The internet is a pool of data. Almost all sites that you visit or apps that you use, collect some kind of your data. Cyber attacks and data breaches are common and risky. Thus, having cyber security laws to protect you and your data is very important. They protect the customers from fraud, hacking, and attacks in a legal way. Cybercrime is evolving as new technology rises. Having strong security laws helps give the users a sense of satisfaction and trust in the government.
Here are the top ten cybersecurity laws. Let us know your thoughts on these laws through Disqus.
10. Gramm Leach Bliley Act (GLBA)
Gramm Leach Bliley Act (GLBA) is also known as the Financial Modernization Act of 1999. This act is based in the United States for financial institutions. According to this act, the companies must inform their customers about how they share their sensitive and personal data, and if the consumer decides to opt out then this data shouldn’t be shared with any third party.
9. Companies Act of 2013
There was a rise in cybercrime and fraud around 2013. The Companies Act 2013 was passed to change this and operate the companies better. It is supposed to reduce corruption and bribery in the country. The companies have to be more ethical about their transactions and focus on compliance.
8. California Consumer Privacy Act 2018
California Consumer Privacy Act 2018 gives more to the consumers over the private information that businesses gather about them using cookies etc. The CCPA rules provide help them to implement the law. The right to know, the right to delete, the right to opt out, and the right to non-discrimination of these laws are provided under CCPA.
7. Information Technology Act, 2000
Information Technology Act, 2000 of India is based on the United Nations Model law- Electronic Commerce 1996 (UNCITRAL). This is one of the most important laws in India related to cybercrime and e-commerce. This act aims to provide lawful and trustworthy digital and online transactions to minimize any risk of cybercrime.
6. Computer Misuse Act 2003, Sections 9, 1, 12
Computer Misuse Act 2003 in the Bahamas addresses the Confidentiality, Integrity, and Availability (CIA) of Information security by safeguarding those values. Any unauthorized changes of data or computer programs will be considered an offense punishable by the law. This act helps with cybercrimes as the root of these attacks is unauthorized access to the data.
5. Indian Penal Code (IPC) 1980
Indian Penal Code (IPC) 1980 has many relevant sections related to cyber frauds. Identity threats and cyber frauds are accounted for under IPC. Section 464 is a forgery, section 468 is forgery pre-planned for cheating, section 465 is false documentation, section 471 is presenting a forged document as genuine, and section 469 is reputation damage.
4. Personal Information Protection Law
Personal Information Protection Law (PIPL) was called into effect on 1st November 2021. It is the third of the three laws designed by China to provide cybersecurity, data security, and privacy. It is administered by the Cyberspace Administration of China. Any information related to people recorded by electronic or other means is defined as personal information under PIPL. Consent of the individual should be acquired to pass on or use this information.
3. NIST Compliance- India
National Institute of Standards and Technology’s Cybersecurity Framework is a globally recognized assessment. It is a compulsory framework that has rules, guidelines, and practices to manage cybersecurity risks. They establish standards for security controls that can be used by any industry while setting up their internet presence. They assess the cybersecurity risks.
2. Data Protection (Privacy Of Personal Information) Act
Data Protection Act was enacted in the Bahamas in 2003. It was one of the first Caribbean countries to apply this law to both private and public sectors. The law protects personal privacy as they prohibit unlawful use or disclosing the private information to anyone as data breaches are quite common in the country.
1. Cyber Security Information Sharing Act
Cybersecurity Information Sharing Act is a legislative act by the United States of America that allows US government agencies and non-government agencies to share information with each other in case of investigating cyberattacks. Sharing information is compulsory for the non-government body. It is also known as CISA and it was established in 2015.