Before we deep dive into the details of punitive actions that had been taken against renowned organizations due to their failure or negligence towards securing the personal information of their customers/employees, let us catch a glimpse of the basics and understand why disciplinary actions are so crucial in order to, at least minimize the scenarios of data compromise.
As given in the above diagram, Personal data of individuals like their financial data, political views, racial origin, address etc, are the key information that throw light on the identity and details of that person.
This information when obtained by someone unauthorized (Hackers) to indulge in malicious activities or to reap benefits through its misusage is called a Privacy breach incident.
Let us look at the recent privacy breaches in India to gain more clarity on the current frequency of data theft in the country.
In 2020, around 19.18 million Indian users witnessed their data getting breached. According to the recent report by the Cybersecurity firm, Surfshark, India showed a 351.6% increase in data breaches compared to 2020 and thus India ranks 3rd in Global Data Breaches in 2021.
The 3 most concerning incidents that had fractured the country, as well as its few of the famous companies are:
To put an end to the negligence of these companies that deal with or manage personal information, the Joint Parliamentary Committee of India has come up with suggestions/actions that demand fines up to Rs 15 crore or 4% of global turnover of the company. These are in line with the 2019 Data Protection Bill of India.
Significance of Penalties:
The facts and the figures till now, have made this understandable that the penalties/punishments are necessary to impose restrictions on individuals/organizations abusing laws (contracts, regulations, acts, policies) or not complying with laws. It also triggers attentiveness in people handling data.
Below is the table which provides inputs on the penalty amount that was charged from organizations across the world for not taking adequate measures to protect the personal data it was managing.
Details on the privacy breaches and the penalties imposed:
Who is responsible for securing the personal information?
In this data driven world, where one out of every ten people fall prey to cyberattack, confusion fills the mind regarding the right person to look out for in these disaster scenarios.
Some say it is the duty of government to ensure that laws are enacted so that the perpetrators find it difficult to get away with the crimes. To some, businesses are best equipped with tools and skills to prevent these attacks to occur. And many people believe, it is the job of the users to make sure that their personal information are secured enough to prevent siphoning off by unauthorized individuals.
Honestly, almost half of the population in the world do not have access to internets and naturally their boundaries of knowledge and awareness are limited. Some, though are skilled to use internet, do not understand the importance of securing the data. There are organizations too, who despite willing to focus on the security structure of their businesses lack the budget to spend on it. Governments do not have the resources or the limited time required to react to cybercrimes.
But recently situations have been changing. Government is actively participating in coming up with solutions so that this new age crime does not scale up any further. Businesses are ensuring, some amount is spent on establishing a robust security posture in their organizations. Even consumers/customers are thinking twice before sharing personal information with anyone. Awareness of data security is unrolling among all the sectors and all individuals.
The collective effort gained from Government, enterprises and the users towards minimizing the cyber crimes could tackle this severe concern.
For more such knowledge articles keep your eyes on our website.