Professional Documents
Culture Documents
OF CONFIDENTIALITY
AND PRIVACY
IT ACT 2000
Eksha Malhotra
500091532
B.Tech CSE- Devops
AGENDA
01 INTRODUCTION
04 S.72 PENALTY FOR BREACH OF
CONFIDENTIALITY AND
PRIVACY
PRIVACY
pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any
electronic record, book, register, correspondence, information, document or other material without the consent of the person
concerned discloses such electronic record, book, register, correspondence, information, document or other material to any other
person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one
lakh rupees, or with both.”
This section applies only to person who has gained access to the above mentioned information in pursuance to a power granted
under Information Technology Act, its allied rules e.g. a police officer, the Controller etc. it would not apply to disclosure of
personal information of a person by a website, by his email service provider etc.
SECTION 72: PENALTY FOR
BREACH OF
CONFIDENTIALITY AND
Persons conferred with power under the Act:-
The Act has conferred powers to :
PRIVACY
• The Controller of Certifying Authorities (Ss. 17-18)
• The Deputy and Assistant Controllers of Certifying Authorities (Ss. 17 and 27)
• Licensed Certifying Authorities (S. 31) and Auditors (Rule 312)
• The Adjudicating Officer (S 46)
• The Presiding Officer of the Cyber Appellate Tribunal (Ss. 48-49)
• The Registrar of the cyber Appellate tribunal (S. 56 and rule 263)
• Network Service provider (S. 79)
SECTION 72A:PUNISHMENT
FOR DISCLOSURE OF
INFORMATION IN BREACH OF
LAWFUL CONTRACT
It states ,“Save as otherwise provided in this Act or any other law for the time being in force, any person including an
intermediary who, while providing services under the terms of lawful contract, has secured access to any material containing
personal information about another person, with the intent to cause or knowing that he is likely to cause wrongful loss or
wrongful gain discloses, without the consent of the person concerned, or in breach of a lawful contract, such material to any
other person, shall be punished with imprisonment for a term which may extend to three years, or with fine which may
extend to five lakh rupees, or with both.] “ -Ins. by s. 37, ibid. (w.e.f. 27-10-2009).
An "intermediary" refers to any person or entity that facilitates electronic communication or the transmission of information
over the internet. This could include internet service providers, social media platforms, online marketplaces, and other similar
entities.
AADHAR LEAK CASE - 2017
One real-life case involving Section 72 of the Information Technology Act 2000 is the "Aadhaar Data Breach
Case." In 2017, it was reported that the personal details of millions of Indian citizens, including their Aadhaar
numbers (a unique biometric identification number), were leaked online due to a breach in the Aadhaar database.
In this case, it was alleged that certain individuals, including employees of government agencies or private
organizations entrusted with handling Aadhaar data, accessed this sensitive information without consent and
disclosed it to unauthorized parties. Such actions would be considered violations of Section 72, as the disclosure
of electronic records without consent is punishable under the Act.
• The Aadhaar data breach case underscores the importance of enforcing laws like Section 72 to protect the
privacy and confidentiality of individuals' personal information. It highlights the need for stringent measures
to prevent unauthorized access to sensitive data and hold accountable those responsible for breaches of
confidentiality and privacy.
CONCLUSION
Section 72 of the Information Technology Act 2000 serves as a crucial
deterrent against breaches of confidentiality and privacy in the digital realm.
By imposing penalties for unauthorized disclosure of sensitive information,
the Act reinforces the importance of respecting privacy rights and
maintaining data integrity. It underscores the need for accountability and
responsible handling of electronic records, books, correspondence, and other
materials. Section 72 ensures that individuals and entities conferred with
powers under the Act uphold the highest standards of data protection and
privacy, thereby fostering trust and confidence in electronic transactions.
Compliance with Section 72 not only mitigates legal risks but also
contributes to a safer and more secure digital ecosystem for all stakeholders
involved.
THANK YOU!
+123-456-7890
@reallygreatsite
hello@reallygreatsite.com