Will the Minister of Electronics and Information Technology be pleased to state:
(a) whether the Government has formulated any procedure for individuals to complain about privacy violations until the personal data protection law is enacted and if so, the details thereof and if not, the reasons therefor; and
(b) the number of complaints received by the Government on privacy violations during each of the last three years and the current year and the action taken by the Government in this regard?
(a) : Section 43A of the IT Act, 2000 provides for compensation to be paid to the victim in case of unauthorized access of information and leakage of sensitive personal information respectively. The Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 notified under this section requires that body corporate shall designate a Grievance Officer and publish his name and contact details on its website. The Grievance Officer shall redress the grievances expeditiously but within one month from the date of receipt of grievance.
An individual can make a complaint to the grievance officer of the body corporate. Also, in case of privacy breach/violation, he can approach Adjudicating Officer appointed under section 46 of the IT Act. State Information Technology Secretaries have been designated as Adjudicating Officer for this purpose.
(b): The privacy violation/breach cases under the IT Act are dealt by Adjudicating Officer appointed in the States. The cases of Cyber contravention heard by Adjudicating Officer are State subject and such data is not maintained by Ministry of Electronics & Information Technology (MeitY).
*******