AUTHOR- Rohan Kumar Singh, Asian Law College
Data includes information, knowledge, facts, concepts or instructions in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer. Section 43(b) of Information Technology Act, 2000 slates: “If any person without permission of the owner or any other person who is in charge of a computer, computer system of computer network, downloads, copies or extracts any data, computer database or information from such computer, computer system or computer network. It is the term used when any information in the form of data is illegally copied or taken from a business or other individual without his knowledge or consent.” Data theft is the illegal transfer or storage of any information that is confidential, personal, or financial in nature, including passwords, software code, or algorithms, proprietary process-oriented information, or technologies. The act of data theft is considered to be a serious security and privacy breach, and the consequences which follow can be severe for individuals and businesses. Provisions which covers data theft in the Information Technology Act, 2000 are Section 43,65,66,70,72. Section 378 of IPC which deals with theft can also be considered in cases of data theft as the Section defines ‘theft’ as to take dishonestly any movable property out of the possession of any person without that person's consent. Previously, under this definition, data theft was considered to fall out of the scope of such a provision. However, there was an amendment which amended Section 22 which defines movable property as data theft is not included under movable property. Since Section 39 of the Electricity Act was extended to Section 378 IPC to apply to electricity. It is thus imperative that a provision like in the case of the Electricity Act be inserted into the IT Act, 2000 to extend the applicability of section 378 IPC to data theft specifically.
Now that we have covered the meaning and definition of data theft, let’s talk about the origin of data theft so as we know that now our world is moving towards the cyberworld or we can say digitalization where everyone has a cyberlife and crimes like theft when done using any cyberspace or of anything related to cyberspace which comes under data theft.
As we have studied in Section 43(b) coping downloading and extracting any data without the consent of owner is considered to be data theft. This term was amended after the famous case Avtar Singh vs. State of Punjab (AIR 1965 SC 666) where the Hon’ble Supreme Court amended the Indian Penal Code and the definition of theft where theft conducted by any electronic device or any data when being used without consent of the owner, will come under the definition of theft and will be liable for the same.
If we look at the history of data theft, we can see that it is comparatively newer and has been in picture from the last 15-16 years. Earlier there was no such crime, however, legislations have improved and evolved with the change in time and shift from the old traditional society to this new cyberworld.
If we look at the international point of view if any country get access to private data of citizens of another country then it can be very dangerous for the sovereignty of that country as data can be used as a weapon against each other.
How data can be misused: -
1) If data of any country gets leaked, hackers can thereafter manipulate their data and can misuse their private content.
2) Bank accounts can be misused and unauthorized transactions can take place.
3) Data is sensitive and if it gets misuses, it can then be a reason for many serious issues like riots, communal disputes and other disturbances in the society.
To understand this better let’s understand the topic with an example.
Akd is a video sharing app where people can share their video. This is owned by a company of x country but is used by other country users also. Now the data of all the users are with the company and if the country wants, they can get this data from the company and it can be used as a weapon if there is conflict between both the countries.
In today’s time as we know that our world is changing and we are entering into a new world which is cyberspace and the country which has the access over private data of other countries will be considered as a supreme power as data is a weapon. If it’s in the wrong hands, it can be used to wage wars against government by their own citizens.
Now that we have covered the meaning origin and international prospective of data theft let’s talk about the current scenario of this topic. When we talk about other country having personal data of a country the first question that arise is what will be the consequence of such data theft and how it can be dangerous.
Talking about some of the latest cases related to data theft on international level US has accused china for hacking their server to get information on the covid 19 vaccine research. according to a New York Times report Beijing of deploying skilled hackers to steal American research in a bid to quash US researchers’ efforts to develop vaccines and treatments for the coronavirus, the efforts are part of the increasing number of cyberattacks and cyber theft by nations seeking to gain an upper hand in the pandemic.
By this statement we can understand why data theft is considered as a serious offence and why data is considered as sensitive information as it can be misused. If we consider the on-going scenario between India and china, we will see that how Chinese government use personal data of Indians for there private motive i.e. The Centre’s decision to ban 59 apps with Chinese links, including the popular social media platform TikTok, The firms will mainly be asked to clarify their data-sharing norms under a Chinese law that requires companies of Chinese origin to share data with that country’s intelligence agencies, irrespective of where they operate.
Many apps like UC browser and share it and other Chinese apps which are used for sharing or browsing but even then, ask for microphone and camera access which is irrelevant if we look at their function and thus these apps are accused of data theft.
The study found that on an average, these apps transfer data to around seven outside agencies, with 69% of the data being transferred to the US. TikTok sends data to China Telecom; Vigo Video to Tencent; BeautyPlus to Meitu; and QQ and UC Browser to its parent owned by Alibaba.
Now that we have covered data theft and all aspects of the topic, I would like to conclude the topic with my personal suggestion.
1) Now that we know how and why data is very sensitive and how it can be manipulated to use against us and thus, we should always pay attention before using any apps and giving them access to our life.
2) We live in a generation where data can be control by anyone and it can be used or misuse by others so we should not blindly follow any information which we received through online sources.
3) With change in society there is a race between countries to become world leader and for that they try to control others by infringing their personal data we need laws to govern this.
Every country is interdependent and thus we need each other to survive and for maintaining this relation between 2 or more countries there should be laws which govern all nation and is not bias towards any particular country.