data protection and privacy
TRANSCRIPT
DATA PROTECTION AND PRIVACYTEAM MEMBERS
KINJAL METHAKARNITA SHAHHIMANSHU JAINAAYuSH ADUkIA
CHINTAN SANGHAVI
CONTENTS1. DEFINITIONS...................................................................................................................................3
2. DATA PROTECTION V/S PRIVACY..............................................................................................4
3. NEED OF DATA PROTECTION.....................................................................................................5
4. CYBER SECURITY...........................................................................................................................7 CLASSIFICATION OF CYBER SECURITY PREVENTIVE MEASURES CASE STUDY
5. METHODS OF DATA PROTECTION............................................................................................11 ENCRYPTION OF DATA SSL FIREWALL ANTISPYWARE AND ANTIVIRUS OTHER MEASURES
6. SPDI RULES....................................................................................................................................16
7.HOW TO LOGDE A COMPLAINT IN CASE OF CYBER CRIME....................................................17
8.Penal Provisions Relating To Data Protection Laws In India.................................................18
Definitions• Data protection It is the process of safeguarding important information from corruption and loss.• PrivacyIt is the ability of an individual or organization to determine what data in a communication system can be shared with third party.
Data protection v/s privacy
Data protection• Securing data from
unauthorized access
• Technical issue• USA• Identifying rules and
practices regarding collection processing of personal information.
Privacy• Authorized access who
has it and who defines it
• Legal issue
Need of data protectionInternet
Political
Medical
Cable television
Need of data protectionLocational
Educational
Financial
WHAT IS CYBER SECURITY?
Cyber security is the body of technologies, processes and practices designed to protect
networks, computers, programs and data from attack, damage
or unauthorized access.
CLASSIFICATION OF CYBER CRIMES
Against persons
• E-mail Spoofing• Hacking
Against Property
• Cyber Squatting• Cyber Trespass
Against Society
• Child Pornography• Financial Crimes
SOME IMPORTANT PREVENTIVE MEASURES
• Identification of exposures through education will assist responsible companies and firms to meet these challenges.
• One should avoid disclosing any personal information to strangers via e-mail or while chatting.
• One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.
CASE STUDY• Worm Attack: The Robert Tappan Morris well
Known as First Hacker, Son of former National Security Agency Scientist Robert Morris, was the first person to be prosecuted under the ‘Computer and Fraud Act, 1986’. He has created worm while at Cornell as student claiming that he intended to use the worm to check how large the internet was that time. The worm was uncontrollable due to which around 6000 computer machines were destroyed and many computers were shut down until they had completely malfunctioned. He was ultimately sentenced to three years probation, 400 hours of community service and assessed a fine of $10500. So there must be strict laws to punish the criminals who are involved in cyber crime activities.
METHODS OF DATA PROTECTION1. Encryption of data
Conversion of plain text into cipher text is called encryption.
Decryption means to translate convert cipher text into plain text.
Even if hacker obtain the encrypted data , he cannot understandthe information.
2. SSL (Secure Sockets Layer) Secure Sockets Layer is the standard security technology for establishing an encrypted link between a web server and a browser.This link ensures that all data passed between the web server and browsers remain private and integral.
Hello, let’s set up a secure SSL session
01010010110 l 01010010110
Here is a one time, encryption key for our session
Server decrypts session ley using its Private key and establishes
a secure session.
1st
2nd
3nd
3. FIREWALLA firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
Packet Filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules
Proxy Server: Intercepts all messages entering and leaving the network
Application-layer firewalls:Recognize when certain applications and protocolssuch as HTTP, FTP and DNS -- are being misused.
4. ANTIVIRUS & ANTISPYWARE
Anti-spyware software is a type of program designed to prevent and detect unwanted spyware programinstallations.
Anti-virus software is a software utility that detects, prevents, and removes viruses,worms, and other malware from the computer.
5. Other necessary steps1. Do Background checks.
2. Atleast 2 reference for new employee.
3. Use strong passwords and change the frequently.
4. Stopping usage of cracked or hacked application.
SPDI RULES• Sensitive personal data or information• Body corporate to provide policy for
privacy and disclosure of information• Collection of information• Disclosure of information• Transfer of information• Reasonable Security Practices and
Procedures
HOW TO LODGE A COMPLAINT IN
CASE OF A CYBER CRIMEFILE A COMPLAINT IN THE CYBER
BRANCH
PROVIDE DETAILS
SUBMIT REQUIRED DOCUMENTS
Penal Provisions Relating To Data
Protection Laws In India
•Section 43A- Failure To Protect Data Damages by way of compensation – 1) unto Rs.5 cores (adjudicating officer) 2) above Rs.5 cores (civil court)
•Section 65- Hacking/Tampering Imprisonment unto 3 years or fine unto Rs.2 lakh or both.
• Section 66C- Identity Theft Imprisonment unto 3 years and fine unto Rs.1 lakh.
• Section 66E-Violation Of Privacy Imprisonment unto 3 years or fine unto 2 lakhs or both.
•Section 67C - Preservation And Retention Of Information By Intermediaries Imprisonment up to 3 years.
•Section 72-Breach Of Confidentiality And Privacy Imprisonment up to 2 years or fine up
to 1 lakh or both.
•Section 72A- Disclosure Of information In breach Of lawful Contract Imprisonment unto 3 years or fine
up to 5 lakhs or both.
•Data protection and its privacy plays the crucial role for the survival of the companies.
•Traditionally it was difficult to maintain and save the data and records from unfaithful employees in the organization but due to advanced backup and privacy facilities of data , the job got much easier.
•Each and every organization's fortune and its survival depends on its data protection and its privacy policy as it becomes tedious job to record the data again and again on its deletion.
CONCLUSION
BIBLOGRAPHYhttp://www.sirhow.com/cyber-crime-complaint-online-in-india/
http://www.wipo.int/edocs/lexdocs/laws/en/in/in098en.pdf
http://googleweblight.com/?lite_url=http://mobile.smallbusinesscomputing.com/webmaster/article.php/3908811/15-Data-Security-Tips-to-Protect-Your-Small-
Business.htm&ei=NHx5_DPU&lc=en-IN&s=1&m=682&host=www.google.co.in&ts=1484047412&sig=AF9NedlLM1iX3Rm_bUAnmw1nE
rfRlnRyJg
THANKYOU