The situation of information privacy is to use information while protecting the individual’s privacy preferences and their personally identifiable knowledge. The areas of computer safety, data protection, and information security innovation use software, hardware and human resources to address the issue. Since the laws and rules associated with privacy and information security are always shifting, and in case of India the laws do not even exist in its true form to directly fight against the issues, it is crucial for a company or an online portal to stay abreast of any changes to these laws and to continually assess agreements with data privacy and security regulations. For individuals, who are the ultimate beneficiaries of the web, it is crucial to understand that though the cyber world brings a huge amount of opportunities in a single click/tap sometime those clicks and taps may lead to many unpredictable and uncharted areas of the web which in turn will not only be harmful to the person directly in the trigger but may result into a crash for all the people connected to that specific node (These circumstances arise in organizations based under a LAN network which get struck by a targeted hack that leads to success because of one person’s negligence).
According to a report of BBC News - India's financial systems are extremely vulnerable because we still rely on international banking networks like Swift to make transactions. International gateways are open vectors of attack for India.
India does not have any specific and comprehensive legislation on data protection and privacy till date, also no national supervisory authority is there for the protection of personal data. It is the Ministry of Electronics & Information that administers personal data and privacy through Information Technology 2000 and rules (IT Rules, 2011) issued thereunder. IT Act under sec 43A provides that where anybody corporate deals with any personal information of an individual of kinds like sensitive digital data, security passwords, bank details etc, when negligent in maintaining reasonable responsibility & security will be liable to pay damages through compensation. Similarly, Sec 72A of the IT Act mentions that when there is a disclosure of personal information in breach of contract or without consent of an individual then the corporate body will be fined and/or avail imprisonments. The IT Rule, 2011 provides for a minimum standard on data regulation of a person and maintaining his/her privacy. It also provides a list of personal information that can be contained as 'sensitive'.
Recent WhatsApp controversy has once again sparked a debate regarding legislative inaction in matters of regulating data and protecting an individual's privacy. The judiciary has also emphasized in several judgements that how privacy assessment and it's protection is very essential, as much as an individual's life and liberty (Justice Puttaswamy case). Also, action taken by the government on enacting a law on individual rights regarding data privacy has not been very effective yet and only a little deliberate effort is witnessed like presenting the Personal Data Protection Bill, 2018 in parliament to do the job. It's a fool's idea to run the IT Act as a one-man show. Even if we do, it is not sustainable and good enough in outsourcing our industries. We remember the Jio-FB deal right? In July 2017 a committee was established by the Ministry of Electronics and Information Technology to study data protection issues. The Committee was headed by Justice B. N. Srikrishna, a former Supreme Court judge. This committee tabled Personal Data Protection bill and after that, it gave us a long wait for formally elected legislation on data protection in India. In practical terms, the greatest hurdle for India is to have its domestic data protection law system formally adjudicate and widely viewed as adequate, as it vehemently manages to bring industry running on data into India but not vice versa merely because of data storage system's inefficiencies and no regulatory approvals. Therefore, India could expand far beyond being a mere service provider to multinational companies worldwide by having a strong
data security law.
It is very crucial, at this stage, to understand that in wrong hands, big information, like any other field, will bring incredible harm. Perhaps most evidently, such data heralds at the loss of privacy – as more corporations in more sectors know that tressure troves of information they are leaving untouched or unanalyzed, there is a rising belief and business force to mine that information. As more and more companies bring the information science in their toolkit and establish how productive mining information will be, we as consumers would necessarily want to be more vigilant about protecting ourselves from those who could utilize our own data for financial gains or social harm.