Facts that Matter : International Laws & IPR | Legal Reasoning for CLAT PDF Download

Right to Privacy as a Fundamental Right

Fact 1: Which landmark judgment recognized the Right to Privacy as a fundamental right under the Indian Constitution?
Ans: Justice K.S. Puttaswamy vs. Union of India (2017)

Fact 2: Under which Article of the Indian Constitution is the Right to Privacy primarily derived?
Ans: Article 21

Fact 3: Which type of personal data requires higher protection due to its sensitive nature, such as health or financial information?
Ans: Sensitive personal data

Fact 4: Under the proposed Data Protection Law, which body is tasked with regulating and enforcing privacy and data protection rights?
Ans: Data Protection Authority of India (DPAI)

Fact 5: What principle obligates organizations to collect only the minimum necessary personal data and use it only for lawful purposes?
Ans: Data minimization principle

Digital Personal Data Protection Act, 2023 (DPDPA)

Fact 1: Which law governs the collection, processing, and storage of digital personal data in India?
Ans: Digital Personal Data Protection Act, 2023

Fact 2: Who determines the purpose and means of processing personal data under the DPDPA?
Ans: Data Fiduciary

Fact 3: Under the DPDPA, what right allows individuals to request correction or deletion of their personal data?
Ans: Right to rectification and erasure

Fact 4: Which authority enforces compliance with the DPDPA?
Ans: Data Protection Board of India

Fact 5: What obligation do data fiduciaries have to protect personal data from unauthorized access or breach?
Ans: Security safeguards obligation

Information Technology Act, 2000 (IT Act)

Fact 1: Which Indian law provides legal recognition for electronic records and digital signatures?
Ans: Information Technology Act, 2000

Fact 2: Which authority is designated to regulate and enforce provisions related to cyber laws under the IT Act?
Ans: Controller of Certifying Authorities (CCA)

Fact 3: Under the IT Act, which section deals with punishment for hacking or unauthorized access to computer systems?
Ans: Section 66

Fact 4: What is the legal term for digitally signed electronic documents under the IT Act?
Ans: Electronic signature / Digital signature

Fact 5: Which provision of the IT Act deals with compensation for failure to protect sensitive personal data?
Ans: Section 43A

General Data Protection Regulation (GDPR)

Fact 2: An EU citizen asks a company to provide all information it holds about them, including usage history. Which GDPR right is being exercised?
Ans: Right of access

Fact 3: A firm decides what personal data to collect and how it will be processed for business purposes. Under GDPR, who holds this responsibility?
Ans: Data Controller

Fact 4: Before launching a new app that tracks user behavior, a company obtains clear permission from each user. What type of consent does GDPR require in this scenario?
Ans: Explicit and informed consent

Fact 5: Which regulation applies to organizations that process personal data of individuals in EU countries, ensuring privacy protection?
Ans: General Data Protection Regulation (GDPR)

Data Breaches and Cybercrimes

Fact 2: If an attacker installs malware on a company’s network to steal financial information, which cybercrime is being committed?
Ans: Hacking / Cyber intrusion

Fact 3: Sending fraudulent emails to trick individuals into revealing passwords or bank details is known as:
Ans: Phishing

Fact 4: Under Indian law, which authority can investigate and take action against cybercrimes and data breaches?
Ans: Police / Cybercrime Cell under IT Act, 2000

Fact 5: When confidential information is illegally accessed and misused for financial gain, it is classified as:
Ans: Cyber theft / Financial cybercrime