Before we deep dive into the details of punitive actions that had been taken against renowned organizations due to their failure or negligence towards securing the personal information of their customers/employees, let us catch a glimpse of the basics and understand why disciplinary actions are so crucial in order to, at least minimize the scenarios of data compromise.

As given in the above diagram, Personal data of individuals like their financial data, political views, racial origin, address etc, are the key information that throw light on the identity and details of that person.
This information when obtained by someone unauthorized (Hackers) to indulge in malicious activities or to reap benefits through its misusage is called a Privacy breach incident.
Let us look at the recent privacy breaches in India to gain more clarity on the current frequency of data theft in the country.
In 2020, around 19.18 million Indian users witnessed their data getting breached. According to the recent report by the Cybersecurity firm, Surfshark, India showed a 351.6% increase in data breaches compared to 2020 and thus India ranks 3rd in Global Data Breaches in 2021.
The 3 most concerning incidents that had fractured the country, as well as its few of the famous companies are:

To put an end to the negligence of these companies that deal with or manage personal information, the Joint Parliamentary Committee of India has come up with suggestions/actions that demand fines up to Rs 15 crore or 4% of global turnover of the company. These are in line with the 2019 Data Protection Bill of India.
Significance of Penalties:
The facts and the figures till now, have made this understandable that the penalties/punishments are necessary to impose restrictions on individuals/organizations abusing laws (contracts, regulations, acts, policies) or not complying with laws. It also triggers attentiveness in people handling data.
Below is the table which provides inputs on the penalty amount that was charged from organizations across the world for not taking adequate measures to protect the personal data it was managing.

Details on the privacy breaches and the penalties imposed:




