PRIVACY AND SECURITY POLICIES THAT ENCOURAGE EBUSINESS A PRESENTATION BY PAVAN DUGGAL, ADVOCATE, SUPREME COURT OF INDIA PRESIDENT,CYBERLAW ASIA PREESIDNET, CYBERLAWS.NET ICC INDIA, 20-9-2006 WIDE CONCEPTS PRIVACY AND SECURITY Foundation of the Pyramid of eBusiness
ICC INDIA, 20-9-2006
(a) are reasonably secure from unauthorized access and misuse;
(b)provide a reasonable level of reliability and correct operation;
(c)are reasonably suited to performing the intended function; and
(d) adhere to generally accepted security procedures;
(a) unique to the subscriber affixing it ;
(b) capable of identifying such subscriber ;
(c)created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such a digital signature shall be deemed to be a secure digital signature.
(a)the nature of the transaction ;
(b)the level of sophistication of the parties with reference to their technological capacity ;
(c)the volume of similar transactions engaged in by other parties;
(d)the availability of alternatives offered to, but rejected by any party;
(e)the cost of alternative procedures;
(f)the procedures in general use for similar types of transactions or communications.
to such computer, computer system or computer network, he is liable to pay statutory damages by way of compensation, not exceeding 10 million rupees to the person so affected.
Thus, merely gaining access to any computer, computer system or computer network by breaching or violating the security processes or mechanisms is enough to attract the civil liability.
These guidelines are pretty exhaustive and detail different aspects of physical and operational security and information management including sensitive information security, system integrity, security measures and many other issues.