wordpress blog stats
Connect with us

Hi, what are you looking for?

What must the Digital India Act cover to improve cooperation between law enforcement and service providers? #NAMA

Experts emphasised the importance of privacy safeguards, procedural clarity, and reasonability to make sure strengthening law enforcement does not compromise the rights of individuals and companies

“We need to have a fool-proof mechanism to define rules, procedures and the regulations. How law enforcement can intervene and investigate…that has to be clearly defined and there should be a very clear-cut reasonability in place. What kind of things they can call out? What kind of things they can ask for? If we have these kinds of things in place, only then we can elevate the confidence level of the [Indian digital] ecosystem across the globe,” stated Atul Kumar from the Data Security Council of India, a panelist at MediaNama’s MarketsNama conference held on May 19, 2023.

Speaking at the fourth session of the event — “Privacy, Cybercrime and Cybersecurity” — Kumar and other panelists touched upon what the upcoming Digital India Act (DIA) must entail, to improve cooperation between law enforcement agencies and companies, service providers, or data centres when it comes to cybercrime investigation. The panelists also talked about the kinds of challenges both entities face when dealing with data requirements for tackling cybersecurity-related crimes.

FREE READ of the day by MediaNama: Click here to sign-up for our daily newsletter with the top story of the day delivered daily before 9 AM in your inbox.

What must be considered in the Digital India bill?

Advertisement. Scroll to continue reading.

As per IT Minister Rajeev Chandrasekhar’s indication at the DIA consultation in Mumbai on May 23, the first draft of the digital India bill is expected to be released in the first week of June. When asked about how law enforcement can be strengthened without compromising on the rights of individuals and companies, the panelists broadly emphasised the following points to be considered in the DIA:

  1. Privacy: Panelist Sukanya Thapliyal, from Centre for Communications Governance, is of the view that the analytical framework provided by the Puttaswamy judgment must be applied to test if certain law enforcement actions infringe upon privacy rights of citizens. She noted that the requirements of necessity and proportionality laid down in the privacy judgment must be “infused with provisions in the IT Act”. This, she said, “can provide some sort of guideline to the legal enforcement agencies who want the access of data, to first justify some of these aspects and within these, we can also think of infusing provisions including concepts like data minimization, purpose limitation, or access control”.
  2. Reasonability: Kumar added that in order to protect privacy, it is important to check whether the demand for data is reasonable. This pertains to the amount and kind of data law enforcement agencies ask for, and what the company can substantially provide in the given time frame. For example, it will be difficult for a service provider to give access to data that’s ten years old or is bound by sectoral laws at the time. Thapliyal also pointed out the conversations of mutual legal assistance with other countries at the UN Cybercrime Convention and certain provisions that provide guidance on what a requirement list for data should look like. If a similar guide is included in the DIA, it would make things easier for law enforcement agencies and also for service providers when they have to meet demands for data requirements.
  3. Safeguards: Further, Kumar stated that there must be a mechanism in place to safeguard the data that’s been collected, to prevent intermediaries from facing action if sensitive information is being misused by notorious actors.
  4. Data minimization: Panelist Venkatesh Krishnamoorthy, from BSA, The Software Alliance, emphasised the need to include provisions that may build contours around the kind of data that authorities can ask for and the way they can ask for it. Currently, law enforcement agencies may ask for all kinds of data without any specifications, which greatly exposes people’s personal information. The speaker stated that including provisions around data minimization can limit the scope of data accessed by authorities to only what’s required for specific cases.
  5. Procedural clarity: Krishnamoorthy noted that the DIA should include provisions that can offer clarity over rules for making different kinds of data requests. This must broadly categorise the kind of requests that need judicial pre-authorisation and those that need to be reviewed post-facto by another body. This, he said, will tackle the challenges of dealing with blanket requests for data.

This post is released under a CC-BY-SA 4.0 license. Please feel free to republish on your site, with attribution and a link. Adaptation and rewriting, though allowed, should be true to the original.

Also Read:

What Are The Problems That Companies Face When Law Enforcement Agencies Demand For Data? #NAMA

“Should There Be Safe Harbour At All?”: 30 Talking Points From The Digital India Act Consultation

Video: MarketsNama 2023, Delhi, 19th May

How The IT Act Allows The Indian Government To Spy On Internet Connections

Advertisement. Scroll to continue reading.

Five Talking Points From Data Security Council Of India’s Discussion About Digital India Act’s Impact On Cybersecurity

Written By

Curious about privacy, surveillance developments and the intersection of technology with education, caste and welfare rights.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Is it safe to consider all "publicly available data" as public?


PhonePe launched an e-commerce buyer app for ONDC called Pincode. We, however, believe that it should also launch a seller app.


Amazon announced that it will integrate its logistics network and SmartCommerce services with the Open Network for Digital Commerce (ONDC).


India's smartphone operating system BharOS has received much buzz in the media lately, but does it really merit this attention?


After using the Mapples app as his default navigation app for a week, Sarvesh draws a comparison between Google Maps and Mapples

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