Naavi.org

The President of India has given assent to the three new laws, namely the New IPC, The New-CrPC and the The new IEA today the 25th December 2023.

Copies are available here:

The New IPC (Bharatiya Nyaya Sanhita 2023)

The New CrPC (Bharatiya Nagarik Suraksha Sanhita 2023 )

The New IEA (Bharatiya Sakshya Adhiniyam 2023)

The Telecommunications Act 2023 also got the Presidential Asset today,

The Dates of applicability and whether they will be entirely prospective or retrospective needs to be clarified. We can presume that the laws will be applied prospectively from the date of notification.

The Minister of IT Mr Ashwini Vaishnav has clarified that over-the-top (OTT)   services will not be covered under this Telecom Act and will continue to be regulated under ITA 2000.

Naavi

The Book “Guardians of Privacy” by Naavi which was formally launched at Hyderabad on 17th of this month is a treatise on “Privacy”, “Personal Data Governance”.

It covers the legal concepts of Privacy and the recently passed law in India namely the DPDPA 2023. It also discusses the DGPSI (Data Governance and Protection Standard of India ) framework for implementation and certifiable audit of DGPMS(Data Governance and Protection Management System).

The book contains 386 pages spread over 29 chapters and one Appendix as follows:

Chapter I: Legislative History behind DPDPA 2023
Chapter II: Concept of Privacy and Protection of Privacy through Data Protection
Chapter III: DPDPA 2023
Chapter IV: Obligations of a Data Fiduciary: Notice and Consent
Chapter V: Obligations of Data Fiduciaries-Legitimate Use
Chapter VI: Obligations of Data Fiduciaries-General
Chapter VII: Rights of the Data Principal
Chapter VIII: Compliance By Design
Chapter IX: Processing of Personal Data of Minors
Chapter X: Special obligations of Significant Data Fiduciary
Chapter XI: Cross Border Transfer of Personal Data
Chapter XII: Exemptions from Applicability of DPDPA 2023
Chapter XIII: Data Protection Board of India
Chapter XIV: Penalties
Chapter XV: Miscellaneous
Chapter XVI: Compliance of ITA 2000
Chapter XVII: Compliance of GDPR
Chapter: XVIII: Managerial Perspective of Data
Chapter XIX: Data Monetization, Valuation and Insurance
Chapter XX: Managerial View of Data Security
Chapter XXI: Approach to Data Protection
Chapter XXII: Concept of Privacy and Compliance by Design
Chapter XXIII: Data Audit
Chapter XXIV: Essence of ISO 27001 for Business Managers
Chapter XXV: ISO 27701.
Chapter XXVI: Essence of BIS draft Standard for Data Governance
Chapter XXVII: Indigenous Framework for Data Protection Compliance -DGPSI .
Chapter XXVIII: Data Trust Score as a Measurement of Compliance
Chapter XXIX: Business Opportunities under DPDPA 2023
Appendix-The DPDPA 2023

The copy of the Act as passed is available in the Appendix.

Chapters I and II provide the background to DPDPA 2023 in the form of evolution of Data Protection law in India.

Chapters III to XV discusses the different provisions of DPDPA 2023.

Chapter XVI discusses the compliance requirements under ITA 2000 as applicable to Personal Data.

Chapter XVII discusses the GDPR and how it compares with DPDPA 2023.

Chapters XVIII to XXII discusses the different aspects of Data Management including Data Valuation and Data Security.

Chapters XXIII to Chapter XXVIII discusses the different aspects of Data Audit.

Chapter XXIX discusses the business opportunities arising out of DPDPA 2023.

The approach of the book is to introduce the law as well as the Governance and Audit aspects in one comprehensive handbook. The approach can be considered as slightly unconventional but hope it would be useful for a Corporate executive to appreciate the compliance requirements under the law.

(Link for purchase is available on the right menu as well as Amazon and Flipkart)

Naavi

Section 335 of the New IPC covers “Making of false document” and includes “Electronic Document. Currently, the section 4 of ITA 2000 was already extending any laws which applied to a paper document to the electronic document and there was no need for the NIPC to re-iterate this in multiple sections. At best one reference under the definition clause referring to Section 4 of ITA 2000 and stating that whatever provisions applied to paper documents also applied to electronic documents except where specifically excluded. However without understanding the benefit of the bridging clause in Section 4 of ITA 2000, New IPC states time and again applicability of a section to electronic documents.

