Professional Documents
Culture Documents
“Data Protection laws in India to safeguard Privacy in Social Media- A Facebook Case
Study”
Date of submission
08th January, 2021
Submitted to
Prof: Dr. Manika Kamthan
Submitted by
Name: KABIR QURAISHI
PRN: 20010143037
LL.M. 2020-2021
1
DECLARATION
The paper titled “Data Protection laws in India to safeguard Privacy in Social Media- A
Facebook Case Study” submitted to Symbiosis Law School, Pune, for the subject Research
Methodology & Legal Writing as part of internal assessment is based on my original work
carried out under the guidance of Prof: Dr. Manika Kamthan, Symbiosis Law School, Pune.
The research work has not been submitted elsewhere for award of any degree. The material
borrowed from other sources and incorporated in this paper has been duly acknowledged..
Date:-08.01.2021
Kabir Quraishi
2
ACKNOWLEDGEMENT
I am thankful to my research guide Prof : Dr. Manika Kamthan, faculty incharge for
Research Methodology and Legal Writing, for her through assistance and support all
throughout the prepration of this research paper.
My humble gratitude to librarian and staff of Symbiosis Law, Pune for providing
infrastructure in form of E-library which helped me to a great extent for this project.
Kabir Quraishi
3
CERTIFICATE
This is to certify that the empirical research titled “Data Protection laws in India to
safeguard Privacy in Social Media- A Facebook Case Study” is prepared by Mr. Kabir
Quraishi of Symbiosis Law School, Pune under my supervision in the partial fulfilment of the
requirement for the award of the degree of L.LM. This empirical research is an independent
and the original work and forr for evaluation.
Date: 08/01/2021
Place: Pune
Prof: Dr. Manika Kamthan
Professor
4
TABLE OF CONTENTS
SR.NO. PARTICULARS
1 Declration
2 Acknowledgment
3 Certificate
4 Preface
Chapter I - Introduction
5
9 Chapter V - Conclusion
10 References
5
Preface
In law and principle, for connecting with people and exchanging information the social media
platforms are introduced. In any case, in actuality, the position is unmistakably
differentiating. Along the progression of time the endorsers of social media stages for
example the Facebook have been confronting a ton of protection worries because of their
personal information being utilized by these platforms to get together with their business
procedures giving up the security of the account holders. The account holder is in a bad way
due to the click wrap contract endorsed between the Facebook and the user which will in
general be in the kindness of Facebook, incompletely because of his own obliviousness and
unresponsiveness. So as to uncover the consuming issues of protection issues identified with
clients interests, including the overall obliviousness and disregard pervasive among Indian
clients, the analyst directed an exact overview, based on which, the current examination paper
has been defined.
6
“Data Protection laws in India to safeguard Privacy in Social Media- A Facebook Case
Study”
Background: communicating to people has been evolved after Social media networks came
into the picture. Business cycles and social cooperation’s spin more in the internet. In any
case, as these digital innovations advance, clients become more presented to security dangers.
Administrative structures and lawful instruments as of now deficient with regards to a solid
digital presence are needed, for the assurance of clients.
Objectives: There is need to investigate and assess the degree to which users are presented to
weaknesses and dangers in the light of the current Protection laws and arrangements. Besides,
to explore how the current lawful instruments can be improved to all the more likely secure
clients.
Method: This research assesses and examinations these security challenges from a legalistic
perspective. This research is centered around Indian Facebook account holders. Survey data
assembled from the profile pages of clients at of Facebook was examined. A short study was
additionally gathered information results. Clear insights, including proportions of focal
inclination and proportions of spread, have been utilized to introduce the information.
Likewise, a blend of arranged and graphical depiction information was additionally summed
up in an important manner. Results: The outcomes obviously show that the lawful structures
and laws are as yet advancing and that they are not enough drafted to manage explicit digital
infringement of security.
Conclusion: This article remembers the need to audit lawful instruments for a normal
premise with more extensive discussion with users in an undertaking to build up a powerful
and an enforceable lawful system. A proactive lawful structure would be the ideal
methodology lamentably; law is receptive to digital wrongdoings.
