Page 31 - Approved Social Media Framework and Guidelines
P. 31

4)  That the Government department as intermediary must not conspire or abet or
                          aide or induce, whether by threats or promise or otherwise in the commission of
                          the unlawful act.

                      5)  That  the  Government  department  must  immediately  after  receiving  actual
                          knowledge,  or  on  being  notified  by  the  appropriate  Government  or  its  agency
                          that any information, data or communication link residing in or connected to a
                          computer resource controlled by the Government department is being used to
                          commit  the  unlawful  act,  must  expeditiously  remove  or  disable  access  to  that
                          material on that resource without vitiating the evidence in any manner.

                      6)  The  Government  department  must  also  comply  with  all  applicable  rules,
                          regulations and notifications in regard to their activity of providing social media
                          facilities on its network.

                      7)  That  the  Government  department  complies  with  the  Information  Technology
                          (reasonable  security  practices  and  procedures  &  sensitive  personal  data  or
                          information) Rules, 2011.

                      8)  That the Government department also complies with the Information Technology
                          (Intermediary guidelines) Rules, 2011.

                      9)  That the Government department also implement reasonable security practices
                          and  procedures  as  envisaged  under  Section  43A  of  the  amended  Information
                          Technology Act, 2000.

               Under the Information Technology Act 2000, the Central Government has enacted various
               rules and regulations which impact social media.  Some of the most important in this regard
               are as follows:

                   ix.  The  Information  Technology  (reasonable  security  practices  and  procedures  &
                       sensitive personal data or information) Rules, 2011 – These rules define for the first
                       time  in  independent  India  what  constitutes  sensitive  personal  data.    Sensitive
                       personal data or information of a person means such personal information which
                       consists of informaLon relaLng to;―

                       (i)    password;

                       (ii)    financial  information  such  as  Bank  account  or  credit  card  or  debit  card  or
                              other payment instrument details;

                       (iii)    physical, physiological and mental health condition;

                       (iv)    sexual orientation;

                       (v)    medical records and history;

                                                      Page 31 of 38
   26   27   28   29   30   31   32   33   34   35   36