- i. Section 43A of the Information Technology Act, 2000;
- ii. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “ SPI Rules”); and
- iii. Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.