7
CHAPTER 1
Introduction
1.1. RESEARCH PROBLEM:
According to certain reports, it was suggested that about 40% Indians had internet access in
20181. Besides 45 million active users on internet, there are around 25 million active social
media users in India2. Considering that the data generated everyday is more than 2.5
quintillion bytes. On the social media, the personalised information, photo, videos, status are
updated by the users. Before accessing their services, the user accepts the terms and
conditions of the online agreements/ click wrap contracts. Such contracts are mostly of one
sided nature and favours social networking platforms, after the user uploads his personal
details on such site, it leaves his privacy to get exposed and when such social networking
sites tries to manipulate the user information and even trade it with the commercial viewpoint
to third parties, in turn exploiting the user as a potential buyer and thus, increasing the
possibility of data theft and breaches to privacy.
1.2. OBJECTIVES
The paper aims to analyze and recognize the privacy issues relevant to the protect the data of
the Facebook users that have been fundamentally embedded in the click wrap contracts or the
agreements that are accepted by the users while signing up to use the services and the sale
such information to the third party is a gross violation of users privacy. Apart from that the
legal framework provided under the Information Technology Act, 2000 and Information
Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or
Information) Rules, 2011 seems to be largely ineffective.
1
https://www.iamai.in/media/details/4990
2
https://www.iamai.in/media/details/4990
8
b. To examine the user perspective in relation to their privacy violation issues of their
personal data posted to the social media platforms.
c. To examine the viewpoints of the legal professionals on click wrap agreements and
privacy concerns related to social media.
d. To examine the issue related to the exploiting of personalised user data by the
networking sites as a result of the click wrap contract agreed upon by the two parties
and the possibility of sustainability of such Contractual right although it violates the
right to privacy.
e. To suggest the immediate need for strict data privacy regulations on personal data
over the social networking platforms.
1.2.2. RESEARCH QUESTION:
a. What are the legal consequences for users while entering into a unilateral
agreement while signing up on facebook?
b. What are the required implications of such contractual obligations?
c. What are the potential legal options to reach a greater degree of privacy and data
monitoring that can be misused?
1.3.METHODS, METHODOLOGY AND TECHNIQUES :
1.3.2. METHODS:
The Researcher has focused upon the data collection process of the sampling survey. The
relevant data has been obtained by circulating the online questionnaires to the correspondents
9
living in and around the cities of Delhi NCR and Kolkata. For this reason, the Researcher has
abided to the uniform Blue Book (20th edition) method of citation.
This empirical research has been carried out by the Researcher in the vicinity of the cities of
Gwalior and Delhi. Further, the data has been gathered by the researcher over a period of
about 7 days.
In this research paper, the researcher seeks to illustrate some of the most alarming problems
by the Facebook users as well as the ignorance of the users about their rights, obligations and
available relief. This is achieved by choosing a subject area and undertaking an empirical
research of the actual nature of issues. However such research is limited to the specific field
and deals with only number of problems. Whereas, in the field of social media, people face
numerous challenges, most of which do not come under the limits of this study. There are
also jurisdictional problems related to the settlement of conflicts arising out of a click wrap
deal. This leaves ample space for potential contributors to discuss the specifics of each topic
and undertake a detailed survey at national level.
CHAPTER II
LITERATURE REVIEW
10
To examine the effect of privacy problems on social media, i.e. in the case of Facebook, the
researcher took the help of following relevant literature.
a. Nandan Kamath3 the book sheds light on the jurisdiction of cyber piracy on the
internet, domain names and their legal interaction. It also discusses the topics of
cyberspace surveillance, cryptography, encryption, national security and personal data
protection on internet and a viewpoint on the control of converging technology.
b. Laura Scaife4 It focuses primarily on social media and law, its usefulness, history, and
social media operations. Compares social media globally across diverse spectrums and
countries and addresses the legal classification scheme for social networking sites
(SNS). It also focuses on data security and surveillance and the history of data
protection regulation, the evolution of privacy legislations.
c. Pawan Duggal 5
focuses primarily on the laws related to mobile crimes. It addresses
other issues like introduction of mobile crimes, types of mobile crime, relevant
statistics, mobile privacy and the current legal status of mobile crimes across the
World.
1. Agnieza A. McPeak6 talks about the careful balance between the civil litigation,
Free data access and preventing the overreach. It also emphasise on how the privacy
issues in the social media can be further explored by demarcating the limits of civil
discovery as an element of proportional research.
2. Dr. Shivshankar Singh7 explains about the interconnection and close link between
data security and privacy. The article sheds light on the history of the privacy rights
and its evolution. It further elaborates about the civil and criminal liability along with
data security.
