Question:
"Where a body corporate is negligent in implementing reasonable security practices and thereby causes wrongful loss or gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected." Which section of the Information Technology Amendment Act, 2008 envisages so
"Where a body corporate is negligent in implementing reasonable security practices and thereby causes wrongful loss or gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected." Which section of the Information Technology Amendment Act, 2008 envisages so
Show Hint
Remember the key sections added by the ITAA 2008:
- Section 43A: Corporate liability for data protection failure.
- Section 66A: (Now struck down) Sending offensive messages.
- Section 69: Power to issue directions for interception or monitoring of information.
- Section 72A: Punishment for disclosure of information in breach of lawful contract.
Updated On: Oct 31, 2025
- 43
- 43A
- 43B
- 43C
Hide Solution
Verified By Collegedunia
The Correct Option is B
Solution and Explanation
Step 1: Understanding the Concept:
The Information Technology (Amendment) Act, 2008, introduced several new provisions to address emerging issues in the digital space, including data protection and the liability of corporations for failing to protect sensitive personal data.
Step 2: Detailed Explanation:
The text quoted in the question is a direct paraphrase of Section 43A of the Information Technology Act, 2000. This section was inserted by the 2008 amendment.
Section 43A is titled "Compensation for failure to protect data."
It specifically deals with the liability of a body corporate that possesses, deals with, or handles any sensitive personal data or information in a computer resource which it owns, controls or operates. If such a body corporate is negligent in implementing and maintaining "reasonable security practices and procedures" and this negligence causes wrongful loss to any person, it becomes liable to pay damages by way of compensation to the affected person.
This section is a cornerstone of data protection law in India and imposes a clear civil liability on companies for data security breaches caused by negligence.
The Information Technology (Amendment) Act, 2008, introduced several new provisions to address emerging issues in the digital space, including data protection and the liability of corporations for failing to protect sensitive personal data.
Step 2: Detailed Explanation:
The text quoted in the question is a direct paraphrase of Section 43A of the Information Technology Act, 2000. This section was inserted by the 2008 amendment.
Section 43A is titled "Compensation for failure to protect data."
It specifically deals with the liability of a body corporate that possesses, deals with, or handles any sensitive personal data or information in a computer resource which it owns, controls or operates. If such a body corporate is negligent in implementing and maintaining "reasonable security practices and procedures" and this negligence causes wrongful loss to any person, it becomes liable to pay damages by way of compensation to the affected person.
This section is a cornerstone of data protection law in India and imposes a clear civil liability on companies for data security breaches caused by negligence.
Was this answer helpful?
0
0
Top Questions on Cyber Law
- As per the Information Technology Act, 2000, an “intermediary” means any person who receives, stores, transmits, or provides service with respect to electronic records on behalf of another person, and includes:
I. telecom service providers.
II. search engines.
III. cyber cafes.
IV. online-auction sites.
Select the correct answer. - Match List-I with List-II:
List-I List-II (A) Cyber Appellate Tribunal (III) Resolves disputes arising from cyber crime. (B) Environmental Protection Act 1986 (I) Punishes people causing pollution. (C) Indian Information Technology Act 2000 (IV) Provides guidelines on storage, processing and transmission of sensitive data. (D) Central Pollution Control Board (II) Provides guidelines for proper handling and disposal of e-waste. - In 2025, which country became the first to officially grant citizenship to an AI system?
- In which case, it was held that a demand notice sent through email or WhatsApp is a valid notice under Section 138 of the Negotiable Instruments Act, as long as it meets the requirements of the Section 13 of Information Technology Act, 2000?
- As per Section 2(1)(w) of Information Technology Act, 2000 “intermediary”, with respect to any electronic records, the defination means any person who on behalf of another person receives, stores, or transmits that record or provides any service with respect to that record and includes __________.
telecom service and network service providers,
internet and webhosting service providers except search engines
online payment sites and online-auction sites
online-market places except cyber cafes
View More Questions
Questions Asked in AIBE exam
- The grounds for decree for dissolution of marriage under Section 2 of the Dissolution of Muslim Marriages Act, 1939 are:
I. whereabouts of the husband have not been known for two years.
II. husband has been sentenced to imprisonment for a period of five years.
III. husband has failed to perform marital obligations for two years without reasonable cause.
IV. husband has neglected or failed to maintain his wife for one year.
Select the correct answer.- AIBE - 2025
- Family Laws
- A Statement is followed by two Conclusions, I and II.
Statement: According to the Child and Adolescent Labour (Prohibition and Regulation) Act, 1986, the Government credits ₹15,000 to the Rehabilitation Fund for each child or adolescent for whom fine has been recovered from the employer. This amount may be deposited or invested, and the interest is also payable to the child or adolescent.
Conclusions:
I. The child or adolescent is entitled not only to the credited amount but also to the interest accrued on it.
II. The Government is not required to deposit any money other than what is collected as fines from the employer.
Which one is correct?- AIBE - 2025
- Labour & Industrial Law
- Consider the following statements about Article 32 of the Constitution and select the correct answer:
I. The Article is silent about the locus standi regarding who may approach the Court.
II. The Article is silent about the opposite party against whom relief may be granted.
III. The Article creates scope for even a sixth type of writ.- AIBE - 2025
- Constitutional Laws
- If a bailiff executes an eviction based on a civil court order later declared void for lack of jurisdiction, what protection does Section 78 of the Indian Penal Code provide?
- AIBE - 2025
- Indian Penal Code (IPC)
- Under Section 290(1) of Bharatiya Nagarik Suraksha Sanhita, 2023, within how many days from the date of framing of charge can an accused file an application for plea bargaining?
- AIBE - 2025
- Bharatiya Nagarik Suraksha Sanhita (BNSS)
View More Questions