More than 300,000 incidents of small-and-large data breach incidents were reported to Indian Computer Emergency Response Team (CERT) in 2019. The Information Technology Act, 2000 provides specific safeguards in cases of data breach, but it largely remains un-utilized. India has been struggling to safeguard date as there is a recurring rise in cases of data breach. Let us discuss the various reasons why the number of data breaches are increasing India and what the Government should do safeguard databases:
Consistent data breaches:
In India, there exists only one single act related to cyber law, that is the Information and Technology Act, 2000 (IT ACT). However, it is has been observed as inadequate due to the rise in the cases of data breaches and our national databases are unsuccessful in protecting their sensitive data. “Using data for marketing and political campaigning purposes should be done legitimately, with the consent of people whose data is being used and also in line with a modern regulatory framework that protects privacy and enshrines accountability for misuse of data.
Data breaches from the government are extremely dangerous and concerning for our nation because their databases include official data such as the Voter’s ID number, Aadhar card details like fingerprints, retina scan, health reports and such information has now been leaked on the dark web. In 2019, the database leak of the Police department’s examination of 5 lakh candidates was kept on sale in the database sharing forum of the dark web… The leak was traced on 22 December 2019 and the information is found to be of the candidates from Bihar who attempted the examination.
In April 2021, 180 million Domino’s India pizza orders went up for sale on the dark web, according to Alon Gal, CTO of cyber intelligence firm Hudson Rock.
- https://www.csoonline.com/article/3541148/the-biggest-data-breaches-in-india.html (biggest recent cybersecurity attacks and data breaches in India.)
- https://www.livemint.com/Technology/PzP2t8AHlZAfpukvrYNtAK/Indian-laws-inadequate-to-deal-with-data-theft-say-experts.html (inadequacy of Indian Laws to deal with data theft)9
- https://internetfreedom.in/breach-please-why-companies-like-fb-need-to-be-held-accountable-by-cert-in/ (Facebook needs to be held accountable for Data Breach)
- https://carnegieindia.org/2020/03/09/will-india-s-proposed-data-protection-law-protect-privacy-and-promote-growth-pub-81217 (India’s proposed Data Protection Law)