Name-Kashish Khurana, User-ID - 1855_kashish

FINAL ASSIGNMENT

Q.1. Analyze the scope of various International Legal Instruments
regulating Cyber world?

A.-
European Convention on Cyber Crimes
In 1985 the Council of Europe (CoE) appointed the Expert Committee to
discuss the legal aspects of computer crimes. Their Recommendation was
adopted under the terms of Article15.b of the Statute of the Council of
Europe by recognizing the new challenges of cyber-crimes and
harmonization of law and practice. The Council of Europe introduced a new
convention with 23 signatory state members at first instance.
In 1997, the Council of Europe (CoE), an organization of 47 European
countries, appointed a Committee of Experts on Crime in Cyberspace to
identify and define new crimes, jurisdictional rights and criminal liabilities
concerning the Internet. Canada, Japan, South Africa and the U.S. were also
invited to participate in the discussions as observer nations. The goals were
to create a set of standard laws concerning cyber-crimes for the global
community and create a common criminal policy to protect against cyber-
crimes. The country representatives sought to make it easier for law
enforcement to cooperate in collecting evidence in investigating computer
crimes (Furnell, 2002). The resulting Convention on Cyber-crime of the CoE
was passed in June 2001 and is currently the only global document on this
issue (CoE, 2001). The document attempts to
Define cyber-crimes and to develop policies to prevent particular crimes
committed with use of the internet. The treaty includes provisions geared
toward fighting terrorism, child sexual exploitation, organized crime,
copyright infringement, hacking, and internet fraud. The Convention also
acts as a framework for international cooperation between countries in
investigating and prosecuting possible cyber-crimes. Other portions of the
treaty include
Descriptions of extradition procedures. If countries agree to the treaty, they
must agree to pass legislation to address particular Computer crimes (Gold,
2000; Yam, 2001). They also agree to provide international cooperation to
other parties in the fight against computer-related crime by providing a
contact for countries that need immediate help in investigating a computer
crime (Boni, 2001). The treaty gives police agencies expanded powers to
investigate and prosecute computer crimes when the offense crosses
national borders (US Ratifies, 2006). On
November 7, 2002, the Council of Ministers adopted an additional protocol,
separate from the main Cyber-crime Convention, which addresses racist
and xenophobic materials committed through computer networks (CoE,
2001).
After the CoE finalized the proposed treaty, twenty-six Member States in
Budapest, Hungary signed it. The countries who enjoyed observer status
(the U.S., Mexico, Japan, and Canada) had the option to sign it. It was then
sent to countries for ratification (Hancock, 2000). The treaty came into
effect when five states, including at least three CoE member states, ratified
it (Convention on Cyber-crime Update, 2002). The Convention entered
into force on July 1, 2004. To date, twenty-four countries have ratified the
Convention; twenty-three of whom have also signed it but not ratified it
(Kirk, 2009a; Kirk, 2009b). The last country to ratify the treaty was
Germany, which did so on March 9, 2009. The U.S. Senate ratified the
treaty on August 3, 2006. Although it appears to be a significant policy to
attack cyber criminals, when examined closely, it is clear that the treaty has
many elements of symbolism in it. The Treaty is organized into four
chapters. Each chapter includes different sections, which are then broken
down into articles. Each chapter discusses a different aspect of the Treaty,
with specifics given in the articles.
A. Cybercrime Offenses

The Convention requires Parties (i.e., ratifying states) to adopt such
legislative and other measures as may be necessary to establish as criminal
offences under its domestic law, when committed intentionally
i. Unauthorised intentional access to a computer system,
ii. Unauthorised intentional interception, made by technical means, of non-
public
Transmissions of computer data to, from or within a computer system,
iii. Intentional damaging, deletion, deterioration, alteration or suppression
of computer data without right.
iv. Intentional and unauthorised serious hindering of the functioning of a
Computer system by inputting, transmitting, damaging, deleting,
deteriorating, altering or suppressing computer data,
v. Intentional and unauthorised production, sale, procurement for use,
import, distribution or otherwise making available of a device, including a
computer program, designed or adapted primarily for the purpose of
committing any of the offences mentioned in (i) to (iv) above,
vi. Intentional and unauthorised production, sale, procurement for use,
import, distribution or otherwise making available of a computer password,
access code, or similar data by which the whole or any part of a computer
system is capable of being accessed with intent that it be used for the
purpose of committing any of the offences mentioned in (i) to (iv) above,
vii. The possession of an item referred to in paragraphs (v) and (vi) above,
with intent that it be used for the purpose of committing any of the
offences mentioned in (i) to (iv) above.

