Facebook Cambridge Analytica Scandal: Article 72A of Information Technology Act not enough to protect user’s data

As per section 72A, securing access and providing ‘any material containing personal information about an-other person’ without consent of that person, or in breach of contract of a service is punishable with imprisonment or fine, or both.

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the   threats themselves.

’s sharing of user data with has attracted widespread attention, to the extent that the US Federal Trade Commission would be probing to determine whether user data had in fact been shared by Facebook with Cambridge Analytica. The United States is very mature in terms of having data protection and privacy regime. It remains to be seen as to what impact this is likely to have on Facebook in the long run. However, owing to this incident, the reputation of Facebook has definitely taken a beating, with many users having started to delete their Facebook accounts.

The Supreme Court in India has established the right to privacy has a fundamental right. Although India presently does not have a specific law covering data protection or privacy, there are other regulations which do in fact provide some coverage in cases where user data is used or shared without their consent. For ex-ample, section 72A of the Information Technology Act specifically provides such a protection to user’s da-ta. As per section 72A, securing access and providing ‘any material containing personal information about another person’ without consent of that person, or in breach of contract of a service is punishable with im-prisonment or fine, or both.

The section is however qualified by the fact that the intent behind securing such information should be to cause wrongful loss or wrongful gain. It remains to be seen whether sharing user information without their consent, which violates their fundamental right, would automatically result in a wrongful gain/loss to qualify such acts as an offence under the IT Act.

Prashant Phillips is Partner & Practice Head, Lakshmikumaran & Sridharan Attorneys. Views are personal.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles