Legal Framework of Web Conferencing in India

Legal Framework of Web Conferencing in India


India adapts to new norms. The technical way of doing business through Web/Video conferencing, until recently, has been a bit of a hassle in our lives, suddenly becoming a necessity due to the Covid -19 epidemic. . This article is an attempt to analyze the legal framework in place in relation to the Web Conference, areas of concern and the way forward for the adoption of business web applications and the pursuit of technology in India after Covid.


Website or Video conferencing is a platform for audio and video conferencing, document and screen sharing while communicating with participants in various locations. The audio/video site has many features including the use of CODEC representing the coder-decoder. Codec is a device, which converts and compresses analog audio-video signal into digital data and sends it over the digital line. The decoder changes processes at the end of the acquisition and this compression and downtime allows a large amount of data to be transferred to the network in real-time. A simplified example is a zip file that the sender presses while sending and then retrieves the same zip in its original size after receipt.

While providing the above resources, conference systems utilize a variety of end-to-end computer/participant devices such as video input including camera, video output in the form of microphones and speakers, etc., were with open legal and regulatory challenges.


India does not have dedicated regulations to address the challenges of possible data breaches. To address potential data violations related to Web Conferencing Services, one should refer to the Information Technology Act, 2000 (“IT Act”) in particular section 6A, 13 (3), 13 (4), 13 (5), and section 75 is one set of resources that expands the limited power of the Indian authorities to deal with Web Conference providers who have their own server outside of the typical Indian subcontinent. Other relevant provisions of the IT Act are Section 43A read with Section 72A, which provides for compensation and penalties for breach of contract details.

Under Section 69 (2) of the IT Act, Information Technology (Procedures and Procedures for the Prevention, Monitoring, and Removal of Information) The 2009 Act was enacted. However, all security measures under these rules apply to any privacy violations that must be dealt with in terms of applicable law. As a result, these rules remain inadequate to contain a check on the misuse of user data. Subsequently, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 issued under Section 43A of the IT Act, imposed additional obligations on the service provider in respect of the collection and disclosure of sensitive personal information or data.

In addition to the above provisions, Section 179 of the Indian Penal Code (“IPC”) empowers the investigator to enforce cooperation if any service provider does not cooperate and responds to the investigator. As these laws and regulations have failed to meet the speed, this has led to the Personal Data Protection Bill, 2019 (“PDP Bill”).


The PDP bill, by all means, is a major effort to achieve a policy and full mandate for data protection. Divided into fourteen chapters, the PDP Bill aims to create the protection of a person whose data is processed through unauthorized and dangerous conduct. This will be done by building a trusting relationship between the individual and the data processor by making the flow and use of personal data controlled. Audits and ratings are verified by adjusting the liability and establishing a data processing authority.

However, in the current situation and situation, it is not expected that the PDP bill will serve as a solution. While there is still a long way to go before a parliamentary select committee, there are natural issues that could cause delays before the PDP Bill becomes law and a solution. To keep the PDP Bill from being a Web conference, it is difficult to start using external power under Section 2 (A) (a) which provides for the implementation of the Personal Data Act that is collected, disclosed, shared, or otherwise processed within the territory of India. Similarly, section 2 (b) read with Section 91 of the PDP bill is a setback we have adopted. If the services of Web Conferencing Services were beyond the scope of politics, it would be appropriate if the local clause would take the power to process the information of each person who is present and under Indian territory.

Another concern for data authorization Principal (user) is the service provider (Data fiduciary). In terms of section 11 (1), personal data will not be processed, without the permission of the data user (user) at the beginning of its processing. Now that processing is one-time download web download software or always the data you intend to process is not specified. On the bright side, Section 57 of the PDP Bill, proposes a maximum penalty for violating this provision that could exceed 15 crore rupees or 4 percent of the world's gross domestic product in the last financial year, whichever is higher than the data. Such a strict punitive provision would be a complete deterrent to the possible privacy of any Web Conferencing Service provider.


Currently, India has no law that can regulate and act as a barrier in the most aggressive case of doing business in the case of Covid 19 with a Web Conference. For this reason, all stakeholders, Government, courts, and civil society groups, must come forward and play their part in ensuring that a powerful tool such as Web Conferencing should not be a threat to national security and a fundamental right to privacy. Until then, the PDP bill becomes law, and with the Data Protection Authority in place, India should immediately come up with authentication guidelines for any web service provider wishing to host Web Conference Services in India. Considering the size and opportunity, all international Web Conferences will adopt such guidelines to touch on a large Indian customer base. It is also noteworthy that such self-certification guidelines should include the provision of periodic updates as the web service providers keep their contract terms updated regularly.

In addition to addressing the shortcomings of the PDP bill, there should be a strong provision that allows for class action suits for debtors who provide Web Conferencing Services, violating citizens' privacy for commercial gain. All Citizen Groups must come forward and create democratic pressure on the government to move forward with changes to the PDP bill. The government should also put the bill back to the public and seek to comment again so that the realities and challenges posed by technology can be addressed in a comprehensive legal effort in the form of a PDP bill. To date, the PDP bill and guidelines for self-certification are in place; lawmakers should control the growing number of Web Conference activities. Because these courts must come up with new, regulatory proclamations so that legal provisions can be in line with Web Conference technology with respect to local boundaries. The best way to end this story is Judge Bhagwati's keywords in the previous National Textile Workers' Union's ruling that

"So the law must always adapt to a rapidly changing society and not lag behind."

Need any kind of legal advice, just sign up with eStartIndia!


Damini Nagar
B.A LLB from Indore institution of Law

Leave a Comment

Previous Comments

Related Blogs