3
Nandan Kamath, Laws relating to Computers Internet & E-commerce (2013).
4
Laura Scaife, Handbook of Social Media and Law (2015).
5
Pawan Duggal, Mobile Crime and Mobile Law (2016).
6
Agnieszka A. McPeak, Social Media, Smartphones, and Proportional Privacy in Civil Discovery, 64 U. Kan.
L.Rev. 235 (2015)
7
Dr. Shivshankar Singh, Data protection and Privacy in india(2012)
11
3. Stephen E. Henderson8The Article starts with a brief history of social media and then
elaborates upon the principle of privacy of information, followed by a discussion and
application of the governing constitutional law.
CHAPTER III
THEORETICAL FRAMEWORK
Social Networking has become identical to the concept of being able to reach people,
to make new contacts. In order to bring about contact with social media and the law, it
is important to understand the forms of social media used by people on a regular basis
and how the law defines them.
8
Stephen E. Henderson, Expectations of Privacy in Social Media,31 Miss. C. L. Rev. 227 (2012)
9
Starr roxxanne Hiltz and Murray Turnoff (1978) The Netwrok Nation : Human Communication via Computer,
New York : Addison-Wesley (Revised edition, 1993, Cambridge, MA : MIT Press)
12
As a Harvard social networking site, Facebook was first launched in 2004. In early
2009, it became the world's biggest social networking site.10
Incidental data Data uploaded by the users, e.g. tweets, images, etc.
Which others take and tags the user. The data is neither
controlled nor created by the user.
10
Kazeniac, A. (2009). Social networks: Facebook takes over top spot. Twitter Climbs. URL (last checked
September 2018) http://blog.compete.com/2009/02/09/facebook-myspace-twitter-social-network/
11
Laura Scaife, Handbook of Social Media and Law, 2015 pp.7.
13
B. Right to privacy
Two of the most contentious “issues related to social media networks and their data
collection practises are how the data is handled and how privacy rights are protected.
The right to freedom of speech and information, as well as the right to privacy and
living with human dignity, may be threatened by social networking sites, which may
protect” unfair practises.
It has been proposed that such attacks are for a number of causes, including:
lack of regulatory and procedural protections that can lead to the exclusion of
users;
The option to monitor privacy settings
Lack of user satisfactory privacy terms and conditions
Lack of clarity in the compilation and distribution of personal data
Data privacy shall extend to persons and their rights (which may often be qualified)
pertaining to the use and removal of their data in accordance with their identities. In recent
years, these rights have become increasingly necessary, as technology has allowed the
processing, storage and conciliation of vast data pools.
The right to privacy is a highly complex concept. In a contemporary society, right has been
identified both in the eye of the law and in general parlance. Article 21 preserves the right to
privacy and maintains an individual's integrity. In addition, the advancement of technology
has contributed to numerous concerns related to privacy rights and data security. Technology
has made it easier to view and transmit personal data. The privacy right means the specific
right of an individual to monitor the collection, use and dissemination of personal
information. Personal data can be in the form of personal interests, behaviour, accounts,
educational and financial records. If such data of an individual is deceptive or is transmitted
to a third party, he might be made liable. A dispute tends to arise between the right to privacy
and the data security. In particular, data security should balance these competing interests
with data. However, data security should be secured in such a way that it would not violate
their privacy rights. The Constitution of India under “Article 19(1)(a) provides the right to
freedom of speech and expression, which implies that a person is free to express his views
about certain things. A person has freedom of life and personal liberty which can be taken
subject to the procedure established by the law as provided under Article 21. The personal
liberty under Article 21 is of the widest amplitude and it covers a variety of rights which
constitute the personal liberty15 , privacy, autonomy, human dignity, human right, limited and
protected communication, etc.”
By reading Articles 19 and 21, it can be deduced that “judicial activism has placed the right
to privacy into the realm of fundamental rights. The right to privacy has been accepted by the
14
S.D. Warren and L.D. Brandies (1890) ‘The Right of Privacy’, Harvard Law Review,4(5) :196.
15
Kharag Singh v. State of U.P., AIR 1963 SC 1295.
