Is Indian Express guilty of Privacy infringement under DPDPA and ITA 2000?…DPDPA is here…4

It has become a practice for organizations to send marketing e-mails with “Donot Reply” address. Today I came across the following email from Newsletter@indianexpressonline.org but the reply set to a non existent email address of emailers@indianexpressonline.org. Obviously the “Reply to” message bounced.

The Email was delivered through the AWS service namely Amazon Simple Email Service

Consequent to the DPDPA being a law in India, we need to debate the ethical and legal aspect of such emails.

Does this email of Indian Express constitute a communication without an appropriate notice and Consent? May be Indian Express may today say that the date of effectiveness of the provision of Section 5 of DPDPA is not yet announced.

But, could this also be considered as “Impersonation” and an attempted Section 66C -ITA 2000 offence? ..which is a cognizable offence with 3 year’s imprisonment?

To me it appears to be so.

Next, what is the role of Amazon SES which is the instrument of this crime? Is it to be considered as a “Data Processor” and an “Agent” so that the liability for impersonation and attempted impersonation lies only with Indian Express and not Amazon? or is Amazon a joint Data Fiduciary and has a liability under DPDPA while escaping liability under ITA 2000 where it is an undisclosed agent?

My view is that both Indian Express and Amazon are guilty of Section 66C offence of ITA 2000 which is effective today and also liable under Section 5 of DPDPA for which a penalty of upto Rs 250 crores could be imposed? …if DPB had been in existence?

Let’s Debate.

Comments are welcome

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.