Really informative article on the Information Security laws in India

Thanks to Google alerts I came across a really interesting article in law.com that “surveys the state of data security legal protections in India.” Check out the complete article. To whet your appetite, here are a few excerpts:

The Indian legal system is substantially based on the British common law system. While there is no omnibus Indian data security law, there are several laws that apply to data theft or misuse in India. Typically, when an incident involving data occurs, a complaint is filed for theft, cheating, criminal breach of trust, dishonest misappropriation of data and/or criminal conspiracy under the provisions of the Indian Penal Code, 1860 (IPC) and for hacking under the Information Technology Act, 2000 (ITA). Many of these offenses under the IPC and the ITA allow for an arrest without a warrant, are non-bailable and carry penalties that range from imprisonment for a year to life imprisonment, as well as fines.

the criminal complaint can be made to Anti Cybercrime Cells set up by the State Police Departments. These cybercrime cells have been established specifically to investigate and prosecute cases of data theft and copyright infringement, as well as other cybercrime cases. Cybercrime cells of several state police departments (e.g., Delhi) organize training programs to enhance investigators' skills and knowledge concerning data protection, and use advanced equipment to investigate data security incidents. In fact, the U.S. Department of State recently trained Indian cybercrime investigators on investigating techniques. The investigating officers at Anti Cybercrime Cells have the power to seize infringing or stolen data by conducting searches and raids on the premises of the alleged offenders and can also prosecute the offenders in the criminal court that has jurisdiction over the police station where the complaint was registered. The law enforcement agencies also have the power to arrest offenders and keep them in custody during the course of the investigation and prosecution unless bail is granted to the offenders by the court.

While several measures have been put into place to deal with data security issues, some concerns still remain regarding the Indian legal system. Indian courts are overburdened -- in 2005, the lower courts had more than 20 million pending cases, while the high courts had more than three million. Delays in the system are common, and an average case can take several years to be resolved. However, things are changing. Several measures are underway, and the Prime Minister of India, as well as the Chief Justice of the Indian Supreme Court, have committed to dealing with the issues facing the Indian courts. Further, the system itself, while slow, works. More importantly, as previously discussed, the service providers themselves are putting into place several preventive measures to deal with data security and privacy issues.