Abstract
Abstract This article examines the constitutionality of the Cyber Security Directions released by Computer Emergency Response Team India (CERT-In). The new guidelines issued by CERT-In, the nodal agency of the Ministry of Electronics and Information Technology, have been in the news in India due to concerns being raised by various companies and privacy watchdogs like the Internet Freedom Foundation that the guidelines were affecting the fundamental right to privacy and personal autonomy of the individuals. The guidelines promulgated give CERT-In the authority to demand and retain various kinds of personally identifiable information for more than 5 years. The mandates related to virtual private network service providers are unreasonable and violative of user privacy, while the domain of information that is to be collected is ambiguous and unspecified for the purpose, thus increasing the chances of surveillance and potential censorship. The authors also give suggestions on how to overcome anomalies which are present in the guidelines issued by CERT-In.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
