Connectivity via the Internet has greatly abridged geographical distances and made communication even more rapid. While activities in this limitless new universe are increasing by leaps and bounds, laws must be formulated to monitor them. In order to keep pace with the changing generation and their mind-set, the Indian Parliament passed the Information Technology (IT) Act, 2000 (hereinafter referred to as ‘the Act’).
With the enactment of this Act, Internet transactions will now be recognised, on-line contracts will be enforceable and e-mails will be legally acknowledged. It will tremendously augment domestic as well as international trade and commerce.
IMPORTANT PROVISIONS
The Act is arranged in 13 Chapters comprising of 93 Sections along with Four Schedules.
1. Legitimacy and Use of Digital Signatures
The Act has adopted the Public Key Infrastructure (PKI) for securing electronic transactions. As per Section 2(1)(p) of the Act, a digital signature means an authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the other provisions of the Act. A private key is used to create a digital signature whereas a public key is used to verify the digital signature and electronic record. They both are unique for each subscriber and together form a functioning key pair.
Furthermore, these digital signatures are to be authenticated by Certifying Authorities (CAs) appointed under the Act who have the license to issue Digital Signature Certificates (DSCs).
2. Writing requirements
Section 4 of the Act states that when under any particular law, if any information is to be provided in writing or typewritten or printed form, then notwithstanding that law, the same information can be provided in electronic form and the same can be authenticated electronicall by means of a digital signature. This non-obstante provision will make it possible to enter into legally binding contracts on-line.
3. Attribution, Acknowledgement and Dispatch of Electronic Records (Chapter IV)
An electronic record shall be attributed to the originator as if it was sent by him or by a person authorised on his behalf or by an information system programmed to operate on behalf of the originator and the same may be acknowledged by the adressee in the manner provided by the originator within the stipuilated time (if any mentioned) or within reasonable time. However, if the acknowledgementis not recieved within the above referred time, the originator may notify the addressee to send the acknowledgement, failing which the electronic record will be treated as never been sent.
4. Utility of electronic records and digital signatures in Government Audits Agencies
According to the provisions of the Act, any forms or applications that have to be filed with the appropriate Government offices or authorities can be filed or any licence, permit or sanction can be issued by the Government in an electronic form. Similarly, the receipt or payment of money can also take place electronically.
Moreover, any documents or records that need to be retained for a specific period may be retained in an electronic form provided the document or record is easily accessible in the same format as it was generated, sent or received or in another format that accurately represents the same information that was originally generated, sent or received. The details of the origin, destination, date and time of the dispatch or receipt of the record must also be available in the electronic record.
Furthermore, when any law, rule, regulation or byelaw has to be published in the Official Gazette of the Government, the same can be published in electronic form.
5. Issuance, Suspension and Revocation of Digital Signature Certificates (DSCs)
As per Section 35, any interested person shall make an application to the CA for a DSC which may be accepted or rejected, providing the reasons in writing for the rejection. Further, the DSC issued may be suspended by the CA after giving the subscriber the opportunity to be heard (if DSC is to be suspended for moe than 15 days) on the request of the subscriber listed in the DSC or any person authorised on behalf of the subscriber.
The DSC can be revoked (i) on the request or death of the subscriber, (ii) dissolution of the firm of the Company when the DSC holder is a firm or a comapny (iii) suo motto by the CA, etc.
A notice of suspension or revocation of the DSC must be published by the CA in a repository specified in the DSC.
6. Penalties for Computer Crimes
The following are the penalties for the computer crimes:
Computer Crime | Penalty |
Gaining unauthorised access to a computer or computer system, damaging it, introducing a virus in the system, denying access to an authorised person or assisting any person in any of the above activities |
Not exceeding Rs. 1 Crore |
Contraving any rules or regulations framed under the Act for which no specific penalty is prescribed |
Not exceeding Rs. 25,000 |
Intentionally or knowingly tampers with computer source documents |
Imprisonment upto 3 years or fine of upto Rs. 2 lakhs or both |
Publishing and dissemination of obscene information and material |
Imprisonment of 2 years and a fine of Rs. 25,000 for the first conviction. Imprisonment of 5 years and a fine of Rs. 50,000 in case of subsequent convictions |
The adjudicating court also has the powers to confiscate any computer, computer system, floppies, compact disks, tape drives or any accessories in relation to which any provisions of the Act are being violated.
If penalties that are imposed under the Act are not paid, they will be recovered as arrears of land revenue and the licence or DSC shall be suspended till the penalty is paid.
7. Cyber Regulations Appellate Tribunal (CRAT)
The first and the only Cyber Appellate Tribunal, established by the Central Government in accordance with the provisions of Section 48(1) of the Information Technology Act, 2000, started functioning from October, 2006. The CRAT shall also have certain powers of a civil court.
Every person aggrieved by any order of the adjudicating officer cna make an appeal within 45 days from the date of receipt of the order and the same had to be disposed off by the CRAT within 60 days of the appeal.
Further, no court has the jurisdiction to decide any matter that can be decided by the adjudicating officer or CRAT. However, the High Coutrt has the auuthority to entertain any appeal against the decidsion of the CRAT, if made within 60 days of the date of communication of the order or decision.
8. Police Powers
A police officer not below the rank of deputy superintendent of police has the power to enter any public place and arrest any person without a warrant if he believes that a cyber crime has been or is about to be committed.
On being arrested, the accused person must, without any unnecessary delay, be taken or sent to the magistrate having jurisdiction or to the officer-in-charge of a police station. The provisions of the Code of Criminal Procedure, 1973 shall apply in relation to any entry, search or arrest made by the police officer.
9. Network Service Providers not liable in certain cases
The Act provides that a person providing service as network service provider shall not be liable for any third parety information or data made available by him, provided he proves that the offence or contravention was committed without his knowledge or inspite of him having exercised all the due diligence to prevent such acts.
CONCLUSION
The IT Act is a comprehensive piece of legislation which aims at policing some of the activities over the Internet. The fundamental approach of the Act is towards validating and legalising electronic and on-line transactions. Business transaction costs will be curtailed and transaction volumes will grow manifold. Computer and Cyber Crimes will hopefully be curbed and offenders will be strictly penalised. Policing these crimes is extremely necessary. At the same time the police officers who enjoy large powers under the IT Act must also be educated in computers and Internet. This would help them in executing their powers effectively and efficiently.
However, the following are the loopholes:
The provisions of the Act are not applicable to:
-
a negotiable instrument as defined in Section 13 of the Negotiable Instruments Act, 1881;
-
power of attorney as defined in Section 1A of the Powers-of-Attorney Act, 1882;
-
a trust as defined in Section 3 of the Indian Trusts Act, 1882;
-
a will as defined in Section (h) of Section 2 of the Indian Succession Act, 1925, including any other testamentary disposition by whatever name called;
-
any contract for the sale or conveyance of immovable property or any interest in such property.
-
The Act is silent regarding the powers of the adjudicating offiers regarding the crimes conducted from outside India.
-
The Act is silent with regard to entering into extradition treaties with other countries.There are no definite guidelines for search and arrest powers given to police officers which nmay be ill-used.The Act is silent on who shall be liable in the event the network service provider proves his ignorance and due diligence, with regard to any crime.
-
The act does not provide for any implications with regard to infringementof the intellectual property rights particularly copy rights over the internet.
-
The provision of the Act, that no oder of the Central Governemnt appointing a person as the preciding officer of the CRAT shall be shall be called into question, may violate the funmdamental rights of the people of India.
This Act is not the end but only a beginning to a plethora of legislation it still needs to be strengthened.