Discuss anything here - everything that you wish to discuss with fellow engineers.
Join this group to post and comment.
Series on Information Security (Weekly) - Part3
Laws and Regulation for Information TechnologyTo deal with information security related issues, different countries have adopted different laws to counter the issue. There are numerous laws that are adopted by different nations worldwide. These laws are getting updated , though they are always lagging with the technological advances and the type of crimes that are taking place in the cyber space. Few of these known laws are Data protection act , computer misuse act, Health Insurance Portability and Privacy Act (HIPPA) , Gramm-Leach-Bliley Act of 1999 (GLBA) for financial services, Sarbanes-Oxley Act of 2002 (SOX) act that is associated with publicly traded companies.
The United Nations General Assembly by resolution A/RES/51/162, dated the 30 January 1997 has adopted the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law. This is referred to as the UNCITRAL Model Law on E-Commerce. The UNICTRAL law is basically meant for uniform interpretation and uniform laws across the states as far as law of international trade is concerned. Different nations have adopted the UNCITRAL Model law and interpreted and implement it as cyber laws of their countries. India was also a signatory and hence worked on the lines and developed the laws that are known as IT Act 2000. This law was later amended known as IT ACT 2008 amendment.
The IT Act 2000 is a stringent law that may lead a person to an imprisonment starting from 3 years upto life imprisonment. Also there is a provision for fine of Rs. 5 crore as penalty.
It also includes a fine on companies in case of fail to observe due diligence.
One must understand that forwarding a single message could lead to jail term and hence one must be careful while sending or forwarding messages that are abusive and menacing in nature.