B. Investigative Procedures

The second principal part of the Convention requires Parties to enact
certain procedural mechanisms and procedures to facilitate the
investigation of cybercrimes or any crimes committed with a computer or
for which evidence may be found in electronic form. The provisions in
this part require states to adopt such legislative and other measures as
may be necessary to:

enable its competent authorities to order or similarly obtain the
expeditious preservation of specified computer data, including traffic data,
that has been stored by means of a computer system, in order to give
authorities the opportunity to seek disclosure of the data

With respect to preserved traffic data about a communication, ensure the
expeditious disclosure to the Partys competent authority...of a sufficient
amount of traffic data to enable the Party to identify the service providers
and the path through which the communication was transmitted

Empower its authorities to order a person in its territory to produce
specified computer data in that persons possession or control,
43
and to
order a service provider offering its services in the territory of the Party
to produce subscriber information relating to such services



Empower its competent authorities to search or similarly access and to
seize a computer system or a computer-data storage medium in its
territory, and to search and seize data stored therein

Empower its authorities to collect or record through the application of
technical means on its territory, traffic data, in real-time, associated with
specified communications in its territory transmitted by means of a
computer system, or to compel a service provider, within its existing
technical capability, to do the same or to cooperate and assist the
authorities own collection or recording


Empower its authorities, in the case of serious offences, to collect or
record through the application of technical means on its territory content
data, in real-time, of specified communications in its territory transmitted
by means of a computer system, or to compel a service provider, within
its existing technical capability, to do the same or to cooperate with the
authorities own collection or
Recording

Establish jurisdiction over any of the substantive offenses set forth in the
Convention that are committed in the states territory.

C. International Cooperation

The third principal part of the Convention sets out mechanisms by which
Parties to the convention will assist each other in investigating cybercrimes
and other crimes involving electronic evidence. The Convention provides
that Parties shall co-operate with each other to the widest extent possible
for the purposes of investigations or proceedings concerning criminal
offences related to computer systems and data, or for the collection of
evidence in electronic form of a criminal offence. However, this
cooperation shall occur through the application of relevant international
instruments on international co-operation in criminal matters,
arrangements agreed on the basis of uniform or reciprocal legislation, and
domestic laws. This suggests that cooperation may be limited or delayed if
required by law or other arrangements. The specific cooperation measures
are described below.



RECOGNITION OF FOREIGN JUDGMENTS

In law, the enforcement of foreign judgments is the recognition and
enforcement in one jurisdiction of judgments rendered in another
("foreign") jurisdiction. Foreign judgments may be recognized based
on bilateral or multilateral treaties or understandings, or unilaterally
without an express international agreement. The emerging legal issues on
jurisdiction as regards transactions over the Internet can hardly ignore
the legal aspects involved in the execution/enforcement of foreign decrees.
Even after exercise of jurisdiction, the Courts may be unable to help the
plaintiff in getting relief in case the local laws of the country concerned
have certain restrictions for the execution/enforcement of foreign
judgments or decrees in the country.
Under Indian Law, execution of decrees, whether foreign or domestic, is
governed by the provisions of the Code of Civil Procedure, 1908 (CPC) (as
amended from time to time).
The "recognition" of a foreign judgment occurs when the court of one
country or jurisdiction accepts a judicial decision made by the courts of
another "foreign" country or jurisdiction, and issues a judgment in
substantially identical terms without rehearing the substance of the original
lawsuit. For the private citizen enjoying the right to travel more freely
between states, the development of the Internet and e-commerce in an
increasingly globalized set of markets means that individuals routinely buy
goods, incur debts and suffer loss and injury across state borders. For
consumer groups, human rights advocates, intellectual property rights
holders, and multinational corporations, the continuing reliance on a
fragmented system of territorial boundaries for establishing jurisdiction, is
presenting a new range of problems that can only be resolved by
harmonizing laws and standardizing remedies.



