Credit Information Companies (Regulation) Act, 2005
22. Unauthorised access to credit information.-
1. No person shall have access to credit information in the possession or control of a credit information company or a credit institution or a specified user unless the access is authorised by this Act or any other law for the time being in force or directed to do so by any court or tribunal and any such access to credit information without such authorisation or direction shall be considered as an unauthorised access to credit information.
2. Any person who obtains unauthorised access to credit information as referred to in sub-section (1) shall be punishable with fine which may extend to one lakh rupees in respect of each offence and if he continues to have such unauthorised access, with further fine which may extend to ten thousand rupees for every day on which the default continues and such unauthorised credit information shall not be taken into account for any purpose.