Forms of Data in Law FirmsThe (Indian) Information Technology Act, 2000 (hereinafter referred to as the Act) deals with the issues relating to payment of compensation (Civil) and punishment (Criminal) in case of wrongful disclosure and misuse of personal data and violation of contractual terms in respect of personal data. Data is defined under Section 2(o) of the information Technology Act, 2000 as: â€œdata means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer; â€œ Law firms have an immense pool of critical and private data and its usage in any other manner, other than the instruction of the client raises an ethical and legal question. In order to obtain legal advice a client often confide with the law firm with embarrassing details, classified information, future plans. Therefore it is of utmost importance that such data be protected. Additionally, it is to be noted that the obligations of law firms to protect confidential data begins only after the creation of a relationship of an attorney and client. Furthermore, The Indian Evidence Act, 1872 under sections 126 to 129 deals with the privileged communication that is attached to professional communication between a legal adviser and the client. It prohibits attorneys from disclosing any communications exchanged with the client and stating the contents or conditions of documents in possession of the legal advisor in course of and for the latter's employment with the client. The responsibility which is carried by the attorney while discussing with the client, is also to be maintained within a law firm which engages the services of various attorneys.
Effect and obstacles to data theftThe electronic nature of data leaves a gaping hole for exploitation and therefore theft largely goes unnoticed until the revelation by the perpetrators of such theft. Further the effect of data theft in a law firm shall result in concealing such a fact from the client and the public in general to avoid any embarrassment, reputational damage and reduced client confidence for inability to take any action to curtail such theft. Section 72A of the Act provides that disclosure of information, knowingly and intentionally, without the consent of the person concerned and in breach of the lawful contract has been also made punishable with imprisonment for a term extending to three years and fine extending to INR 5,00,000 (Approx. US$ 10750). Further Section 72 of the Act provides for penalty for breach of confidentiality and privacy. The Section provides that any person who, in pursuance of any of the powers conferred under the Act, Rules or Regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned, discloses such material to any other person, shall be punishable with imprisonment for a term which may extend to two years, or with fine which may extend to INR 100,000, or with both.
ConclusionUndoubtedly, the concept of data theft and protection is at a nascent stage in India. Whoever there are reasons for jubilation with the Data Privacy Protection Bill, 2013 pending in the parliament. Further the framers of the Rules have attempted to adopt ideas from jurisdictions which have long standing and mature data protection regulations. These Rules are only therefore a first step. Moreover, stringent implementation of the law and healthy development of the data privacy and protection jurisprudence in the long run is what one needs to watch out for.
 Kalikumar Pal v. RajkumarPal 1931 (58) Cal 1379, Para 5  Ministry of Communication and Information technology, Press Note No. 11-7/2010-S-I(Pt. 1)  Bar Council of India Rules, Part VI, Chapter II, Section II, Rule 17.