TMI BlogInformation Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016X X X X Extracts X X X X X X X X Extracts X X X X ..... the context otherwise requires, a) Act means the Information Technology Act, 2000 (21 of 2000); b) access gateway means authorised system to provide access to repositories under Digital Locker system; c) application program interface (API) , means a set of routines, protocols, and tools for building software applications; d) body corporate means body corporate as defined in Explanation (1) to section 43A of the Act; e) DeitY means the Department of Electronics and Information Technology in the Ministry of Communications and Information Technology, Government of India; f) DigiLocker means the Government owned and operated web and mobile based hosting of Digital Locker system; g) Digital Locker means a service of preservation, retention of electronic records by the subscriber and delivery of electronic records to the subscriber; h) Digital Locker authority means an authority as designated by the Government for the licensing, empanelment and management of Digital Locker service providers; i) Digital Locker Directory means a web page managed by the Government or Digital Locker authority ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... er or requester of the Digital Locker system. (2) Words and expressions used and not defined in these rules but defined in the Act and various rules made thereunder shall have the same meanings assigned to them in the Act and the said rules respectively. 3. Appointment of Digital Locker Authority . (1) The Government shall appoint the Digital Locker authority to establish, administer, and manage Digital Locker system to preserve and retain information for efficient delivery of services to the users through Digital Locker system. (2) The Digital Locker authority shall discharge its functions as notified under these rules subject to the general control and directions of the DeitY. (3) The Digital Locker authority shall authorise the Digital Locker service provider to provide Digital Locker, access gateway and, or, repository facility electronically, in accordance with these rules. 4. Digital Locker System . (1) For the purpose of providing preservation and retention of machine readable, printable, shareable, verifiable and secure State or Central department or agency or body corporate issued electronic records, the Government and o ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... l Locker shall be used by the subscriber to, (a) access and register for Digital Locker on the web or mobile based Digital Locker Portal; (b) upload documents, or as the case may be, digitally sign, the uploaded documents in the Digital Locker as provided by the Digital Locker service provider; (c) access documents from issuers using the document URI s available in the Digital Locker account. (d) grant access to the requester to access State or Central department or agency or body corporate issued records by providing unique document URI; and (e) provide consent to the issuer to deposit document URI s and to the requestor to access documents; 8. The manner in which Digital Locker system be used by requester . A Digital Locker shall be used by the requester to, (a) register on the Digital Locker directory; (b) access documents uploaded by the subscriber on the Digital Locker portal; (c) use authorised gateway providers to access documents stored across repositories; (d) access subscriber s State or Central department or agency or body corporate issued documents based on the URI; and ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... regulations and orders made thereunder. 12. Appointment of grievance officer by the Digital Locker service provider for dispute resolution. (1) Every Digital Locker service provider shall publish on its website the name of grievance officer and his contact details as well as mechanism by which any users or aggrieved person who suffers as a result of (i) access or usage of Digital Locker or Digital Locker system by any unauthorised person; or (ii) violation of authorising terms, may notify their complaints against such access or usage or violation of licensing terms to such grievance officer. (2) The grievance officer shall redress the complaints within one month from the date of receipt of complaint. 13. Suspension and revocation of Digital Locker account . (1) Subject to the provisions of sub-rule (2), the Digital Locker service provider which has provided a Digital Locker account may suspend such Digital Locker account (a) on receipt of a request to that effect from (i) the subscriber listed in the Digital Locker account; or (ii) any person duly authorised to act on behalf of that subscr ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... eitY; (b) make reasonable efforts to ensure that the portability service is provided to the subscriber with minimal service disruption; and (c) refund reasonable fee back to subscriber (not exceeding any fee or service charges by the service provider to the subscriber). 17. Audit. (1) The Digital Locker service provider shall get its operations audited annually by an auditor and such audit shall include, inter alia, (a) security policy and planning; (b) physical security; (c) technology evaluation; (d) Digital Locker service provider's services administration; (e) relevant Digital Locker Practice Statement; (f) compliance to relevant Digital Locker Practice Statement; (g) contracts or agreements; and (h) policy requirements as may be required under these rules. (2) The Digital Locker service provider shall conduct,- (a) half yearly audit of the security policy, physical security and planning of its operation; (b) a quarterly audit of its system and all associated interfaces, systems, tools and processes. (3) The Digital Locker service provi ..... X X X X Extracts X X X X X X X X Extracts X X X X
|
