Section 3(2) in The Information Technology (Procedure And Safeguard For Monitoring And Collecting Traffic Data Or Information) Rules, 2009
(2)The competent authority may issue directions for monitoring for any or all of the following purposes related to cyber security, namely: -(a)forecasting of imminent cyber incidents;(b)monitoring network application with traffic data or information on computer resource;(c)identification and determination of viruses or computer contaminant;(d)tracking cyber security breaches or cyber security incidents;(e)tracking computer resource breaching cyber security or spreading virus or computer contaminants;(f)identifying or tracking of any person who has breached, or is suspected of having breached or being likely to breach cyber security;(g)undertaking forensic of the concerned computer resource as a part of investigation or internal audit of information security practices in the computer resource;(h)accessing a stored information for enforcement of any provisions of the laws relating to cyber security for the time being in force;(i)any other matter relating to cyber security.
