In my last post, I encouraged readers to familiarize themselves with the provisions of the Indian Information Technology Act (2000). I would like to carry forward that conversation in this post and highlight some other sections of the ITA (2000) that might be of particular interest to managers [1] :
- Section 43 of the act (Chapter IX) outlines penalty and compensation for damage to 'computer' & 'computer systems'.
- Section 43 A deals with compensation to be paid by a corporate entity or company for negligent loss of sensitive personal data in its possession.
- Section 70 B of the ITA designates the Indian Computer Emergency Response Team or CERT as the national agency to respond to computer security related incidents.
Interested readers can browse the IT act 2000 to know more about the provisions of the above mentioned sections.
Currently, the IT Act (2000) does not specifically cover new computing paradigms like 'Cloud Computing' and 'Virtualization' which could pose interesting legal questions. For example, does the definition of 'Computer System' or 'Computer' in the IT Act include a Virtual Machine ? Similarly, while the IT Act (2000) provides power to confiscate a computer, how would the IT Act stand up to a situation when a virtual machine (VM) is moved to a different host just before seizure ?
Currently, the IT Act (2000) does not specifically cover new computing paradigms like 'Cloud Computing' and 'Virtualization' which could pose interesting legal questions. For example, does the definition of 'Computer System' or 'Computer' in the IT Act include a Virtual Machine ? Similarly, while the IT Act (2000) provides power to confiscate a computer, how would the IT Act stand up to a situation when a virtual machine (VM) is moved to a different host just before seizure ?
Likewise, while the IT Act (2000) and other acts like the Indian evidence act 1872 (Section 65B) recognize electronic records and permit them to be used as admissible evidence in a court of law, electronic discovery or eDiscovery [1] as practiced in the USA and some other countries is yet to find roots in India. As more and more information gets exchanged digitally, creating and strengthening the legal framework for eDiscovery requires urgent attention of Indian lawmakers.
In the near future, managers would probably have to be much better informed about the legal dimensions of digital information interchange and would have to review storage, organization and dissemination of information on enterprise IT platforms based on eDiscovery best practices.
_____________________________________
[1] Watch an instructive video on the eDiscovery concept and eDiscovery Resource Model by Travis Cornwell and Tom Clippard.
[1] Watch an instructive video on the eDiscovery concept and eDiscovery Resource Model by Travis Cornwell and Tom Clippard.
In your last lecture, I remember the mentioning of "BookMyShow" and your experience with them.
ReplyDeleteI came across with the exact same problem discussed in an article and hope some laws will come in the future. Sharing the link below.
https://thelogicalindian.com/awareness/bookmyshow-rti-online/?fbclid=IwAR1OGfj4ll4mtCqRoAHNc8ZYmlCYfE_yVc9FHnnffXXLodjk0tXXx7VnzE