E-commerce business is booming in India and this is the right time to establish your own e-commerce business in India. A successful e-commerce business must take care of various techno legal issues that it is required to comply with in India. Different e-commerce segments are governed by different legal frameworks and certain well established principles of e-commerce laws of India. Unfortunately, e-commerce stakeholders of India are not complying with Indian laws and our government is also not very keen to curb such illegal activities of these e-commerce platforms.
In this article we are not discussing all those non compliance issues but are discussing a very specific but very crucial issue that has been ignored by both Indian government and e-commerce stakeholders of India for long. The issue pertains to non adoption of cyber security practices while engaging in e-commerce business in India. E-commerce websites, whether Indian or foreign, are vulnerable to diverse form of cyber attacks and crucial and sensitive customer details and information has been compromised on numerous counts due to this indifference and lack of cyber security practices. This has made them vulnerable to litigations around the world, including India.
We at Perry4Law believe that cyber breaches in India would raise complicated cyber law and cyber security issues in the near future. The cyber law and cyber security obligations of directors in India have also increased manifolds. Even companies operating in India and e-commerce platforms are required to ensure cyber law and cyber security obligations prescribed under Indian laws.
Cyber security breaches are increasing world over and India is also facing the same. Obviously, the cyber security challenges before the Narendra Modi government are tremendous and there is an urgent need to start working in this direction immediately. Indian cyberspace must be protected on a priority basis and cyber security infrastructure of India needs robust protection. The payment gateways and banks providing banking and financial service must also be fully cyber secure. Cyber security trends of India (PDF) have highlighted various shortcomings of Indian cyber security initiatives.
However, the primary liability for non disclosure of cyber security breaches originating at e-commerce platforms is attributable to e-commerce platforms themselves. E-commerce websites and portals are required to ensure privacy and data protection (PDF) of their customers. A failure to ensure proper techno legal due diligence and e-commerce due diligence would attract both civil and criminal liabilities against e-commerce websites of India.
It is high time to draft a regulatory framework for cyber security disclosure in India for cyber breaches so that rights and interests of Indian consumers and customers are duly protected.