Cyber Privacy.pptx Monami

8/2/2019 Cyber Privacy.pptx Monami

1/37

Monami Mitra

M.com(e-com)

Semester IV

Roll no. 11


2/37

Introduction

Meaning of Privacy

Internet Privacy

Privacy and Confidentiality

The Right to Privacy

The OECD Principles

Legal Implication of privacy issues

In India

In UK

In U.S

Case studies on privacy issues

Conclusion

References


3/37

The growing e-commerce and the widespreadavailability of online databases raise many fears regarding

loss of privacy and many statistical challenges.

This has given primary concern to privacy issue in allover the world in different forms.


4/37

The world privacy has been derived from Latin word

Privatus which means separate from rest.

Privacy can be understood as a right of an individual to

decide:

who can access the information ,when they can access the information, and

what information they can access.


5/37

According to Indian Constitution inArticle 21

Privacy means protection of life and personal liberty

No person shall be deprived of his life or personal

liberty except according to procedure established by law

The privacy is considered as one of the fundamental

rights provided by constitution in list I (13)


6/37

Internet privacy consists of privacy over the media

of the Internet: the ability to control whatinformation one reveals about oneself over the

Internet, and to control who can access that

information


7/37

From creating a mail account to open an online banking

account we pass on our personal information everywhere

in a day to day life . Ideally the provided information

must be used for limited purpose only for which it has

been collected but in reality this information is further

processed, sold for unauthorized purpose without the

permission of the data owner.


8/37

Cookies

HTTP

Browsers

Downloading freeware or sharewareSearch engines

Electronic commerce

E-mail

Spam

Dangers of Internet ChatSocial networking

blogs


9/37

It is the claim of individuals ,groups orinstitutions to determine for themselveswhen, how and to what extent informationabout them is communicated to others.

Privacy

It involves a sense of expressed or impliedbasis of an independent equitable principleof confidentiality.Confidentiality

These two terms are somewhat synonymous but there is a

little difference between them.


10/37

It is common for the journalist to use anonymousinformants. The identities of the informants are

kept confidential but are known to the Journalists.


11/37

Right to privacy involves the right to controls ones personal information and ability to determine if and

how that information should be obtained and used.

This principle of privacy becomes all the more relevantwith the onset of the internet and e-commerce in India.


12/37

The OECD guidelines on the protection of privacy were

developed in 1980, to help harmonise national privacylegislation and at the same time ,prevent interruptions in

international flows of data.


13/37

The collection limitation principle

The data quality principle

The purpose specification principle

The use limitation principle

The security safeguard principle

The openness principle

The individual participation principle

The accountability principle


14/37

There should be limits to the collection of personal data

and any such data should be obtained by lawful and fair

means and where appropriate , with the knowledge or

consent of the owner.


15/37

Personal data should be relevant to the purposes forwhich they are to be used, and to the extent necessary

for those purposes should be accurate, complete and

kept up-to-date.


16/37

The purposes for which personal data are collectedshould be specified at the time of data collection only

and its use is limited to that purpose only.


17/37

Personal data should not be disclosed, made available or

otherwise used for purposes other than specified except:-

With the consent of the owner

By the authority of law


18/37

Personal data should be protected by reasonable security

safeguards against such risks or loss or unauthorized

access ,destruction use, modification or disclosure of data


19/37

There should be a general policy of openness about

developments, practices and policies with respect to personal data. Means should be readily available of

establishing the existence and nature of personal data,

and the main purposes of their use, as well as the identity

and usual residence of the data controller


20/37

An individual should have right :-

To obtain from a data controller or otherwise, confirmation

of whether or not the data controller has data relating to him.

To have communicated to him ,data relating to him

1. Within a reasonable time

2. In a reasonable manner

To be given reasons if a request made under sub

paragraphs is denied, and to be able to challenge such

denial


21/37

A data controller should be accountable forcomplying with measures which gave effect to the

principles stated above.


