Answer By law4u team
Identity theft on digital platforms is a growing concern as criminals exploit personal data to commit fraud or unauthorized transactions. Governments worldwide have enacted laws and regulations aimed at protecting consumers and penalizing offenders. These legal protections mandate strict data handling, breach notification, and empower consumers with rights to report and seek remedies. Understanding these safeguards helps users protect themselves and respond effectively if identity theft occurs.
Legal Protections Against Identity Theft on Platforms
Information Technology Act, 2000 (India)
Includes provisions to penalize identity theft and cyber fraud. Sections 66C and 72A criminalize identity theft and data privacy violations, respectively, with penalties including imprisonment and fines.
General Data Protection Regulation (GDPR - EU)
Mandates strict rules for personal data processing, breach notifications within 72 hours, and strong consumer rights including access, correction, and data portability.
Digital Personal Data Protection Act (DPDP), 2023 (India)
Requires platforms to obtain explicit consent before processing personal data and imposes penalties for data breaches, ensuring consumers’ data security.
Cybercrime Laws and Enforcement Agencies
Dedicated cybercrime cells and law enforcement agencies investigate and prosecute identity theft cases. Consumers can report identity theft to platforms and government portals like cybercrime.gov.in.
Consumer Protection Act, 2019
Provides consumers the right to seek compensation for losses arising from identity theft due to negligence by service providers.
Data Security and Privacy Measures
Legal mandates require platforms to implement security protocols such as encryption, two-factor authentication, and regular security audits.
Breach Notification Obligations
Platforms must notify users promptly if their data is compromised, allowing timely protective action like password changes or account freezes.
Preventive and Consumer Measures
- Use strong, unique passwords and enable two-factor authentication (2FA).
- Regularly monitor account activity and transaction alerts.
- Avoid sharing personal details on unsecured or suspicious platforms.
- Report suspicious activity immediately to platform support and authorities.
- Educate oneself about phishing and social engineering tactics.
Consumer Rights and Remedies
- Right to file complaints with cybercrime cells or consumer forums.
- Right to demand investigation and resolution from platforms.
- Right to seek compensation for financial loss or damage.
- Right to data access, correction, and deletion under data protection laws.
Example
A consumer notices unauthorized transactions on their online wallet account. After investigation, it’s found that their login credentials were stolen via a phishing attack.
Steps the consumer should take:
- Immediately report the unauthorized transactions to the wallet provider and block the account.
- File a complaint on the national cybercrime portal (cybercrime.gov.in).
- Change passwords and enable two-factor authentication on all related accounts.
- Monitor bank statements and credit reports for further suspicious activity.
- Request compensation or refund through the platform’s grievance redressal mechanism or consumer court if necessary.
