Importance of Data, Privacy, Leakage and Penalty

Data or Information is the oil of the twenty-first century, i.e. just as oil was responsible for the development and economy of countries in the twentieth century, information will be responsible for the development and economy of countries in the twenty-first century. Just as the twentieth century was the age of machines and vehicles and its food was oil, the twenty-first century will be the age of artificial intelligence or artificial intelligence (AI) and its main food will be “information”, so the importance of information will increase. India’s data base is a treasure trove for all AI organizations in the world because of the demographics, language, food, caste diversity and population in our country. Likewise, for cybercriminals, information is invaluable for their cybercrimes.
According to IBM’s Data Breach Annual Report, the average cost of a data breach to organizations in India will be ₹195 lakh in 2024, reaching an all-time high. That is a 39% increase from 2020 and a 9% increase from the previous year. According to a report by Cyber Security Ventures, global cybercrime is expected to grow by 15% annually over the next five years, and could reach $10.5 trillion by 2025. According to a Niti Aayog report, data breach-related cyber crimes will grow at a rapid rate of 18.33% in India over the next five years.

Three biggest data breaches in India in 2024 :-

• In early 2024, India’s leading crypto exchange WazirX suffered a data breach, resulting in the theft of Rs 2000 crore of investors’ money.
• Bharat Sanchar Nigam Limited (BSNL) suffered a major data breach in May 2024, which resulted in the leakage of sensitive data of millions of Indian users.
• Indian consumer wearables brand Bot suffered a major data breach that exposed personal information of 75 lakh users.

Fines imposed for data breaches around the world in 2024 :-

Companies that failed to protect user information saw an increase in the amount of fines imposed on them in 2024. Governments across the US and EU punish privacy violations with fines. Here are the three largest fines imposed last year:

• The US state of Texas has imposed a $1.4 billion fine on Facebook and WhatsApp owner Meta for illegally capturing the biometric information of millions of residents.
• The Irish Data Protection Commission fined LinkedIn $336 million for using third-party information without user consent.
• Uber was fined 324 million dollars in the Netherlands for failing to secure driver information, including personally identifiable and financial details, that were transferred to US servers without adequate safeguards.

In India, once the Digital Personal Data Protection Act, 2023 (DPDP) comes into force, each such breach of personal data is punishable (fine) up to 200 crore rupees. I will discuss this act in detail in next week’s article.