22/37

No specific legislation pertaining to data protection and

privacy has been enacted in India. However, there exist four

components of data protection and privacy regime in India,

namely:

Constitution of India

Judgments of the Honble Supreme Court of India

The Information TechnologyAct, 2000

The Indian ContractAct, 1872


23/37

Under article 21 of Indian constitution no person shall be

deprived of his life or personal liberty except according to

procedure established by law.

Under this article , a citizen has a right to protect the privacy of

his own , his family, marriage, motherhood, childbearing, and

education .

No one can publish anything concerning the above matters

without his consent, whether truthful or otherwise and whether

critical , unless they are a part of public records.


24/37

If one follows judgment of supreme court ,three things emerge:-

That the individuals right to privacy exists and any unlawful

invasion of privacy would make the offender liable for theconsequences in accordance with law.

That there is constitutional recognition given to the right of privacy

which protects personal privacy against unlawful government

invasion

That the persons right to be let alone may be lawfully restricted for

the prevention of crime .


25/37

Section 72 of the act, establishes an information technology

offence of breach of confidentiality and privacy

Section 66(e) of ITAA 2008 describes the punishment for the

violation of privacy.

Section 43(a)of ITAA 2008 provides for the compensation for

failure to protect data


26/37

any person who, in pursuant of any of the powers

conferred under this Act, rules or regulations made

there under, has secured access to any electronicrecord, book, register, correspondence, information,

document or other material without the consent of the

person concerned discloses such electronic record,

book, register, correspondence, information,document or other material to any other person shall

be punished with imprisonment for a term which may

extend to two years, or with fine which may extend

to one lakh rupees, or with both.


27/37

It is important to note that the scope of this section

is limited to those authorities,which have been

granted power under this act.


28/37

Whoever, intentionally or knowingly captures, publishes

or transmits the image of a private area of any personwithout his or her consent, under circumstances

violating the privacy of that person, shall be punished

with imprisonment which may extend to three years or

with fine not exceeding two lakh rupees, or with both


29/37

Where a body corporate, possessing, dealing or handling

any sensitive personal data or information in a

computer resource which it owns, controls or operates, is

negligent in implementing and maintaining reasonable

security practices and procedures and thereby causes

wrongful loss or wrongful gain to any person, such body

corporate shall be liable to pay damages by way of

compensation, , to the person so affected


30/37

Sensitive personal data or information means such personal

information as may be prescribed by the Central Government in

consultation with such professional bodies or associations as it may deem

fit.

The victim of a breach of privacy is provided a remedy to claim

compensation from the body corporate who has been negligent. There is

no upper limit for the compensation to be claimed which may even be in

excess of Rs 5 crores.

This section provides a remedy to the "person affected" when "Wrongful

loss" is caused to him or "Wrongful gain" is caused to another person at

the expense of the affected person. There is no limit for the

compensation.


31/37

In a contract , confidentiality clause exists which

means that where an organization/company agrees tomaintain the confidentiality of information relating to an

individual , any unauthorized disclosure of information

would amount to a breach of contract inviting an action

for damages as a consequences of any default inobservance of the terms of contract.


32/37

Fairly and lawfully processed

Processed for limited purpose

Adequate , relevant not excessive

Accurate

Not kept longer than necessary

Processed in accordance with the data subject's rights

Secure

Not transferred to countries without adequate protection

Data must be:-


33/37

m.com(e-com)

Semester III

Roll no. 3

conclusion


34/37

Books :-

Ahmad ,F.(2nd ed.).(2005).Cyber Law in India.Delhi:New

EraKamanth ,N.(2nd ed.).(2006).Law relating to Computer

Internet &E-commerce. New Delhi: Universal Law.

Sood,V.(2nd ed.).(2003).Cyber Law Simplified. New Delhi:

McGraw Hill.


35/37

Websites

http;//www.delhicorts.nic.in/cyber%20law.pdf

http;//www.infosecon.networkshop/pdf.4.pdf.htm

http;//www.cno.org/docs/prac/41069-privacy.pdf

http;//www.ijest.info/docs/JEST10-02-05-136.pdf


36/37


37/37

Documents

Cyber Privacy.pptx Monami