Q.2. Briefly explain Cyber Crimes and narrate the different
classifications of Cyber Crimes?
A.-
Crime in any form adversely affects all the members of the society. In
developing economies, cyber crime has increased at rapid strides, due to
the rapid diffusion of the Internet and the digitisation of economic
activities. Thanks to the huge penetration of technology in almost all walks
of society right from corporate governance and state administration, up to
the lowest level of petty shop keepers computerizing their billing system,
we find computers and other electronic devices pervading the human life.
The penetration is so deep that man cannot spend a day without
computers or a mobile. Snatching some ones mobile will tantamount to
dumping one in solitary confinement!
Cyber Crime is not defined in Information Technology Act 2000 or in the I.T.
Amendment Act 2008 or in any other legislation in India. In fact, it cannot
be too. Offence or crime has been dealt with elaborately listing various acts
and the punishments for each, under the Indian Penal Code, 1860 and quite
a few other legislations too. Hence, to define cyber crime, we can say, it is
just a combination of crime and computer. To put it in simple terms any
offence or crime in which a computer is used is a cyber crime. Interestingly
even a petty offence like stealing or pick-pocket can be brought within the
broader purview of cyber crime if the basic data or aid to such an offence is
a computer or an information stored in a computer used (or misused) by
the fraudster. The I.T. Act defines a computer, computer network, data,
information and all other necessary ingredients that form part of a cyber
crime, about which we will now be discussing in detail.
In a cyber crime, computer or the data itself the target or the object of
offence or a tool in committing some other offence, providing the
necessary inputs for that offence. All such acts of crime will come under the
broader definition of cyber crime.
Cyber crime encompasses any criminal act dealing with computers and
networks (called hacking). Additionally, cyber crime also includes traditional
crimes conducted through the Internet. For example; hate crimes,
telemarketing and Internet fraud, identity theft, and credit card account
thefts are considered to be cyber crimes when the illegal activities are
committed through the use of a computer and the Internet.
Classifications of Cyber Crimes
Cyber crimes can be classified on various basis such as on the basis of (a)
subject of crime, (b) against whom crime is committed and (c) on the basis
of temporal nature of criminal activities being carried out on computers
and Internet. The subject of cyber crime may be broadly classified under
the following three groups:


(i) Against individuals

It may be against individual persons or their property. Following are the
crimes, which can be committed against Individual persons:

a. Harassment via e-mails
b. Cyber-stalking
c. Dissemination of obscene material
d. Defamation
e. Unauthorized control/access over computer system
f. Indecent exposure;
g. Email spoofing
h. Cheating and Fraud.

Following are the crimes, which can be committed against individual
property:
a. Computer vandalism
b. Transmitting virus
c. Ne trespass
d. Unauthorized control/access over computer system
e. Intellectual Property crimes
f. Internet time thefts.

(ii) Against organization

It may be against the Government, a firm, a company or a group of
individuals. Following are the crimes against an organization:
a. Unauthorized control/access over computer system
b. Possession of unauthorized information
c. Cyber terrorism against the government organization
d. Distribution of pirated software.

(iii) Against the society at large Following are the crimes:

a. Pornography (largely child pornography)
b. Polluting the youth through indecent exposure
c. Trafficking
d. Financial crimes
e. Sale of illegal articles
f. Online gambling
g. Forgery.