15
courts as an essential part of the right to life and personal liberty. In Kharag Singh case 16, the
Supreme Court of India has construed the right to life to mean the right to a dignified life. In
Gobind v. State of M.P.17 Mathew J., while delivering the majority decision, argued that the
right to privacy was itself a fundamental right, but subject to public interest limitations. In its
multiple decisions, privacy as such, interpreted by our Supreme Court, suggests different
things to different individuals. In R.M. Malkani v. State of Maharashtra18 The Supreme Court
observed that,” the court will not tolerate the safeguards for the protection of the citizen to be
imperilled by permitting the police to proceed by unlawful or irregular methods” 19 Telephone
tapping is a violation of privacy and freedom of speech and expression, and the Government
is thus forbidden to place a prior restriction on the dissemination of defamatory information
against its official and, if so, would be contrary to Articles 21 and 19(1)(a) of the
Constitution. In People’s Union for Civil Liberties v. Union of India 20 The Supreme Court
ruled that, without intervention, the freedom to have a phone conversation in the privacy of
one's home or office would clearly be contended as a right to privacy. In this case, the
Supreme Court laid down some rules for carrying out legal interceptions and even set up a
high-level oversight committee to evaluate the relevance of those interceptions. In State of
Maharashtra v. Bharat Shantilal Shah21, The Supreme Court held that, while the recording of
conversation represents a violation of the right to privacy of a person, it may be minimised in
compliance with the protocol validly prescribed by statute.”
In R. Rajagopal v. stae of T.N.22, the Supreme Court ruled that The plaintiffs have the
freedom to write, even without his consent or approval, what they claim to be the life
story/autobiography of the auto Shankar, as much as it appears from the public records.
Although they could be breaching his right to privacy if they go past that and print his life
story. The Constitution exhaustively listed the appropriate grounds for restricting freedom of
speech and expression under Article 19. “In Destruction of Public Property & Private
Properties v. State of A.P.23, The Supreme Court argued that the media should be directed by
the values of impartiality and objectivity in reporting; maintaining neutrality, fair reporting of
crucial issues, in particular crime, aggression, unrest and protest; vigilance in reporting on
16
Kharag Singh case, AIR 1963 SC 1295.
17
Gobind v. State of M.P., (1975) 2 SCC 148.
18
R.M. Malkani v. State of Maharashtra, (1973) 1 SCC 471.
19
R.M. Malkani v. State of Maharashtra, (1973) 1 SCC 471.
20
People’s Union for Civil Liberties v. Union Of India ,(1997) 1 SCC 301
21
State of Maharashtra v. Bharat Shantilal Shah, (2008) 13 SCC 5.
22
R. Rajagopal v. stae of T.N ,(1994) 6 SCC 632.
23
Destruction of Public Property & Private Properties v. State of A.P. (2009) 5 SCC212: (2009) 2 SCC(Cri)
629: (2009) 2 SCC (Civ) 451.
16
women and children and topics linked to national security; and respect for privacy. In
People’s Union for Civil Liberties (PUCL) v. Union Of India 24, The Supreme Court affirmed
that, where there is conflict between the right to privacy of persons and the right to
information of citizens, the former right must be subservient to the latter right, as it reflects a
broader public interest. In Sharda v. Dharmpal25, The Supreme Court ruled that a balance
must be preserved between the interests of the individual and the right to privacy”. At the end
of the day, it takes a balanced and convivial interrelationship between the common interest
and individual liberty.
Justice K.S. Puttaswamy(Retd.) and Anr. v. Union of India and ors 26is a landmark judgement
of the Supreme Court of India, which holds that the right to privacy is protected as a
fundamental constitutional right under Articles 14, 19 and 21 of the Constitution of India.
Much as our fundamental rights have been interpreted in the past to include the right of
education; to livelihoods; to food, water, and shelter; against custodial violence; women's
reproductive rights, among many others, they have now been interpreted as having the right
to privacy. Although constitutional rights are certainly enforceable against a State action, they
can also be applied with regard to private acts. This is what the petitioners are asking in the
ongoing Whatsapp case. Since they contend that Whatsapp's acts infringe their rights to
privacy, they urge the State to safeguard their constitutional right to privacy by enacting data
security regulations. Justices Chandrachud and Kaul's analysis of Internet company profiling
of users is primarily in the light of the proposal of the Data Protection Act, which, in other
words, is a recommendation that the State should uphold the constitutional right of privacy of
users vis-à-vis private companies. It is also doubtful that the legislation will be applied
against private corporations.
