Government has strengthened the legal framework pertaining to network security and data protection

1. At a Glance

2. Why in the News

3. Background & Evolution

4. Core Static Facts

5. Multi-Dimensional Analysis

Legal / Constitutional - Operationalises Art 21 privacy right per Puttaswamy (2017) via DPDP Act, 2023 [S5]. - CERT-In powers derive from Sec 70B(6), IT Act; non-compliance attracts up to 1 yr imprisonment / ₹1 lakh fine [S3]. - DPDP Act prescribes penalties up to ₹250 crore per instance for data fiduciaries [S5].

Strategic / Geopolitical - Trusted Sources directive effectively excludes equipment from adversarial-origin vendors (e.g., Huawei/ZTE) from Indian 5G networks [S1]. - CCTV Essential Requirements address hardware backdoor / supply-chain espionage risk [S1].

Administrative - Government-procurement lever: GeM / departmental purchases of CCTV restricted to compliant products [S1]. - Phased DPDP rollout (18 months for substantive compliance) gives industry transition window [S2].

Scientific / Technological - Mandates STQC-certified testing of CCTV under Essential Requirements; aligns with IT (Security) Order, 2017 for electronics [S1]. - CERT-In FAQs clarify obligations for VPN, cloud, virtual-asset intermediaries [S7].

Ethical / Governance - Tension between data-principal rights (consent, erasure) and state exemptions under Sec 17, DPDP Act. - Consent Manager institution introduces fiduciary intermediary (Phase 2, Nov 2026) [S2].

6. Recent Developments (last 12-18 months)

7. Prelims Hooks

8. Mains Relevance

9. Related Topics to Study Next

10. Common Errors / Trap Areas

11. Sources