A. On the basis of commission of traditional crimes, cyber crimes can be
classified into following categories:
(i) Cyber Theft
(ii) Cyber trespass
(iii) Cyber Violence
(iv) Cyber Obscenity14
(v) Cyber forgery and fraud
(vi) Intellectual Property Crimes

B. On the basis of emergence of new crimes, cyber crimes can be classified
into following categories:

(i) Cyber stalking
(ii) Cyber Pornography
(iii) Unauthorized access
(iv) Hacking
(v) Denial of Service Attack
(vi) Virus and Worms Attacks
(vii) Email Spoofing
(viii) Logic Bombs
(ix) Salami Attacks
(x) Data Diddling
(xi) Email Bombing
(xii) Trojan Attacks
(xiii) Web Jacking
(xiv) Cyber Terrorism
(xv) Computer Vandalism

Q.3. Elucidate the judicial interpretations on Copyright issues in
the Cyber space?
A.-

Cyber Infringement

Copyright infringement is the use of somebody's own work of art and or
other creations as your own work. The work also has to be taken without
permission of the person or organization that own the rights to that specific
piece of work. Prior to the computer error, copyright infringement for the
most part was a lot easier to control and monitor. Although copyright
infringement before computers may have been easier to monitor, it was
also harder for people to copyright works of art. This is due to the tools that
were available to those that wanted to copy the works of art or other
information. This all change though once there was technological advances
and the everyday use of computers. Once computers came into the picture,
the tables turned. Now it is a lot easier for people to copy material since it
is a lot harder to monitor now. For example multiple web sites to per to per
sharing or files. Music has become a major problem in the area of copyright
infringement. With this new advancement in technology, the definition of
copyright infringement has to be up dated to include the cyber world.
Internet copyright infringement is a form of intellectual property theft,
and it can lead to significant legal penalties and security issues. Common
Internet copyright violations include illegally downloading music files and
movies as well as pirating certain types of software applications. Posting a
copyrighted work, such as a drawing or writing, online without permission
from the owner may also constitute Internet copyright infringement (What
Is Internet Copyright Infringement). Online copyright infringement can
result in a range of legal problems for unauthorized users. Typically, the
penalties for Internet copyright infringement vary based on the severity of
the crime. People found guilty of lesser types of infringement, such as
illegally downloading a couple of music files, may simply be fined. Greater
violations, however, can lead to jail time (What Is Internet Copyright
Infringement). People who participate in illegal Internet downloading
can inadvertently put their computer security systems at risk. Computer
hackers often capitalize on web sites that provide users with the ability to
illegally download music, videos, and software. Some hackers purposely
infect the files on these sites with harmful codes that can be difficult to
uncover and eliminate. An Internet users computer may become infected
when one of these contaminated files is downloaded on it (What Is Internet
Copyright Infringement).
History of copyright litigation
In large part, linking and framing are not held to be copyright infringement
under US and German copyright law, even though the underlying Web
pages are protected under copyright law. Because the copyright-protected
content is stored on a server other than that of the linking or framing
person (it is stored on the plaintiff's server), there is typically no infringing
"copy" made by the defendant linking or framing person (as may be
essential), on which to base liability. Some European countries take a more
protective view, however, and hold unauthorized framing and so-called
deep linking unlawful.
Denmark
Danish Newspaper Publishers Association v. Newsbooster
The Bailiff's Court of Copenhagen ruled in July 2002 against the Danish
website Newsbooster, holding, in a suit brought by the Danish Newspaper
Publishers Association (DNPA), that Newsbooster had violated Danish
copyright law by deep linking to newspaper articles on Danish newspapers'
Internet sites. Newsbooster's service allows users to enter keywords to
search for news stories, and then deep links to the stories are provided. The
DNPA said that this conduct was "tantamount to theft." The court ruled in
favor of the DNPA, not because of the mere act of linking but because
Newsbooster used the links to gain commercial advantage over the DNPA,
which was unlawful under the Danish Marketing Act. The court enjoined
Newsbooster's service.
DNPA v. Google
In November 2008, the DNPA, citing its success against Newsbooster,
demanded that Google stop deep linking to stories in Danish newspapers
without paying royalties.


United States
Washington Post v. Total News
In February 1997 the Washington Post, CNN, the Los Angeles Times, Dow
Jones (Wall Street Journal), and Reuters sued Total News Inc. for framing
their news stories on the Total News Webpage. The complaint was filed in
New York federal district court. The case was settled in June 1997, on the
basis that linking without framing would be used in the future.
Ticketmaster v. Microsoft
In April 1997 Ticketmaster Corp. sued Microsoft Corp. in Los Angeles
federal district court for deep linking. Ticketmaster objected to Microsoft's
bypassing the home and intermediate pages on Ticketmaster's site,
claiming that Microsoft had "pilfered" its content and diluted its value.
Microsoft's Answer raised a number of defenses explained in detail in its
pleadings, including implied license, contributory negligence, and voluntary
assumption of the risk. Microsoft also, argued that Ticketmaster had
breached an unwritten Internet code, under which any Web site operator
has the right to link to anyone else's site. A number of articles in the trade
press derided Ticketmaster's suit. The case was settled in February 1999,
on confidential terms. But Microsoft stopped the deep linking and instead
used a link to Ticketmaster's home page.

