Information Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... (21 of 2000); b) "access gateway" means authorised system to provide access to repositories under Digital Locker system; c) "application program interface (API)", means a set of routines, protocols, and tools for building software applications; d) "body corporate" means body corporate as defined in Explanation (1) to section 43A of the Act; e) "DeitY" means the Department of Electronics and Information Technology in the Ministry of Communications and Information Technology, Government of India; f) "DigiLocker" means the Government owned and operated web and mobile based hosting of Digital Locker system; g) "Digital Locker" means a service of preservation, retention of electronic records by the subscriber and delivery of electronic records to the subscriber; h) "Digital Locker authority" means an authority as designated by the Government for the licensing, empanelment and management of Digital Locker service providers; i) "Digital Locker Directory" means a web page managed by the Government or Digital Locker authority for registration and providing details of registered locker providers, issuers, requester, repositories and access gateways providers; j) "Digital Lo .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... espectively. 3. Appointment of Digital Locker Authority.-- (1) The Government shall appoint the Digital Locker authority to establish, administer, and manage Digital Locker system to preserve and retain information for efficient delivery of services to the users through Digital Locker system. (2) The Digital Locker authority shall discharge its functions as notified under these rules subject to the general control and directions of the DeitY. (3) The Digital Locker authority shall authorise the Digital Locker service provider to provide Digital Locker, access gateway and, or, repository facility electronically, in accordance with these rules. 4. Digital Locker System.-- (1) For the purpose of providing preservation and retention of machine readable, printable, shareable, verifiable and secure State or Central department or agency or body corporate issued electronic records, the Government and other service providers to provide a Digital Locker system of limited electronic storage to all users. (2) The Government through Digital Locker authority and in accordance with the technical standards as laid down by the DeitY from time to time shall provide for the administration of Dig .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... er account. (d) grant access to the requester to access State or Central department or agency or body corporate issued records by providing unique document URI; and (e) provide consent to the issuer to deposit document URI's and to the requestor to access documents; 8. The manner in which Digital Locker system be used by requester.-- A Digital Locker shall be used by the requester to,-- (a) register on the Digital Locker directory; (b) access documents uploaded by the subscriber on the Digital Locker portal; (c) use authorised gateway providers to access documents stored across repositories; (d) access subscriber's State or Central department or agency or body corporate issued documents based on the URI; and (e) take consent from subscriber to access documents available in subscriber's Digital Locker account. 9. The manner in which Digital Locker system be used by issuer.-- A Digital Locker shall be used to, -- (a) register on the Digital Locker Directory; (b) issue new digital records in the format as prescribed by the appropriate government; (c) provide older digitized records to the subscriber, which are verifiable, shareable, accessible and printable; (d .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... vance officer. (2) The grievance officer shall redress the complaints within one month from the date of receipt of complaint. 13. Suspension and revocation of Digital Locker account.--(1) Subject to the provisions of sub-rule (2), the Digital Locker service provider which has provided a Digital Locker account may suspend such Digital Locker account - (a) on receipt of a request to that effect from - (i) the subscriber listed in the Digital Locker account; or (ii) any person duly authorised to act on behalf of that subscriber; (b) if it is the opinion of Digital Locker authority that the subscriber's Digital Locker account should be suspended in public interest for reasons to be included in writing. (2) A Digital Locker account shall not be suspended for a period exceeding thirty days unless the subscriber has been given an opportunity of being heard in the matter. (3) On suspension of a Digital Locker account under these rules, the Digital Locker service provider shall communicate the same to the subscriber and other users. Explanation.-- For the purpose of these rules, suspension of Digital Locker account of subscriber implies that neither requester nor issuer shall b .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X

..... e required under these rules. (2) The Digital Locker service provider shall conduct,- (a) half yearly audit of the security policy, physical security and planning of its operation; (b) a quarterly audit of its system and all associated interfaces, systems, tools and processes. (3) The Digital Locker service provider shall submit copy of each audit report to the Government or Digital Locker authority within four weeks of the completion of such audit and where irregularities are found, the Digital Locker service provider shall take immediate appropriate action to remove such irregularities. 18. Auditor's relationship with Digital Locker service provider.-- (1) The auditor shall be independent of the Digital Locker service provider being audited and shall not be a software or hardware vendor which is, or has been providing services or supplying equipment to the said Digital Locker service provider. (2) The auditor and the Digital Locker service provider shall not have any current or planned financial, legal or other relationship, other than that of an auditor and the audited party. 19. Confidential Information.--The following information shall be treated as confidential, .....

X X   X X   Extracts   X X   X X

→ Full Text of the Document

X X   X X   Extracts   X X   X X