The Apex Court has also been criticised for recommending a consent-based privacy system
that might not be viable for new, disruptive use of data. However, with the exception of one
portion of the particular decision of Justice Kaul, it does not appear that the court expressly
endorses the consent-based framework.
It will therefore be beyond the scope of reference for the court to suggest a new form of data
security system. Rather, the court can be seen as proposing the implementation of a system
24
Union for Civil Liberties(PUCL) v. Union Of India , (2003) 4 SCC 399.
25
Sharda v. Dharmpa ,(2003) 4 SCC 493.
26
Justice K.S. Puttaswamy(Retd.) and Anr. v. Union of India and ors (2017) 10 SCC 1: AIR 2017 SC 4161.
17
for data security, the mode of which is left to the administrator. To the point, if there are any
recommendations as to the mode of the data security system, they will not be binding.
However, even though multiple references to the consent in the decision may be taken to
justify a consent-based data security system, we need to determine whether the consent can
be revoked in full. Any suggested replacements of the standard 'I accept' mechanisms, such as
where the data subject restricts access to the information from third parties, are based on
consent. What they're doing is changing the onus of acceptance to be more user-centric.
Going into a true accountability system, where the consumer entrusts the State with the
security of its privacy interests could undermine the autonomy of advanced users. So instead
of giving it our absolute approval, we should instead re-imagine it in a way that encourages
creativity but still retains freedom.
Data privacy is appropriately defined as the proper use of data. “If businesses and traders use
the data or information given or delegated to them, the data should be used for the purpose
accepted. The need to protect strict privacy of data is more strictly applicable to the collection
of personal data, such as medical records, financial data, criminal records, political records,
business-related information or website data, but at a time when most of the personal
information is widely exchanged and available through large social media channels, the
strictness of privacy of data has become more useful than ever in context of data shared.”
Along systematised data “digitisation and online contact and transaction forms, users are
obliged to disclose personal information at every stage in order to use vital services. All this
data is stored in vast databases, repositories of the world's personal data, and the user would
never be sure who does or does not have access to these repositories of data. The only
obstacle stands between the user and the disreputable misuse of his/her personal data revealed
is by states, companies or even” crime syndicates, is the dubious world of data privacy
regulation.
18
than 100 countries around the world. .But with rising online risks such as hacking, malware,
identity theft, e-commerce fraud, cyber-stalking, cyber-bullying, to name just a few, data
protection controls have become a priority concern for the international community
The whole problem of privacy infringement has been re-examined in “the light of the fact
that there are no globally agreed security platforms or conventions or rules, and that privacy
is a relative term that is addressed by the various jurisdictions in their national laws, bearing
in mind the social and economic, progress of the country. Although the whole concept of
social media can seem tantamount to data privacy, social media depends on empowering
users to willingly reveal and exchange personal information and media among diverse groups
of people, it is for this very purpose that the need for data security and privacy is becoming a”
major concern in this area.
In 2012 Facebook Ireland Limited Re-audit report: Data Protection Commissioner outlined
the results of the analysis in the following “areas of concern for data protection; ‘Privacy
policy, Advertising, Access requests retention, Cookies and plug-in, Third party apps,
Disclosure of content to third parties, Facial recognition and tags, Data security, Deletion of
accounts, Friend finders, Posting on other users and groups profile pages, Facebook credits,
Profiles of individual using the site under an alias name, Reporting abusive content and
behaviours, Compliance systems put in place by the site, Site governance.”
The real question is, because Facebook's social networking site is free of charge, should
Facebook be allowed to infringe the rights of any individual? Regardless of the terms &
conditions that the person agreed before signing with Facebook, can the terms and conditions
be described as not consonant with the fundamental principles of privacy set out in Article 21
and thus not enforceable?
Considering that more than 2.5 million bytes of data are accessed every day, the likelihood of
violations of data privacy is greater than ever before and just as important. It is becoming
urgently imperative that the government approach this issue as seriously as the Apex Court
has done and take active statutory measures to protect the privacy of its people.
19
Facebook is the largest social media platform with 2.5 billion active users. More than a
quarter of the world’s 7 billion humans are active on Facebook. Here are some more
intriguing Facebook statistics27:
Although, Facebook is the largest social network, Instagram (also operated by Facebook) has
shown remarkable growth. Here’s how this photo-sharing platform contributes to our data
deluge:
• There are 600 million Instagrammers; 400 million online every day;
• Every day 95 million images and videos are posted with Instagram.
