Amidst the multiple reports of online thefts and data leakage, the Ministry of Electronics and IT has taken steps to ensure privacy and safety of user data. The Ministry sent our notices to 21 smartphone makers to provide the framework as well as the procedures they follow for data security.
Aside from the global providers like Apple and Samsung and Indian firms like Micromax, majority of the listed 21 Smartphone companies included Chinese makers such as Oppo, Vivo, Xiaomi and Lenovo.
All 21 smartphone companies are to provide detailed information about security practices, architecture, process, guidelines and standards followed for providing secure transmission and storage of data, irrespective of whether the devices are manufactured in India or not. The government has announced 28 August as the official deadline for all the firms to file the security compliances. Several reports mention that additional measures such a security adits will also be taken.
If a company fails to provide the information, the firm will face charges and levy penalty for violation of security norms. Though the extent of penalty has not been stated yet, but according to the Sec 43(a) of the IT Act, any company found to be in violation of rules can attract penalties of up to Rs. 5 crore along with a provision for unlimited compensation.
A ministry official said that, “The first step in that direction is that we have asked the mobile companies to inform us what are the security procedures and processes that have been taken by them to ensure the security of the data of the users and their privacy… We want to make sure that any device that is sold in the country should be safe.”
This series of events unfolded after the IT minister Ravi Shankar Prasad called a meeting of senior officials in the IT department and representatives of CERT-In to understand the situation. As a result, a notice was sent to 21 companies, issued under Section 70B(6) of the IT Act.
With the government progressing towards digital India, and pushing for digital payments, data security has become much more crucial, and while these seems like a step towards preventing data breaches, a large amount of the fear is towards the Chinese majors collecting sensitive information using smartphones which at present flood the Indian market.