Select Location
Criminal

Data Theft: A Dual Challenge to Law and Technology

In this age of information, technology and experience, data has become a much more valuable asset, with anything and everything created, stored and shared electronically through smart devices or over the internet. Data has become the instrument through which companies acquire clients and take over the huge part of the market.
Written by:
Shivi Gupta
Published on
24-Jul-18

Law and Technology are the dual shields for data. 

In this age of information, technology and experience, data has become a much more valuable asset, with anything and everything created, stored and shared electronically through smart devices or over the internet. Data has become the instrument through which companies acquire clients and take over the huge part of the market. 

However, the threats and security issues associated with data are as substantial as its significance to I.T. companies. These threats are not limited to the information technology sector but have moved into the legal domain as well. Data hacking, piracy and data theft cost millions for legal and information technology companies to protect and restore their company data from cybercriminals. Company profits have become dependent on how much companies are willing to spend on protecting their data. 

 

Social media platforms have become the most convenient way people steal identification information like the photographs, phone number, date of birth and whereabouts. Fake accounts are created by using this information to commit the crime of identity theft, fraud or harassment. Platforms like Facebook has started a profile picture safeguard feature to protect users’ pictures, Snapchat and Instagram have a 24-hour timeline and then the stories or pictures of users gets destroyed automatically.

There are many questions that arise when data theft is dealt with by law, for instance, does the Indian law cover data theft? What is the protection given to data under the Indian law? Is data theft a crime in India? These questions are not only a primary concern for I.T. companies, but it is also important for the legislation to keep up with the change in types and techniques of crime. 

The Information Technology Act, 2000 defines data as ‘a representation of information, knowledge, facts, concepts or instructions which are being or have been prepared in a formalized manner. This data is intended, being or has been processed in a computer system or network in any form that includes computer printouts, magnetic or optical storage media, punched cards, punched tapes, or stored internally in the computer memory’.

Data theft is an act of copying, stealing or removing a person or company’s confidential information without authority. Data theft constitutes crimes like identity theft, stealing customer record, or theft of Intellectual Property or trade secrets. The most common forms of data theft in India are theft of credit card information, banking passwords, ATM card information, theft of company’s trade secrets or other sensitive information through email frauds, external devices like USB drive, hard disks, etc. 

Section 43(b) of the Information Technology (Amended) Act, 2008 states that a person would be guilty of data theft, if he downloads, copies or extracts any data, computer database or information from a computer, computer system or computer network or data held or stored in any removable storage medium, without permission of the owner or any person who is in charge of the computer system or network.

The crime of data theft under the IT Act is cognizable and bailable, and the person guilty of data theft would be punished with a fine for up to Rs. 5 lakhs, imprisonment of up to 3 years, or both. The crime would be cognizable, non-bailable and compoundable if Section 379 and Section 420 of the Indian Penal Code are also applicable. 

The Copyright Act, 1957 includes computer databases within the meaning of 'literary work' as well. Thus, copying or distributing the database would be considered as an infringement of copyright and the copyright owner can file a suit for injunction and compensation against the person. Such infringement or concealment would be punished with a fine of up to Rs. 2 lakhs, imprisonment of up to 3 years, or both.

Data is highly prone to be misappropriated, copied or hacked. The maximum risk to Data is from employees handling /using the same during the course of their employment and other independent contractors (Call Centres etc.) entrusted with Data to carry out specific tasks/assignments. The most common modus- operandi adopted by Data Criminals is to sell the same to competitors, who benefit through the reduction in effort, time and costs of building their own Data Base or buying the same from the market.

Need legal help? Consult the most experienced lawyers from MyAdvo anywhere in India and across the world! Email us at info@myadvo.in or call now at 9811782573.