• 100 million users use the Instagram Stories functionality every day.
Indian Scenario:
India has around 241 million Facebook users, highest in the world. Facebook is reporting a
total “potential audience” of 241 million active users in India, compared to 240 million in the
US.28
The Constitution “of India does not patently grant the fundamental right to privacy. However,
the courts have read the right to privacy into the other existing fundamental rights, ie,
freedom of speech and expression under Art 19(1)(a) and right to life and personal liberty
under Art 21 of the Constitution of India. However, these Fundamental Rights under the
Constitution of India are subject to reasonable restrictions given under Art 19(2) of the
27
https://www.forbes.com/sites/bernardmarr/2018/05/21/how-much-data-do-we-create-every-day-the-mind-
blowing-stats-everyone-should-read/
28
https://www.livemint.com/Consumer/CyEKdaltF64YycZsU72oEK/Indians-largest-audience-country-for-
Facebook-Report.html?utm_source=scroll&utm_medium=referral&utm_campaign=scroll
20
Constitution that may be imposed by the State. Recently, in the landmark case of Justice K S
Puttaswamy (Retd.) & Anr. vs. Union of India and Ors., the constitution bench of the Hon'ble
Supreme Court has held Right to Privacy as a fundamental” right, subject to certain
reasonable restrictions.
Currently, India doesn't have any express enactment administering information security or
protection. Be that as it may, the pertinent laws in India managing information insurance are
the Information Technology Act, 2000 and the (Indian) Contract Act, 1872. India's current
laws on information security are much smaller in extension. The essential rules administering
information protection are the Information Technology Act, 2000 (IT Act) and the
Information Technology (Reasonable Security Practices and Procedures and Sensitive
Personal Data or Information) Rules, 2011 (Privacy Rules).
Information Technology Act, 2000 arrangements with the issues identifying with installment
of remuneration (Civil) and discipline (Criminal) if there should be an occurrence of
improper exposure and abuse of individual information and infringement of legally binding
terms in regard of individual information.
The Information Technology Act, 2000 (hereinafter referred to as the "IT Act") “is an act to
provide legal recognition for transactions carried out by means of electronic data interchange
and other means of electronic communication, commonly referred to as "electronic
commerce", which involve the use of alternative to paper-based methods of communication
and storage of information to facilitate electronic” filing of documents with the Government
agencies.
According to “section 69 of the IT Act, any person, authorised by the Government or any of
its officer specially authorised by the Government, if satisfied that it is necessary or expedient
so to do in the interest of sovereignty or integrity of India, defence of India, security of the
State, friendly relations with foreign States or public order or for preventing incitement to the
commission of any cognizable offence relating to above or for investigation of any offence,
for reasons to be recorded in writing, by order, can direct any agency of the Government to
intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any
information generated, transmitted, received or stored in any computer resource. The scope of
section 69 of the IT Act includes both interception and monitoring along with decryption for
the purpose of investigation of cyber-crimes. The Government has also notified the
21
Information Technology (Procedures and Safeguards for Interception, Monitoring and
Decryption of Information) Rules, 2011, under the” above said legislation.
Section 43 of the IT Act, imposes a penalty without prescribing any upper limit, doing any of
the following acts:
2. Copies, extract any data or download, computer information base or data from such PC,
PC framework or PC network including data or information held or put away in any
removable stockpiling medium;
3. Acquaints or causes with be presented any PC toxin or PC infection into any PC, PC
framework or PC organization;
6. Decline or makes the forswearing of access any individual approved to get to any PC, PC
framework or PC network using any and all means; (g) gives any help to any individual to
encourage admittance to a PC, PC framework or PC network in contradiction of the
arrangements of this Act, rules or guidelines made thereunder;
22
8. Demolishes, erases or changes any data living in a PC asset or lessens its worth or utility or
influences it damagingly using any and all means;
9. Take, disguises, pulverizes or changes or makes any individual take, hide, wreck or adjust
any PC source code utilized for a PC asset with an expectation to cause harm.
U/s 65 of the IT Act sets out that whoever purposely or purposefully disguises, devastates, or
adjusts any PC source code utilized for a PC, PC program, PC framework or PC organization,
when the PC source code is needed to be kept or kept up by law for the time being in power,
will be culpable with detainment as long as three years, or with fine which may reach out up
to Rs 2,00,000 (approx. US$3,000), or with both.
