What is data theft?
Data theft in simple term means accessing and stealing computer based confidential information with intention to cause wrongful loss to the owner of the confidential information and wrongful gain to the perpetrator.
Data theft is an increasing problem for Individual computer users as well as big corporate firms.
What are the common modes of data theft?'
1. USB (Pen) Drives & Memory cards - These are the easiest and cheapest option according to these perpetrators and are very easy to hide. The memory cards are now coming in 256GB and 512 GB variants, so it has become even more easy to move large amount of data.
2. Portable Hard Drives - These are also one of the popular mediums for the obvious reasons 'Large Storage Capacity'.
3. CD/DVD - This medium was popular back in the days but has become obsolete now.
4. Email - Some perpetrators simply use email to transfer files from their official account to personal account or home computer, they move the data slowly over the period of time to avoid detection by IT department for sending large amount of data. These perpetrators send these emails to their private accounts on the pretext of 'working from home'.
5. Web-Mail - Some web-mail interfaces provide larger file attachments than the conventional email service providers.
6. Printing - Some perpetrator would not leave any electronic evidence behind, they simply take prints of the key documents and steal the same in hard copies.
7. Remote Access - This can either be used in the way of unauthorized access (Hacking) or authorized access, as some organisation provide remote access to their employees so that they can work from their home computers, this also makes tracing the data difficult for law enforcement agencies or private investigators.
What can be stolen?
Everything stored in an organisation has some potential value, some of the targets for data thieves are as follows:
1. Customer contact & Financial data such as credit card and debit card information;
2. source codes & Algorithms;
3. marketing information such as Plans, Contact list & media files;
4. network credentials such as passwords & Certificates;
5. proprietary process descriptions and operating methodologies;
6. personnel records and private employee data;
7. legal data concerning ongoing or planned litigation or contract actions;
8. other user’s private documents stored on company computers; and
9. company strategic data, including the communications of managerial and executive staff.
What is the legal remedy for data theft?
In India the first technology legislation came into being in the year 2000, that is 'Information Technology Act'. The Act did not provide for sufficient protection or solutions in data theft scenarios in those days, as the compensation bracket was limited, only in the year 2008 the amended Information Technology Act came into force with one of the important amendments as far as Section 43 and compensation awarded under the section is concerned, the compensation limit was removed.
Section 43 - Penalty and Compensation for damage to computer, computer system, etc.
Now the Complainant can approach the Adjudicating officer (Who is an IT Secretary of each state) appointed under Section 46 of the Information Technology Act, 2000 (As amended in the year 2008). The respective Adjudicating officer is competent to handle the claim up to Rs. 5 Crore and if the claim amount is exceeding Rs. 5 Crore the Complainant will have to approach the Civil Court.
The Adjudicating Officer is the quickest remedy available to the Complainant, as according to Information Technology Act the Adjudicating Officer has to pass the final order within the period of 6 months from the date of filing of the Complaint.
Website - www.netlawgic.com
LinkedIn - in.linkedin.com/in/rajaspingle/
Facebook - https://www.facebook.com/pages/Cyber-Crime-Awareness/246665595391183?sk=timeline
Adv. Rajas C Pingle
(Cyber Law & Cyber Security Expert)
Disclaimer: This does not constitute a legal opinion and would not create Attorney-Client relationship. This article is only for information and awareness purpose and merely a possible interpretation of the law.
Image - http://www.tradesecretslaw.com/articles/unfair-competition/
Image copyrights are with the respective owner.
Join LAWyersClubIndia's network for daily News Updates, Judgment Summaries, Articles, Forum Threads, Online Law Courses, and MUCH MORE!!"
Tags :Others