Q.4. What is E-Commerce? Elucidate the important issues in
Global E- Commerce?
A.-
Electronic commerce, commonly known as E-commerce or eCommerce, is
trading in products or services using computer networks, such as the
Internet. Electronic commerce draws on technologies such as mobile
commerce, electronic funds transfer, supply chain management, Internet
marketing, online transaction processing, electronic data interchange (EDI),
inventory management systems, and automated data collection systems.
Modern electronic commerce typically uses the World Wide Web for at
least one part of the transaction's life cycle, although it may also use other
technologies such as e-mail, mobile devices, social media, and telephones.
Electronic commerce is generally considered to be the sales aspect of e-
business. It also consists of the exchange of data to facilitate the financing
and payment aspects of business transactions. This is an effective and
efficient way of communicating within an organization and one of the most
effective and useful ways of conducting business. It is a market entry
strategy where the company may or may not have a physical presence.
E-commerce businesses usually employ some or all of the following
practices:
Provide Etail or "virtual storefronts" on websites with online catalogs,
sometimes gathered into a "virtual mall".
Buy or sell on websites or online marketplaces.
Gather and use demographic data through web contacts and social
media.
Use electronic data interchange, the business-to-business exchange
of data.
Reach prospective and established customers by E-mail or fax (for
example, with newsletters).
Use business-to-business buying and selling.
Provide secure business transactions.

The important issues in Global E- Commerce:
I. Market Access Issues
1. TELECOMMUNICATIONS INFRASTRUCTURE AND INFORMATION
TECHNOLOGY
Global electronic commerce depends upon a modern, seamless, global
telecommunications network and upon the computers and "information
appliances" that connect to it.
8
Unfortunately, in too many countries,
telecommunications policies are hindering the development of advanced
digital networks. Customers find that telecommunications services often
are too expensive, bandwidth is too limited, and services are unavailable or
unreliable. Likewise, many countries maintain trade barriers to imported
information technology, making it hard for both merchants and customers
to purchase the computers and information systems they need to
participate in electronic commerce.
2. CONTENT
The government supports the broadest possible free flow of information
across international borders. This includes most informational material now
accessible and transmitted through the Internet, including through World
Wide Web pages, news and other information services, virtual shopping
malls, and entertainment features, such as audio and video products, and
the arts. This principle extends to information created by commercial
enterprises as well as by schools, libraries, governments and other
nonprofit entities.
3. TECHNICAL STANDARDS
Standards are critical to the long term commercial success of the Internet
as they can allow products and services from different vendors to work
together. They also encourage competition and reduce uncertainty in the
global marketplace. Premature standardization, however, can "lock in"
outdated technology. Standards also can be employed as de facto non-tariff
trade barriers, to "lock out" non-indigenous businesses from a particular
national market.