Section 66 gives that if any individual, insincerely or falsely does any demonstration alluded
to in area 43, he will be culpable with detainment for a term which may reach out to three
years or with fine which may stretch out to Rs 5,00,000 (approx. US$ 8,000)) or with both.
U/s “72 of the IT Act accommodates punishment for penetrate of classification and security.
The Section gives that any individual who, in compatibility of any of the forces presented
under the IT Act Rules or Regulations made thereunder, has tied down admittance to any
electronic record, book, register, correspondence, data, report or other material without the
assent of the individual concerned, uncovers such material to some other individual, will be
culpable with detainment for a term which may reach out to two years, or with fine which
may” stretch out to Rs 1,00,000 or with both.
Given its set of experiences of ignoring clients “security concerns, Facebook has broken its
Data Use Policy into various parts, in a conspicuous undertaking to make it more understood.
It has in like manner denied enormous quantities of the baffling legal articulations regularly
used in security strategie. Still it is around 8,700 words.”
23
All data that the clients share are recorded by Facebook. (Notwithstanding the way that it
can't by and large confer that information to supports or different pariahs) Likewise it
additionally approach information on “other Facebook clients share about you on Facebook.
At last, it can get to a combination of information from the locales you visit through its
"Like" button — whether or not you're not endorsed into Facebook by then. In all honesty,
you don't should have a Facebook account at all for the casual network to get together
explicit snippets of data.”
Expecting you do have a Facebook account, here is a brisk as-conceivable rundown of the
data Facebook is likely gathering on you:-
1. NAME
2. AGE
3. GENDER
4. EMAIL
5. NETWORKS
6. PHOTOS
7. VIDEOS
8. TAGS AND FACIAL DATA
9. WHICH PROFILE YOU LOOK AT
10. WITH WHOM YOU CHAT ON FACEBOOK MESSENGER
11. RELATIONSHIP STATUS
12. LIKES
13. LIST OF FAVOURITE THINGS
14. POLITICAL AFFILIATION
15. WHICH WEBSITES YOU VISIT
16. ANYTHING YOU PURCHASE FROM FACEBOOK CREDIT
17. BROWSER TYPE
18. OPERATING SYSTEM
19. IP ADDRESS
20. GPS LOCATON
21. USER NAME
24
22. USER ID
Facebook allows you to make certain information private, or to make “all of your information
public. However, even if you adjust your privacy settings to make everything private, some
information is public, no matter what you do. All public information can be seen by anyone,
even if they do not have a Facebook account” and “anyone” includes other websites, games,
and various Web applications. Always-public information – what Facebook” refers to as your
“basic info” — includes:
1. Name
2. Profile Pictures
3. Cover Pictures
4. Gender
5. Username
6. User ID
7. Comments
Personal information: Facebook permits you to make a large portion of the data you share
private. What "private" signifies is up to you. You can either impart to every one of your
companions, or utilize the "tweak" sharing choice open on every announcement box, which
allows you to share the notice or photograph with specific individuals, however not others.
This segment is effectively quite possibly the main pieces of Facebook's Data Use Policy —
it has "information use" directly in the name! It is additionally effectively the most
befuddling, part of the entire record.
Facebook is, by all measures, a publicizing organization — that is the means by which it
brings in cash. The manner in which it sells promoting is by gathering the entirety of the
previously mentioned data about its clients, at that point utilizing that information to sell
"directed advertisements" — advertisements that you are bound to tap on than advertisements
made for just anybody.
25
Chapter IV
The accompanying examination depends on the Questionnaire that was circulated and topped
off by attorneys, law understudies, digital law specialists just as experts from non lawful
foundation in particular organization and media transmission engineers, computer
programmers, and showcasing experts.
26
27
28
29
30
31
32
33
Empirical data analysis:-
34
Chapter V
Conclusion
The present world is an information economy world. Today, every specialist organization is
keen on a client not personally but rather, as an information element who is continually
producing, broadcasting and communicating information. Specialist co-ops thus use
information created from clients for different purposes like focusing on them with explicit
messages or promoting, and so forth Information has a multifold reason for profiling clients,
yet in addition for the motivations behind barraging clients with different sorts of
administrations, viewpoints, assessments, content, text which could help them settle on
choice to relating to their current everyday issues.