One such reference is found in Section 335, Explanation 3 which states

For the purposes of this section, the expression “affixing electronic signature” shall have the meaning assigned to it in clause (d) of sub-section (1) of section 2 of the Information Technology Act, 2000.

This explanation restricts the meaning of “Electronic Forgery” and limits it to digital/electronic signatures under Section 3/3A of ITA 2000.

We may recall the case of The Government of Tamil Nadu Vs Suhas Katti which was historically the first case of conviction under ITA 2000 where “Writing the name of a different person below the message text was considered as Forgery”. This would now be available under Section 336 under the new IPC.

Your comments?

Naavi

The passage of the three Bills which we can refer as the New IPC, New CrPC and new IEA for easy understanding is a momentous development which is nothing short of “Revolutionary”. In such a massive exercise there are bound to be many missed opportunities. These missed opportunities need to be spotted and flagged for future amendment or reading down by the Court. This is the process of development of “Jurisprudence”. Naavi.org will be trying to place its observations from time to time to flag such issues,starting with this .

Naavi

Section 78 of the New IPC (Bharatiya Nyaay Sanhita or BNS 2023) states:

78. (1) Any man who—
    (i) follows a woman and contacts, or attempts to contact such woman to foster
    personal interaction repeatedly despite a clear indication of disinterest by such woman; or
    (ii) monitors the use by a woman of the internet, e-mail or any other form of
    electronic communication,
    commits the offence of stalking:
    Provided that such conduct shall not amount to stalking if the man who pursued it
    proves that—
    (i) it was pursued for the purpose of preventing or detecting crime and the man
    accused of stalking had been entrusted with the responsibility of prevention and
    detection of crime by the State; or
    (ii) it was pursued under any law or to comply with any condition or requirement
    imposed by any person under any law; or
    (iii) in the particular circumstances such conduct was reasonable and justified.
    (2) Whoever commits the offence of stalking shall be punished on first conviction with
    imprisonment of either description for a term which may extend to three years, and shall also
    be liable to fine; and be punished on a second or subsequent conviction, with imprisonment
    of either description for a term which may extend to five years, and shall also be liable to fine

It may be observed that the section covers “Cyber Stalking” also.

A question however arises if “Staliking” is only a phenomenon that applies to a “Man” who follows a “Woman”. Would it not have been better in the days of “Honey Trapping” to make this section “Gender neutral”?

Under Section 2(10), the Act states:

(10) “gender”.—The pronoun “he” and its derivatives are used of any person,
whether male, female or transgender.

There is however a conflict under section 2(19) which states : (19) “man” means male human being of any age;

Jurisprudence demands that this definition 2(10) may be used to consider Section 78 as gender neutral.

Comments are welcome.

Naavi

On 20th December 2023, Lok Sabha passed the following 4 key Bills

1.Bharatiya Nyaay (Second)Sanhita, 2023 (Replacement of IPC 1860)

2. Bharatiya Nagarik Suraksha (Second)Sanhita, 2023 (Replacement of Criminal Procedure Code 1973)

3.Bharatiya Sakshya (Second) Bill, 2023 ( Replacement of Indian Evidence Act 1872)

4. Telecommunications Bill 2023

The Bills will be discussed in Rajyasabha on 21st December 2023.

After the Bills become an Act, there would be a huge disruption in the legal scenario in India. The Telecom Bill along with ITA 2000, DPDPA 2023 and the upcoming Broadcasting Services (Regulation) Bill 2023 (unlikely to be passed in the current Parliament) will be relevant for the study of Cyber Laws in India. We shall discuss this in detail in due course.

It is to be noted that the Bharatiya Nyaay Sanhita (New IPC) would be applicable to any offence committed by any person in any place without and beyond India committing offence targeting a computer resource located in India. This complements and extends the Jurisdiction of Cyber Crimes to beyond India.

Cyber Crime would be considered (Section 111) as an organized crime with relevant consequences.

Section 63 of the new Evidence Act will be replacing Section 65B of the old act. Additionally some more changes have been made which will be discussed in a separate article.

Naavi