II. Financial Issues
4. CUSTOMS AND TAXATION
For over 50 years, nations have negotiated tariff reductions because they
have recognized that the economies and citizens of all nations benefit from
freer trade. Given this recognition, and because the Internet is truly a global
medium, it makes little sense to introduce tariffs on goods and services
delivered over the Internet.
Further, the Internet lacks the clear and fixed geographic lines of transit
that historically have characterized the physical trade of goods. Thus, while
it remains possible to administer tariffs for products ordered over the
Internet but ultimately delivered via surface or air transport, the structure
of the Internet makes it difficult to do so when the product or service is
delivered electronically.
Nevertheless, many nations are looking for new sources of revenue, and
may seek to levy tariffs on global electronic commerce.
5. ELECTRONIC PAYMENT SYSTEMS
New technology has made it possible to pay for goods and services over the
Internet. Some of the methods would link existing electronic banking and
payment systems, including credit and debit card networks, with new retail
interfaces via the Internet. "Electronic money," based on stored-value,
smart card, or other technologies, is also under development. Substantial
private sector investment and competition is spurring an intense period of
innovation that should benefit consumers and businesses wishing to
engage in global electronic commerce.
At this early stage in the development of electronic payment systems, the
commercial and technological environment is changing rapidly. It would be
hard to develop policy that is both timely and appropriate. For these
reasons, inflexible and highly prescriptive regulations and rules are
inappropriate and potentially harmful. Rather, in the near term, case-by-
case monitoring of electronic payment experiments is preferred.
From a longer term perspective, however, the marketplace and industry
self-regulation alone may not fully address all issues. For example,
government action may be necessary to ensure the safety and soundness
of electronic payment systems, to protect consumers, or to respond to
important law enforcement objectives.
III. Legal Issues
6. 'UNIFORM COMMERCIAL CODE' FOR ELECTRONIC COMMERCE
In general, parties should be able to do business with each other on the
Internet under whatever terms and conditions they agree upon.
Private enterprise and free markets have typically flourished, however,
where there are predictable and widely accepted legal environments
supporting commercial transactions. To encourage electronic commerce,
the government should support the development of both a domestic and
global uniform commercial legal framework that recognizes, facilitates, and
enforces electronic transactions worldwide. Fully informed buyers and
sellers could voluntarily agree to form a contract subject to this uniform
legal framework, just as parties currently choose the body of law that will
be used to interpret their contract.
Participants in the marketplace should define and articulate most of the
rules that will govern electronic commerce. To enable private entities to
perform this task and to fulfill their roles adequately, governments should
encourage the development of simple and predictable domestic and
international rules and norms that will serve as the legal foundation for
commercial activities in cyberspace.
7. INTELLECTUAL PROPERTY PROTECTION
Commerce on the Internet often will involve the sale and licensing of
intellectual property. To promote this commerce, sellers must know that
their intellectual property will not be stolen and buyers must know that
they are obtaining authentic products.
International agreements that establish clear and effective copyright,
patent, and trademark protection are therefore necessary to prevent piracy
and fraud. While technology, such as encryption, can help combat piracy,
an adequate and effective legal framework also is necessary to deter fraud
and the theft of intellectual property, and to provide effective legal
recourse when these crimes occur. Increased public education about
intellectual property in the information age will also contribute to the
successful implementation and growth of the GII.
8. PRIVACY
Americans treasure privacy, linking it to our concept of personal freedom
and well- being. Unfortunately, the GII's great promise -- that it facilitates
the collection, re-use, and instantaneous transmission of information -- can,
if not managed carefully, diminish personal privacy. It is essential,
therefore, to assure personal privacy in the networked environment if
people are to feel comfortable doing business.
At the same time, fundamental and cherished principles like the First
Amendment, which is an important hallmark of American democracy,
protect the free flow of information. Commerce on the GII will thrive only if
the privacy rights of individuals are balanced with the benefits associated
with the free flow of information.
9. SECURITY
The GII must be secure and reliable. If Internet users do not have
confidence that their communications and data are safe from unauthorized
access or modification, they will be unlikely to use the Internet on a routine
basis for commerce.
A secure GII requires:
1. secure and reliable telecommunications networks;
2. effective means for protecting the information systems attached to those
networks;
3. effective means for authenticating and ensuring confidentiality of
electronic information to protect data from unauthorized use; and
4. well trained GII users who understand how to protect their systems and
their data.