According to 2017, Indians downloaded 12.1 billion applications. Hence, India as a country
which has necessities to secure its information clients and their own and information
protection. The country needs to return to its current remain on mediator obligation and make
specialist organizations at risk for unapproved admittance to and utilization of outsider
information. The country needs to guarantee that the information of Indians isn't originally
shipped off areas outside India and afterward abused. Information localisation is one
methodology that should be very much analyzed in such manner, not exclusively to ensure
Indian information clients yet in addition to secure Indian digital sway as additionally India's
sovereign interest in the internet. Everyone's eyes are on the public authority to give viable
solution for influenced people, who are preferentially influenced by unapproved information
penetrates.
At the point when one ganders at the current law, one finds that India doesn't have a
committed legitimate structure to administer information through online media sites or
portable applications.
Since Facebook likewise has Mobile App. It is right that mobiles are brought under the ambit
of the term 'specialized gadget' under the Information Technology Act, 2000. Anyway the
whole perspective relating to managing the undertakings of versatile application specialist
organizations have not been characterized or sufficiently managed under the Indian digital
laws. It is right that portable application specialist co-ops are middle people under the
Information Technology Act, 2000 and subsequently, all go-betweens are commanded to
35
practice due tirelessness while they release their commitments under the law.
Notwithstanding, the particular boundaries of due ingenuity for versatile applications
specialist co-ops have not been explicitly characterized under the Indian Information
Technology Act, 2000.
Ordinarily, any and each portable application will get to the information that is on a client's
gadget. This could incorporate either the media, sound, or some other data accessible on one's
telephone. It truly depends from application to application concerning what is the particular
spotlight on the information that they need to accomplish and what are the purposes behind
which they are looking for explicit authorizations from users.While the versatile Apps have
expanded our comfort, profitability and flexibility of specialized gadgets yet simultaneously
there is countless legitimate issues encompassing Mobile Apps.
The particular greatest significant legitimate issue in todays setting is that of Privacy.
Individuals have inborn assumption for security at whatever point they chat on telephone or
peruse sites. For the most part clients know about the sovereign privileges of interference of
information, observing and impeding that any sovereign government my activity. A real
genuine lay client of portable specialized gadget or one perusing online media webpage has
constantly little assumption for protection to being undermined.
36
Jurisdictional issues and consistence by the unfamiliar elements to the information of Indian
Citizens should be tended to soon. The workers are situated external India for a large portion
of the web-based media sites. There pressing requirement for administrative intercession into
this virtual world which will in general influence our everyday exercises.
37
REFERENCES
BIBLIOGRAPHY
Books Referred:
Nandan Kamath, Laws relating to Computers Internet & E-commerce (2013)
Laura Scaife, Handbook of Social Media and Law (2015)
Pawan Duggal, Mobile Crime and Mobile Law (2016)
Articles Referred:
Agnieszka A. McPeak, Social Media, Smartphones, and Proportional Privacy in Civil
Discovery, 64 U. Kan. L.Rev. 235 (2015)
Dr. Shivshankar Singh, Data protection and Privacy in india(2012)
Stephen E. Henderson, Expectations of Privacy in Social Media,31 Miss. C. L. Rev.
227 (2012)
Office of Information Commissioner, Queesnland, Guidelinse Information Policy Act
2009 Privacy and Mobile Apps
Adam Berth, Design and Analysis of Privacy Policies (2008)
Annicka Gunnarsson Siri Ekberg,Invasion of Privacy: spam- one result of bad privacy
protection (2003)
Sascha van Schendel, The role of Privacy by design in big Data Analytics(2016)
Neeraj Grover, Right of Privacy in digital Age: Evolving Privacy Laws and their
Applicabilty to social media(2011)
Newspapers Referred:
The Indian Express
The Business Line
The Mint
The Financial Express
The Times of India
The Chicago Tribune
38
WEBLIOGRAPHY
1. www.jstor.org
2. www.scconline.com
3. www.supremecourtofindia.nic.in
4. www.epaper.timesofindia.com
5. www.thehindu.com
6. www.hindustantimes.com
7. www.facebook.com
8. https://www.facebook.com/policy.php
9. https://inc42.com/buzz/google-facebook-whatsapp-data-privacy/
10. https://business-law-review.law.miami.edu/social-media-privacy/
11. www.huffingtonpost.com
12. http://economictimes.indiatimes.com
39