The Government of India has blocked several websites that were found to be exposing sensitive personal information, including Aadhaar and PAN card details of Indian citizens. This action was taken by the Ministry of Electronics and Information Technology (MeitY). The Unique Identification Authority of India (UIDAI) has also filed an official complaint with the police authorities, accusing these websites of violating Section 29(4) of the Aadhaar Act, 2016.
This section explicitly prohibits the public display of Aadhaar numbers and related information. The exposure of such sensitive data has raised serious concerns about the security of citizens’ personal details, prompting immediate steps to prevent further leaks.
The Indian Computer Emergency Response Team (CERT-In) carried out an investigation and found several security vulnerabilities within these websites. As a result, the website owners were provided with detailed instructions on how to fix these security issues and strengthen their information and communication technology (ICT) infrastructures.
CERT-In also issued comprehensive guidelines for the design, development, implementation, and operation of secure IT applications, which all organizations handling sensitive data are expected to follow.
In addition to these efforts, CERT-In has also issued directives under the Information Technology (IT) Act, 2000. These directions outline security practices, procedures for preventing cyber incidents, and reporting requirements for organizations that experience data breaches.
MeitY has also emphasized the importance of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. These rules strictly mandate that sensitive personal data must not be disclosed publicly or shared without authorization. Individuals who believe their data has been compromised can file complaints with Adjudicating Officers, who are IT Secretaries appointed by the states. These officers have the authority to impose penalties and award compensation to affected parties under Section 46 of the IT Act.
Meanwhile, the Digital Personal Data Protection Act, 2023, has been introduced to further strengthen the protection of personal data in India. The rules under this new law are currently in the final stages of drafting and are expected to be enforced soon. To ensure widespread understanding of the new regulations, the government has launched an awareness campaign aimed at informing citizens, businesses, and government entities about their responsibilities when handling personal data.
Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.
3.6 Crore Indians visited in a single day choosing us as India’s undisputed platform for General Election Results. Explore the latest updates here!
Dive into the Amazon Great Indian Festival Sale 2024!
Unbelievable deals on laptops, washing machines, refrigerators, kitchen appliances, gadgets, automotives, luggage and more in amazon sale. Celebrate Diwali 2024 with Amazon’s biggest sale of the year
More
Less
Published: 26 Sep 2024, 09:17 PM IST