/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsWhat is Data Theft ?
According to Information Technology (Amendment) Act, 2008, the crime of data theft under Section 43(b) is stated as If any person without permission of the owner or any other person who is in charge of a computer, computer system of computer network, downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network. It is the term used when any information in the form of data is illegally copied or taken from a business or other individual without his knowledge or consent. The act of illegally downloading data from a networked computer to a USB flash drive is called thumbsucking. The use of an iPod or other portable music player for the same purpose is called podslurping.
/dq/media/post_attachments/a50ebd0d0d1f31c5419bc210578f46be161b4c05baa984c5c78e0ce42299b8f8.jpg)
Data as a Valuable Corporate Asset
Data is an important raw material for brick & mortar companies, BPOs, technology and IT companies. Data has also become an important tool and weapon for corporates to capture larger market shares. Its security has become a major issue with all the industries. The theft and piracy of data is a threat, faced by the IT players, who spend millions to compile or buy data from the market. Their profits depend upon the security of their data.
Issues Because of Mobility
The major issue regarding data theft is its international character, for example, systems may be accessed in the US, the data manipulated in China, and the consequences felt in India. The result of this ability is that different sovereignties, jurisdictions, laws and rules will come into play which again is an issue in itself. Further, collection of evidence in such circumstances become another issue as investigation in 3 different countriesall of whom may not be on talking termsis almost impossible and poor technical know-how of our cops adds to the woes. Also, the lack of coordination between different investigating agencies and a not-so-sure extradition process is another headache. However the biggest of all these issues is the lack of specific laws in the country dealing with this crime, so even if the culprit is caught he can easily get away by picking and choosing any of the various loopholes in our laws.
Indias Laws to
Safeguard Data Theft
UK has the Data Protection Act, 1984 though India and USA do not have specific laws to deal only with data protection. India has its Information Technology (Amendment) Act, 2008. The various sections of the ITA Act, 2008 which deal with the problem are briefly discussed here after
Section 43: Clause (b) provides protection against downloading, copying or extracting data or database or information by imposing heavy civil compensation which can run in crores. The unauthorized downloading, extraction, and copying of data are also covered under this section. Clause (c) of this section imposes compensation for unauthorized introduction of computer contaminants or computer virus. Clause (i) provides compensation for destroying, deleting or altering any information residing on computer or diminishing its value.
/dq/media/post_attachments/e9e4b97969ebaf25d1edede1681f946b15a435092ea0c8924829c7f0c910bc9c.jpg)
NoteSince section 43 does talk on the exact amount of compensation, one remains at the mercy of courts and intelligence of lawyers, as data being an intangible asset, the worth can run into millions or trillions of denominations.
Section 65: This section provides for computer source code. If anyone knowingly or intentionally conceals, destroys, alters or causes another to do as such shall have to suffer imprisonment of up to 3 years or fine up to `2 lakh, or both. This takes care by providing protection against tampering of computer source documents ie, copying/theft of software programs.
Section 66: Protection against data theft has been provided under this section. This section imposes the penalty of imprisonment of up to 3 years or fine up to `5 lakh or both on the person who commits crime of data theft.
Can Data Theft
Be Covered Under IPC?
Section 378 of the Indian Penal Code, 1860 defines theft as Whoever, intending to take dishonestly any movable property out of the possession of any person without that persons consent, moves that property in order to such taking, is said to commit theft.
Section 22 of IPC, 1860 defines movable property as The words movable property are intended to include corporeal property of every description, except land and things attached to the earth or permanently fastened to anything which is attached to the earth.
Since Section 378 IPC, only refers to movable property ie, corporeal property, and data by itself is intangible, it is not covered under the definition of Theft. However, if data is stored in a medium (CD, floppy etc) and such medium is stolen, it would be covered under the definition of Theft, since the medium is a movable property. But, if data is transmitted electronically, ie, in intangible form it would not specifically constitute theft under the IPC.
Conclusion
So next time when you plan to copy data or download data from your friends, clients, teachers or employers computer or network on your pen drive or iPod or any storage device, this act can put you behind bars for the next 3 years and make you poorer by `5 lakh or you can become even poorer to the extent of insolvency if compensation claim suit is also filed in the civil court.
Adv Prashant Mali
The author is a
well qualified and renowned cyber law consultant
maildqindia@cybermedia.co.in