Of Consent and Lawful Uses:
Where the Rubber meets the Road

While the concept of consent, in consonance with the current consent based regime under the Information Technology Act, 2000 (“IT Act”)[1] as well as the constitutional primacy of consent and autonomy under various court decisions dealing with the right to information privacy has remained firmly entrenched as the primary basis for collection and processing of personal data under the various drafts of general personal data protection legislation in India over the years,[2] the newly notified Digital Personal Data Protection Act, 2023 (“Act”)[3]also provides for “legitimate use” as key additional basis available to Data Fiduciaries[4] for collection and processing of personal data[5].Continue Reading Of Consent and Lawful Uses:Where the Rubber meets the Road

The immunity granted under Section 79(1) of the Information Technology Act, 2000 (“the Act”) to intermediaries, commonly referred to a ‘safe harbour provision’, is not absolute.  Non-compliance with an order under Section 69A is one such instance when the immunity erodes[1].

Section 69A empowers the government to issue directions to government agencies or intermediaries to block public access to any information generated, transmitted, received, stored or hosted in any computer resource, if it falls under any of the grounds of concern mentioned in Section 69A itself (discussed below in detail).Continue Reading The Twitter Verdict: Examining The Efficacy Of Section 69a In The Background Of Karnataka High Court’s Latest Decision

Digital Age Warfare

A. Introduction

In this digital age, it may not be out of place to say that data has replaced oil as the most valuable resource. The advancement of technology has led to the emergence of a new species of extortion, where ransom is sought in lieu of data, which is illegally assumed control over. This phenomenon is popularly known as a ransomware attack. A ransomware attack includes a malware that is introduced onto the host’s computer or mobile, thereby encrypting its data, with a subsequent demand for a ‘ransom’ for decryption of the same, to secure its release[i].Continue Reading Digital Age Warfare: Ransomware Attacks

Introduction

The growth and diversification of businesses have led to an increase in white collar crimes. The term ‘white collar crime’ was first defined by Edwin Hardin Sutherland as crimes committed by persons who hold high societal status and repute in their profession. As the complexity of such crimes has grown over the years and investigations have become refined, we have seen an increase in private professional services offering support to companies and their management in dealing with white collar crimes.

These support services extend from providing an in-depth analysis of the crime to the management, carrying out forensic investigations into the affairs of the company, including audit and forensic diligence reports and preparing the company for legal proceedings. The need for internal private investigations has also increased as a result of strengthening of laws on compliances and reporting of white collar crimes. The allegations may vary from offences under the Indian Penal Code (such as fraud, cheating, forgery, etc.) to offences under offences under special statutes (such as money laundering, insider trading, corruption, etc.).Continue Reading For or Against Forensic diligence when facing a White-Collar Investigation: Evidentiary Value

Interplay of Data Analytics, AI and Infrastructure Investment

Artificial Intelligence and Data Analytics

The global race to augment capabilities of artificial intelligence (AI) is intensifying in both advanced and emerging economies. From optimising power generation and transmission, diagnosis and drug discovery, improving learning environment, enhancing design and functionality, to automation in logistics, AI will not only continue to evolve but possibly surpass human intelligence in the near future. Today’s digital age is overflowing with valuable data which if appropriately analyzed can predict results, making data analytics an indispensable tool for any corporate to sustain in the economy.
Continue Reading Tomorrow’s Technology in Today’s Infrastructure: Interplay of Data Analytics, AI and Infrastructure Investment

 Data Protection in the Indian Insurance Sector – Regulatory Framework Part I

A shift towards digitisation has been the central theme for the insurance industry in recent years. Digitisation lowers the cost of transacting business, helps increase penetration, and brings higher efficiencies. However, the convenience of digitisation brings with it concerns related to data protection.

The Information Technology Act, 2000 (IT Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules) set out the general framework with respect to data protection in India. However, given the nature of the business of insurance companies and intermediaries, the Insurance Regulatory and Development Authority of India (IRDAI) has prescribed an additional framework for the protection of policyholder information and data, which is required to be followed in addition to the general framework under the IT Act.
Continue Reading Data Protection in the Indian Insurance Sector – Regulatory Framework Part I

IRDAI clarification Written Mandate under the IRDAI (Insurance Brokers) Regulations, 2018

The Insurance Regulatory and Development Authority of India (IRDAI) notified the IRDAI (Insurance Brokers) Regulations, 2018 (Brokers Regulations) on January 12, 2018, repealing the erstwhile brokers regulations of 2013. This continues what is now considered an eventful financial year for the insurance regulatory space in India.

The Brokers Regulations improved upon the existing framework for the governance and regulation of insurance brokers- who act as significant intermediaries in the insurance sector. IRDAI, under these new Regulations, prescribed that all insurance brokers are required to comply with the code of conduct (Code of Conduct) set out in Schedule I – Form H of the Regulations.
Continue Reading IRDAI Issues Clarification on Form of Written Mandate under the IRDAI (Insurance Brokers) Regulations, 2018