Within minutes, the Parliament withdrew the Personal Data Protection Bill, 2021 on August 3rd. The news sent shockwaves across the technology and business sectors, with people posting long threads on whether a new bill will be introduced soon and what this means for data protection in India.
While Minister of State for the Ministry of Electronics and Information Technology (MeitY) Rajeev Chandrasekhar tweeted that a “comprehensive framework of global standard laws including digital privacy laws for contemporary and future challenges” will replace the Bill soon, here are some government updates from this week.
Never miss out on important developments in tech policy, whether in India or across the world. Sign up for our morning newsletter, with a “Free Read of the Day”, to experience MediaNama in a whole new way.
106 data breaches reported since 2017: MeitY said that the Indian Computer Emergency Response Team (CERT-In) had reported an upward trend of data breaches in India since 2017. In 2017, two data breaches were reported, followed by five such cases in 2018. These numbers continued to increase with 11 cases, 36 cases, 39 cases, and 13 cases during 2019, 2020, 2021, and 2022 (up to June) respectively.
Similarly, CERT-In reported 552, 454, 472, 280, 523, and 1,217 phishing cases during 2017, 2018, 2019, 2020, 2021, and 2022 (up to June) respectively. Regarding financial fraud incidents, 14, 6, 4, 4, 13, and 9 cases affecting ATMs, Cards, Point of Sale (PoS) systems, and Unified Payment Interface (UPI) were reported for the same time period.
Meanwhile, the National Payments Corporation of India (NPCI) said member banks reported 172, 1,967, 17,759, 77,299, and 84,274 UPI fraud cases during 2017-18, 2018-19, 2019-20, 2020-21 and 2021-22 respectively.
When asked for details of the unrecovered money from online banking fraud or UPI, MeitY said, “there is no such information available.”
Centre sets the deadline for Aadhaar intimation: The Law and Justice Ministry confirmed that revised election rules require persons included in the electoral rolls to furnish Aadhaar numbers for verification.
“The government has notified April 1, 2023 as the date on or before which every person whose name is included in the electoral roll may intimate [their] Aadhaar number,” said the Ministry.
MP G.V.L Narasimha Rao also asked what steps Electoral Registration Officers (EROs) will have to take if a voter deliberately refuses to furnish Aadhaar details. To this, the Ministry replied, “it is optional and [they] may produce [their] Aadhaar Number.” In case a person does not have Aadhaar number, the individual can also provide other optional documents “as provided in the Form 6B.”
IT Act and Rules do not hinder privacy: MP Amar Patnaik asked the government if it has conducted any study to determine how traceability may be implemented without impacting user privacy. Patnaik’s questions assessed existing provisions under the IT Rules 2021.
To this, the Ministry of Electronics and Broadcasting (MIB) replied, “Neither the Information Technology (IT) Act, 2000 nor the [IT Rules 2021] contravene user’s right to privacy.”
Further information by the Ministry said it issued 94 takedown/accounting blocking orders to YouTube, five such orders to Twitter, and three such orders each to Facebook and Instagram between December 2021 and April 2022. January 2021 recorded the highest numbers of these orders with 35 orders sent to YouTube, two orders sent to Twitter and Instagram each, and one order sent to Facebook.
130 cases of hate speech on social media: The government said that the Election Commission of India (ECI) reported 130 hate speech cases on social media platforms since 2019. The earliest year reported the highest number of such cases—58 cases during general elections and one case during the Maharashtra and Haryana elections. Later Delhi elections recorded 34 hate speech cases, followed by 29 cases during the 2021 State Assembly Elections. Meanwhile, the 2022 State Assembly elections have recorded only eight cases of hate speech so far.
Regarding data leaks during the elections, the Law and Justice Ministry said, “the ECI has informed that no complaints have been received from political parties in respect of data leaks during elections in the last five years.”
348 apps blocked for collecting user data: The Ministry of Home Affairs (MHA) blocked 348 mobile applications for collecting users’ information and transmitting it in an unauthorized manner to servers located outside India for profiling.
“Based on the request from MHA, the MeitY has blocked those 348 mobile applications since such data transmissions infringes the sovereignty and integrity of India, defence of India and security of the State,” said MeitY while answering queries about apps developed by China.
