INFORMATION TECHNOLOGY ACT OF INDIA

Question 1

What is the Information Technology Act 2000 (IT Act)?

Answer 1

The cornerstone of India’s legal framework for cyber law - digital transactions - and data protection.

Question 2

What was the purpose of the Information Technology (Amendment) Act 2008?

Answer 2

To address new issues such as data privacy - information security - and cybercrimes.

Question 3

What does Section 43 of the IT Act cover?

Answer 3

Penalties and compensation for damage to computer systems - unauthorized access - and data theft.

Question 4

What is the penalty under Section 65 of the IT Act?

Answer 4

3 years imprisonment and a fine of 2 lakh rupees for tampering with computer source documents.

Question 5

What is the penalty under Section 66 of the IT Act?

Answer 5

3 years imprisonment and a fine up to INR 500 -000 for hacking computer systems.

Question 6

What happened to Section 66A of the IT Act?

Answer 6

It was struck down by the Supreme Court in 2015 for being vague and infringing on free speech rights.

Question 7

What do Sections 66C and 66D of the IT Act penalize?

Answer 7

Identity theft and computer-based scams.

Question 8

What is the role of the Indian Computer Emergency Response Team?

Answer 8

It is the national agency for cybersecurity - established under Section 70B.

Question 9

What is required under Section 43A of the IT Act?

Answer 9

Body corporates handling sensitive personal data must implement and maintain reasonable security practices.

Question 10

What is the role of the adjudicating officer under Section 46 of the IT Act?

Answer 10

To discern IT Act violations.

Question 11

What is the scope of the IT Rules 2011?

Answer 11

Applies to bodies corporate or persons located in India - covers private sector only - and defines ‘personal information’.

Question 12

What is included in Sensitive Personal Data (SPDI) under the IT Rules?

Answer 12

Passwords - financial information - health records - biometric data - etc.

Question 13

What are acceptable security practices under the IT Rules?

Answer 13

IS/ISO/IEC 27001 or a code developed by an industry association and approved by the government.

Question 14

What must organizations include in their privacy policies under the IT Rules?

Answer 14

The type of personal information collected - its purpose - and processing methods.

Question 15

What are the key data protection principles outlined in Rules 4-8 of the IT Rules?

Answer 15

Consent and purpose limitation - lawful purpose and minimal collection - notice and purpose limitation - retention - use - subject access and correction - option to refuse or withdraw consent - security - complaint handling.

Question 16

What do Rules 6 and 7 of the IT Rules cover?

Answer 16

Data processing and data export restrictions.

Question 17

What are the requirements for cross-border data transfers under the upcoming Indian Data Protection Act?

Answer 17

Consent - use of model clauses - and possible adequacy requirements.

Question 18

What does Rule 8 of the IT Rules require?

Answer 18

Organizations to implement reasonable security practices and procedures - such as ISO 27001.

Question 19

What are the exemptions under the IT Act and Rules?

Answer 19

Religious and social - charitable organizations - non-commercial organizations - non-automated data.

Question 20

What are the enforcement authorities for the IT Act?

Answer 20

The adjudicating officer - Cyber Appellate Tribunal - High Courts - and the Supreme Court.

Question 21

What is the purpose of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021?

Answer 21

To provide a framework for intermediaries and digital media entities to ensure compliance with legal obligations - content moderation - and user privacy.

Question 22

What is due diligence under the Intermediary Guidelines Rules?

Answer 22

Intermediaries must perform due diligence regarding content hosted on their platforms.

Question 23

What is the role of grievance redressal mechanisms under the Intermediary Guidelines Rules?

Answer 23

To address user complaints regarding content and data privacy.

Question 24

What are the content regulation requirements under the Intermediary Guidelines Rules?

Answer 24

Rules for content takedown - transparency - and accountability in content moderation.