Rajeev Chandrasekhar's official website - Member of Parliament

Government of India

Ministry of Electronics and Information Technology

Rajya Sabha

Unstarred Question No. 1943

To be answered on 05th December 2019

Breach of Privacy by Digital Intermediaries




Will the Minister of ELECTRONICS AND INFORMATION TECHNOLOGY be pleased to state?


(a) What it has come to the notice of Government that digital intermediaries are allegedly breaching the privacy of its users;


(b) If so, what are the steps taken by Government to ensure that digital intermediaries protect the privacy of user's data; and


(c) By when the notification of New Intermediaries Guidelines Rules is expected?




Minister of Electronics and Information Technology

(Shri Ravi Shankar Prasad)


(a) There had been media reports of some instances of breach of privacy of users in Digital Intermediaries.


(b) The are legal provisions to deal with protection of privacy of user’s data. Section 43A and section 72A of the Information Technology (IT) Act, 2000 provides for privacy and security of data in digital form. Section 43A provides for compensation to be paid to the victim in case of unauthorized access of information and leakage of sensitive personal information respectively. It mandates ‘body corporates’ to implement ‘reasonable security practices’ for protecting ‘sensitive personal information’ of individuals. The Information Technology (Reasonable security practices and procedures and sensitive personal data or information) rules, 2011 notified under section 43Amandates that body corporate must provide policy for privacy and disclosure of information, so that user is well aware of the type of personal data collected, purpose of collection and usage of such information. The rules also specify mode of collection of information, disclosure of information, transfer of information. Also, section 72A of the Act provides for punishment for disclosure of information in breach of the lawful contract.
Further, Information Technology (Intermediaries Guidelines) Rules, 2011 notified under section 79 of the IT Act, 2000 require that the Intermediaries shall observe due diligence while discharging their duties and shall publish the rules and regulations, privacy policy and user agreement for access or usage of its computer resource by any person.

In addition, Ministry of Electronics & Information Technology is working on the Personal Data Protection Bill to safeguard the privacy of citizens, and proposes to table it in Parliament.


(c) The amendment to Information Technology (Intermediaries Guidelines) Rules 2011  are expected to be finalised by end of January 2020.