The Ministry said that such apps are developed by various countries including China.
‘Public Order’ is a State subject: Stating that betting and gambling are illegal in most parts of India, MeitY said, “all forms of gambling and betting come under the purview of state governments and they have enacted their laws to deal with the same within their jurisdictions.”
Further, it said that online gaming platforms are intermediaries and must follow the Information Technology (IT) Act, 2000 and the Rules thereunder.
“Online gaming platforms are treated as illegal when game of chance is involved in those platforms,” said MeitY.
Similarly, regarding the role of the internet in trafficking, the government said that such crimes come under state responsibility.
“With the enhanced use of internet, the number of cyber crimes is also increasing. ‘Police’ and ‘Public Order’ are State subjects as per the Seventh Schedule of the Constitution of India. States/UTs are primarily responsible for the prevention, detection, investigation and prosecution of crimes including trafficking, deployment of adequate technological infrastructure and capacity building of their law enforcement agencies to combat such crime,” it said.
No separate record of pro-terrorist accounts: While acknowledging the risks and dangers posed by the growing misuse of social media platforms by ‘anti-national elements’, the government said it “does not monitor any such content in the social media platforms.”
Similarly, it said that although MeitY received requests for blocking various social media accounts posting pro-terrorist content, it does not maintain a separate record for such accounts.
“The Law Enforcement Agencies (LEAs) regularly monitors social media platforms for terrorism related activities and take action as per the existing legal provisions,” said MeitY.
3,277 cybercrime grievances in 2021-22: According to National Crime Records Bureau (NCRB), there were as many as 3,277 cyber crime-related grievances in 2020-2021 with 733 grievances reported in Uttar Pradesh alone. Meanwhile, 2020-2021 reported only 851 such grievances with Uttar Pradesh reporting only 129 grievances.
“National Consumer Helpline is being run by the Department of Consumer Affairs for registering consumer grievances and facilitating redressal thereof at pre-litigation stage,” said MeitY while answering questions posed by MPs Sanjay Jadhav and others.
Upward trend in digital transactions: The government talked of “unprecedented growth” in digital payment transactions over the last three years. Particularly, the total number of digital transactions stood at 8,840 crore in 2021-22, up from 5,554 crore in 2020-21. The financial year 2021-22 also recorded the highest total value of digital transactions of ₹3,021 lakh crore. In the previous financial year, the total value was ₹3,000 lakh crore. Earlier in 2019-20, the total number of transactions was 4,572 crore with a total value of digital transactions standing at ₹2,953 crore.
For 2022-23, the total number of digital transactions is ₹3,270 crore with a total value of ₹566 lakh crore by July 24.
No sharing of public bank customers’ data: The government refused claims that public banks and insurance companies are sharing customers’ personal data with other entities.
“Public Sector Banks have informed that personal and account details of the customers are not being passed on to others except when it is required to be provided under the provisions of law,” said the Finance Ministry.
Further, it said that the Insurance Regulatory and Development Authority of India has not reported any incident wherein personal and account details of customers were passed on to others. Meanwhile, the Reserve Bank of India (RBI) apprised that 248 successful data breach attacks were reported between June 2018 and March 2022. This comprised of 41 reports from public sector banks, 205 private sector banks and two cases in foreign banks.
“Most of the data breaches pertain to card number leakage, theft of business/non-business information etc.,” said the Ministry.
Update: The copy has been update on 11.13 AM on August 6 2022 for clarity
This post is released under a CC-BY-SA 4.0 license. Please feel free to republish on your site, with attribution and a link. Adaptation and rewriting, though allowed, should be true to the original.
- Tamil Nadu Government Convenes Committee For Emergency Law Against Online Gambling
- Compensate Kin Of Delivery Workers Who Died On Duty: IFAT Tells Zomato And Swiggy
- Exclusive: Mumbai Police Looks To Tackle Cyber Crimes By Profiling Social Media Users And Keeping Tabs On Their “Thoughts”
- Linkage Of Aadhaar And Voter ID Completely Irrational, Says Randeep Surjewala’s Petition To Supreme Court