Executives of companies found to have engaged - knowingly or "recklessly" - in data theft and illegal processing of 'sensitive personal' information could face criminal proceedings and be jailed up to five years.
This is one of the proposals of the draft bill on data protection submitted by the B N Srikrishna Committee to the centre on Friday.
The committee has proposed that violations of the data protection law should be treated as a cognisable and non-bailable offence, and the investigation should be conducted by an officer not below the rank of an inspector.
"The inclusion of criminal offences along with the fines and compensation is excessive and would impact the enforcement mechanism greatly," Rama Vedashree, CEO of Data Security Council of India and a member of Srikrishna committee, said.
The draft says that any individual found guilty of leaking sensitive personal information of an individual will attract a jail term of five years and/or a fine of Rs 3 lakh.
In case of tampering and sale of personal data of individuals (as different from sensitive personal data), the maximum punishment recommended is 3-year jail terms and/or a penalty of Rs 2 lakh.
To read full article - http://v.duta.us/GPlnfAAA