve as the framework for addressing both the current issue and any future problems.
How FYOC can help you?
We believe in the benefit of lasting relationship. We assist you with finding best legal advisors, helping you with Fighting Your Own Case.
We will help you to find right advocate for your dispute and also help you to fight your own case. We believe in democratic, non-profit, and problem solving systemically with legal counsel which would strengthen the community. The determination of the need for legal services and the choice of a lawyer are extremely important decisions. Our mission is to provide a easy-to-understand and effective legal advice to our clients and make their life less complicated with the legal terms.