Chennai: Organizations processing or storing sensitive and personal information needed to implement reasonable security practices and procedures, Union Minister for Electronics and Information Technology Jitin Prasada said in the Lok Sabha.Reply to a question on data security raised in the House by DMK MP Kanimozhi Karunanidhi and others, the Minister said if there was a breach of information security, the organization or a representative acting on its behalf must be able to prove that they had implemented security measures in accordance with their documented information security programme and policies.The question raised was if the Government had formed the Data Protection Authority as mandated under the Digital Personal Data Protection (DPDP) Act, 2023 and how it planned to tackle issues related to data security and data privacy in the absence of the authority and how it would address the unique challenges posed by AI (Artificial Intelligence) technologies like deepfakesThe Minister said that the Ministry of Electronics and Information Technology (MeitY) had initiated the process of drafting Rules in accordance with the DPDP Act and the formation of the Data Protection Board was a subsequent step.MeitY has also notified the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules, 2021) that cast obligations on intermediary platforms to not allow hosting, sharing, uploading and transmitting any prohibited information that were obscene, pornographic, paedophilic, invasive of another’s privacy, including bodily privacy, he said.Also it prohibited misinformation and patently false information that impersonated another person, the Minister said.
Source link