… There is no express legislation in India dealing with data protection. Although the Personal Data Protection Bill was introduced in Parliament in 2006, it is yet to see the light of day. While the Information Technology Act, 2000 (IT Act), contains provisions regarding cyber and related IT laws in India and delineates the scope of access that a party may have to on data stored on a computer, computer system or computer network, the provisions of the IT Act do not address the need for a stringent data protection law being in place.
On 5 February, the IT Act was amended by the Information Technology (Amendment) Act, 2008. While the amendment Act is yet to come into force, it has introduced two important provisions that have a strong bearing on the legal regime for data protection. These are sections 43A and 72A, inserted into the IT Act by the amendment Act.
Read more on LiveMint.com