Data Theft as per IT Act
Theft according to IPC is taking away dishonestly any movable property out of the possession of a person without that person’s consent. A data is valuable asset in present era. Data is nothing but an information used by large corporations, companies, units etc. Data theft is claimed to have been covered under the Information Technology Act, 2000. Unlike UK’s Data Protection Act 1984, IT Act is said to have been insufficient in tackling problems.
Data theft can be said to be covered under section 43 of the IT Act. Another section which can be said to cover data theft is section 72 and section 72A of IT Act. However, it concerns breach of obligation. The difference between the same is that in case of former no power is conferred on the offender and in the latter case power is conferred on the offender which is misused by him. Another feature of this Act is that it exempts network service providers. thus we can see that there is no provision for data theft as such in this Act, however it gets covered under section 43 of the IT Act.
Network service providers are not made liable under this Act (also applicable to Rules or Regulation) provided they prove that the offence is committed without his knowledge or he has exercised due diligence to prevent the commission thereof. Thus they are exempted from the liability for data theft provided they qualify certain conditions. Central government under authority given to it by section 87 of the IT Act has power to make rules and regulations and the result of which is Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. These Rules also fail to specifically provide for data theft. However, they specifically provide for data protection. Now the question before us is, if this data protection also covers data theft. This Rules can be seen to cover data protection i.e. protection from breach of obligation.
We thus come to know that although India claims that the IT Act provides sufficient protection against cyber crime in India, it has failed to specifically provide for data theft. The only help which can be given is by Courts interpretation, until new amendments are made or law is enacted by the legislature. It is necessary to make provisions for data theft which is of great concern in today’s generation.