(1) A system provider shall not disclose to any other person the existence or contents of any document or part thereof or other information given to him by a system participant, except where such disclosure is required under the provisions of this Act or the disclosure is made with the express or implied consent of the system participant concerned or where such disclosure is in obedience to the orders passed by a court of competent jurisdiction or a statutory authority in exercise of the powers conferred by a statute.
(2) The provisions of the Bankers’ Book Evidence Act, 1891(18 of 1991) shall apply in relation to the information or documents or other books in whatever form maintained by the system provider.
Simplified Explanation
Section 22 of the Payment and Settlement Systems Act, 2007 focuses on the confidentiality of documents and information maintained by system providers. This section mandates system providers to safeguard sensitive data, ensuring that it is disclosed only under specific circumstances.
Key Provisions of Section 22:
- Confidentiality of Documents and Information (Subsection 1):
- General Rule of Confidentiality: A system provider is prohibited from disclosing to any third party the existence or content of any document, information, or details related to the payment system received from a system participant. This confidentiality extends to all communications, documents, and records related to system participants.
- Exceptions to Confidentiality:
- Required by Law: Disclosure can occur if required under the provisions of the Payment and Settlement Systems Act itself.
- Consent of the System Participant: Disclosure is allowed if the system participant has expressly or impliedly consented to the sharing of the information. This ensures that the system participant’s privacy is respected unless they agree otherwise.
- Court or Statutory Authority Orders: Disclosure is permitted if the system provider is compelled by an order from a court of competent jurisdiction or a statutory authority exercising powers granted under another statute. This may include situations where there is a legal obligation to provide certain documents or information in compliance with a legal proceeding or regulatory requirement.
- Application of the Bankers’ Book Evidence Act, 1891 (Subsection 2):
- Bankers’ Book Evidence Act: The information, documents, and books maintained by the system provider, in whatever form (whether electronic or paper), are subject to the provisions of the Bankers’ Book Evidence Act, 1891.
- Relevance: The Bankers’ Book Evidence Act allows documents maintained by banks (and by extension, system providers) to be admissible in court as evidence, provided they comply with the conditions set out in the Act. It ensures that records kept by system providers in the payment system can be treated as valid evidence in legal matters, subject to the Act’s conditions and procedures.
Purpose of Section 22:
- Protection of Sensitive Information: The section ensures that information regarding system participants, including their transactions, account details, and other sensitive data, remains confidential. This confidentiality is critical for maintaining the trust of participants in the payment system.
- Clear Guidelines for Disclosure: The section provides specific exceptions where disclosure is permissible, balancing the need for confidentiality with legal or regulatory requirements. This ensures that confidentiality is not absolute, but only waived under defined and controlled circumstances.
- Legal Framework for Evidence: By linking the provisions of this Act to the Bankers’ Book Evidence Act, it ensures that information maintained by the system provider can be used appropriately in legal proceedings, thereby aligning with existing legal frameworks for handling banking documents.
Implications for System Providers:
- Obligations for Confidentiality: System providers must take necessary measures to ensure that documents and information relating to system participants are kept confidential. Unauthorized disclosure could lead to legal repercussions, including penalties or reputational damage.
- Operational Procedures: System providers must implement operational safeguards and protocols to ensure that they can comply with confidentiality requirements. This may include access control, encryption, and clear procedures for handling requests for information or documents.
- Compliance with Legal Orders: System providers should be prepared to handle requests for information from courts or regulatory authorities. They must ensure that they comply with such orders while still maintaining the confidentiality of other system participants’ data.
In Summary:
Section 22 mandates that system providers maintain confidentiality of documents and information related to the payment system, with limited exceptions for legal disclosures. This ensures that system participants’ sensitive data is protected, while also allowing for necessary disclosure under legal or regulatory authority. The section also ensures that records maintained by system providers are treated as evidence in accordance with the Bankers’ Book Evidence Act, 1891.
