This document discusses data protection and privacy in India. It defines key terms like data protection and privacy. It explains the need for data protection and differentiates between data protection and privacy. It also discusses cyber security threats and classifications. Methods of data protection discussed include encryption, SSL, firewalls, antivirus software and more. India's SPDI rules regarding sensitive personal data are outlined. The document also provides information on how to lodge a complaint in case of a cyber crime and lists some penal provisions in Indian law relating to data protection.

1. DATA PROTECTION AND
PRIVACY
TEAM MEMBERS
KINJAL METHA
KARNITA SHAH
HIMANSHU JAIN
AAYuSH ADUkIA
CHINTAN SANGHAVI

2. CONTENTS
1. DEFINITIONS...................................................................................................................................3
2. DATA PROTECTION V/S PRIVACY..............................................................................................4
3. NEED OF DATA PROTECTION.....................................................................................................5
4. CYBER SECURITY...........................................................................................................................7
CLASSIFICATION OF CYBER SECURITY
PREVENTIVE MEASURES
CASE STUDY
5. METHODS OF DATA PROTECTION............................................................................................11
ENCRYPTION OF DATA
SSL
FIREWALL
ANTISPYWARE AND ANTIVIRUS
OTHER MEASURES
6. SPDI RULES....................................................................................................................................16
7.HOW TO LOGDE A COMPLAINT IN CASE OF CYBER CRIME....................................................17
8.Penal Provisions Relating To Data Protection Laws In India.................................................18

3. Definitions
• Data protection
It is the process of safeguarding important
information from corruption and loss.
• Privacy
It is the ability of an individual or organization to
determine what data in a communication
system can be shared with third party.

4. Data protection v/s privacy
Data protection
• Securing data from
unauthorized access
• Technical issue
• USA
• Identifying rules and
practices regarding
collection processing of
personal information.
Privacy
• Authorized access who
has it and who defines
it
• Legal issue

5. Need of data protection

6. Need of data protection

7. WHAT IS CYBER SECURITY?
Cyber security is the body of
technologies, processes and practices
designed to protect networks, computers,
programs and data from attack, damage
or unauthorized access.

8. CLASSIFICATION OF CYBER CRIMES
Against
persons
Against
Property
Against
Society
• E-mail Spoofing
• Hacking
• Cyber Squatting
• Cyber Trespass
• Child
Pornography
• Financial Crimes

9. SOME IMPORTANT PREVENTIVE MEASURES
• Identification of exposures through education will
assist responsible companies and firms to meet these
challenges.
• One should avoid disclosing any personal information
to strangers via e-mail or while chatting.
• One must avoid sending any photograph to strangers
by online as misusing of photograph incidents
increasing day by day.

10. CASE STUDY
• Worm Attack: The Robert Tappan Morris well Known as
First Hacker, Son of former National Security Agency
Scientist Robert Morris, was the first person to be prosecuted
under the ‘Computer and Fraud Act, 1986’. He has created
worm while at Cornell as student claiming that he intended to
use the worm to check how large the internet was that time.
The worm was uncontrollable due to which around 6000
computer machines were destroyed and many computers were
shut down until they had completely malfunctioned. He was
ultimately sentenced to three years probation, 400 hours of
community service and assessed a fine of $10500. So there
must be strict laws to punish the criminals who are involved in
cyber crime activities.

11. METHODS OF DATAPROTECTION
1. Encryption of data
Conversion of plain text into
cipher text is called encryption.
Decryption means to translate
convert
cipher text into plain text.
Even if hacker obtain the
encrypted data , he cannot
understand
the information.

12. 2. SSL (Secure Sockets Layer)
Secure Sockets Layer is the standard security technology for
establishing an encrypted link between a web server and a
browser.
This link ensures that all data passed between the web server
and browsers remain private and integral.
Hello, let’s set up a secure SSL session
01010010110 l 01010010110
Here is a one time, encryption key for our session
Server decrypts session ley using its Private key
and establishes a secure session.
1st
2nd
3nd

13. 3. FIREWALL
A firewall is a network security device that monitors incoming and
outgoing network traffic and decides whether to allow or block specific
traffic based on a defined set of security rules.
Packet Filter:
Looks at each packet entering or
leaving the network and accepts or rejects it
based on user-defined rules
Proxy Server:
Intercepts all messages entering
and leaving the network
Application-layer firewalls:
Recognize when certain applications and protocols
such as HTTP, FTP and DNS -- are being
misused.

14. 4. ANTIVIRUS & ANTISPYWARE
Anti-spyware software is a type of
program designed to prevent and
detect unwanted spyware program
installations.
Anti-virus software is a software utility that
detects, prevents, and removes viruses,
worms, and other malware from the
computer.

15. 5. Other necessary steps
1. Do Background checks.
2. Atleast 2 reference for new employee.
3. Use strong passwords and change the frequently.
4. Stopping usage of cracked or hacked application.

16. SPDI RULES
• Sensitive personal data or information
• Body corporate to provide policy for
privacy and disclosure of information
• Collection of information
• Disclosure of information
• Transfer of information
• Reasonable Security Practices and
Procedures

17. HOW TO LODGE A
COMPLAINT IN CASE OF A
CYBER CRIME
FILE A COMPLAINT IN THE CYBER
BRANCH
PROVIDE DETAILS
SUBMIT REQUIRED DOCUMENTS

18. Penal Provisions Relating To Data
Protection Laws In India

19. • Section 43A- Failure To Protect Data
Damages by way of compensation –
1) unto Rs.5 cores (adjudicating officer)
2) above Rs.5 cores (civil court)
• Section 65- Hacking/Tampering
Imprisonment unto 3 years or fine unto Rs.2 lakh or
both.
• Section 66C- Identity Theft
Imprisonment unto 3 years and fine unto Rs.1 lakh.
• Section 66E-Violation Of Privacy
Imprisonment unto 3 years or fine unto 2 lakhs or
both.

20. • Section 67C - Preservation And Retention Of
Information By Intermediaries
Imprisonment up to 3 years.
• Section 72-Breach Of Confidentiality And Privacy
Imprisonment up to 2 years or fine up to 1
lakh or both.
• Section 72A- Disclosure Of information In breach Of
lawful Contract
Imprisonment unto 3 years or fine up to
5 lakhs or both.

21. •Data protection and its privacy plays the crucial role
for the survival of the companies.
•Traditionally it was difficult to maintain and save
the data and records from unfaithful employees in
the organization but due to advanced backup and
privacy facilities of data , the job got much easier.
•Each and every organization's fortune and its
survival depends on its data protection and its
privacy policy as it becomes tedious job to record the
data again and again on its deletion.
CONCLUSION

22. BIBLOGRAPHY
http://www.sirhow.com/cyber-crime-complaint-online-in-india/
http://www.wipo.int/edocs/lexdocs/laws/en/in/in098en.pdf
http://googleweblight.com/?lite_url=http://mobile.smallbusinesscomputing.com/webmaster/arti
cle.php/3908811/15-Data-Security-Tips-to-Protect-Your-Small-
Business.htm&ei=NHx5_DPU&lc=en-
IN&s=1&m=682&host=www.google.co.in&ts=1484047412&sig=AF9NedlLM1iX3Rm_bUAnmw1nE
rfRlnRyJg

23. THANKYOU