The company law of India has been recently
reformulated and notified
in the form of Indian
Companies Act, 2013 (Pdf). It has given rise to many novel
techno
legal obligations on the part of directors
of various companies that were absent in the former company law
framework. For instance, directors of Indian companies can now be
held liable for cyber
law and cyber
security related lapses. Even law
firms and other firms holding their client’s data can be
held liable for cyber breaches.
The cyber
security trends in India (Pdf) provided by Perry4Law’s
Techno Legal Base (PTLB) has stressed upon a need to
secure participation from various stakeholders. Indian government
needs to be more stringent while getting cyber security related
compliances enforced by Indian companies and their directors.
However, till now various companies and their directors are not
complying with techno legal requirements of Indian laws.
Recently E-Bay asked
for change of passwords by its users after breach of its database
containing account information. Before that Target Corporation was
targeted
by cyber criminals and as a result of that Target Corporation faced
litigation
threats around the world. Indian companies and banks
are also no different as cyber
breaches in India have increased significantly. This is
the reason that Indian government is planning to formulate a law
where cyber
security breaches would be required to be disclosed to
designated Indian agencies.
Cyber
security challenges in India are tremendous and there is
an urgent need to tackle them immediately. It would take considerable
amount of money and energy to establish a sound and robust cyber
security infrastructure of India. The present trends have also shown
that Indian companies and government is all set to increase
spending on cyber security infrastructure. A good portion
of it must be allocated to meet techno legal compliances so that
company’s reputation and business is not affected by cyber attacks
and their public disclosures.