Updated: April 30, 2022 9:58:11 am
The government is working on a fresh set of amendments to the Information Technology Act, 2000 — the country’s core legal framework that regulates entities on the internet such social media platforms and e-commerce companies — and would come up with a consultation process “soon”, Union Minister for Electronics and IT Ashwini Vaishnaw told The Indian Express.
Promulgated in 2000, the IT Act was developed to promote the IT industry, regulate e-commerce entities and prevent cybercrime. While over the years, certain sections of the Act have been updated, with the most recent one being changes to the social intermediary rules, the Act itself was last amended in 2008 to accommodate new developments in the IT space at the time.
However, the internet ecosystem has seen rapid changes since then and the current IT Act offers no regulatory framework for new age developments like artificial intelligence, machine learning, blockchain, video streaming, and online gaming, among others.
Vaishnaw said, “We definitely need an updated version of the IT Act. Yes, we are working on a new version. It cannot be that same IT Act of 2000, a lot of things have changed. The world has changed. We are working on it and will come up with a consultation process soon.”
Best of Express Premium
He also explained why the Indian Computer Emergency Response Team (CERT-In) recently came up with cybersecurity guidelines which, among other things, mandate that all cybersecurity incidents such as targetted scanning or probing of critical networks and systems, compromise of critical systems and information, unauthorised access of data and systems among others must be informed to it by the concerned companies within six hours of either being made aware of the incident or becoming aware itself.
“Cybersecurity is something which is continuously evolving. So we have issued very comprehensive guidelines from CERT-In. Ultimately, if there is a threat to you, the police and you would both have to work together,” Vaishnaw said. “The basic concept (of the guidelines) is that the people who are actually running the infrastructure, should take all possible steps to make sure that things are in place and if there is any breach, immediately inform us so that we can take action.”
The norms also require virtual private network providers to preserve a wide range of data on their customers for five years, which has raised privacy concerns. However, Vaishnaw said there was “nothing to worry about”. “There is no privacy concern. Suppose, somebody takes a mask and shoots, wouldn’t you ask them to remove that mask? It is like that,” Vaishnaw said.
(The correspondent is in Bengaluru at the invite of the Ministry of Electronics and Information Technology)
🗞 Subscribe Now: Get Express Premium to access our in-depth reporting, explainers and opinions 🗞️
- The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.