Q.5. Briefly examine the Aims and Objectives of the Information
Technology Act, 2000?
A.-
In May 2000, both the houses of the Indian Parliament passed the
Information Technology Bill. The Bill received the assent of the President in
August 2000 and came to be known as the Information Technology Act,
2000. Cyber laws are contained in the IT Act, 2000.
This Act aims to provide the legal infrastructure for e-commerce in India.
And the cyber laws have a major impact for e-businesses and the new
economy in India. So, it is important to understand what are the various
perspectives of the IT Act, 2000 and what it offers.
The Information Technology Act, 2000 also aims to provide for the legal
framework so that legal sanctity is accorded to all electronic records and
other activities carried out by electronic means. The Act states that unless
otherwise agreed, an acceptance of contract may be expressed by
electronic means of communication and the same shall have legal validity
and enforceability. Some highlights of the Act are listed below:
Chapter-II of the Act specifically stipulates that any subscriber may
authenticate an electronic record by affixing his digital signature. It further
states that any person can verify an electronic record by use of a public key
of the subscriber. Chapter-III of the Act details about Electronic
Governance and provides inter alia amongst others that where any law
provides that information or any other matter shall be in writing or in the
typewritten or printed form, then, notwithstanding anything contained in
such law, such requirement shall be deemed to have been satisfied if such
information or matter is - rendered or made available in an electronic
form; and accessible so as to be usable for a subsequent reference. The
said chapter also details the legal recognition of Digital Signatures.
Chapter-IV of the said Act gives a scheme for Regulation of Certifying
Authorities. The Act envisages a Controller of Certifying Authorities who
shall perform the function of exercising supervision over the activities of
the Certifying Authorities as also laying down standards and conditions
governing the Certifying Authorities as also specifying the various forms
and content of Digital Signature Certificates. The Act recognizes the need
for recognizing foreign Certifying Authorities and it further details the
various provisions for the issue of license to issue Digital Signature
Certificates. Chapter-VII of the Act details about the scheme of things
relating to Digital Signature Certificates. The duties of subscribers are also
enshrined in the said Act. Chapter-IX of the said Act talks about penalties
and adjudication for various offences. The penalties for damage to
computer, computer systems etc. has been fixed as damages by way of
compensation not exceeding Rs. 1,00,00,000 to affected persons. The Act
talks of appointment of any officers not below the rank of a Director to the
Government of India or an equivalent officer of state government as an
Adjudicating Officer who shall adjudicate whether any person has made a
contravention of any of the provisions of the said Act or rules framed there
under. The said Adjudicating Officer has been given the powers of a Civil
Court. Chapter-X of the Act talks of the establishment of the Cyber
Regulations Appellate Tribunal, which shall be an appellate body where
appeals against the orders passed by the Adjudicating Officers, shall be
preferred. Chapter-XI of the Act talks about various offences and the said
offences shall be investigated only by a Police Officer not below the rank of
the Deputy Superintendent of Police. These offences include tampering
with computer source documents, publishing of information, which is
obscene in electronic form, and hacking. The Act also provides for the
constitution of the Cyber Regulations Advisory Committee, which shall
advice the government as regards any rules, or for any other purpose
connected with the said act. The said Act also proposes to amend the
Indian Penal Code, 1860, the Indian Evidence Act, 1872, The Bankers' Books
Evidence Act, 1891, The Reserve Bank of India Act, 1934 to make them in
tune with the provisions of the IT Act.
THE AIMS AND OBJECTIVES OF THE ACT :
(a) a facilitating Act, (b) an enabling Act, and ( c) a regulating Act
(a) A Facilitating Act:
The Information Technology Act, 2000 is a facilitating Act as it facilitates
both e-commerce and e-governance. Interestingly, the UNCITRAL Model
Law of E-commerce on which this Act is based has made no reference to e-
governance. But it was the collective wisdom of the legislature, which saw
the necessity of introducing concepts like e-governance in this Act. Infact,
the entire Chapter III of the Act is devoted to e-governance and e-
governance practices. There are 7 sections in the aforesaid Chapter III of
the Act, from section 4 to section 10, which deal with e-governance issues.
These sections form the basic law related to electronic governance rights,
which have been conferred to the persons and the Government(s) both
Central and State Governments. It is applicable to the whole of India,
including the State of Jammu and Kashmir. It is important to understand
that the Information Technology Act, 2000 is the first enactment of its kind
in India, which grants e- governance rights to the citizens of India
(b) An Enabling Act :
The Information Technology Act, 2000 is an enabling Act as it enables a
legal regime of electronic records and digital signatures. That is, in order to
be called legally binding all electronic records, communications or
transactions must meet the fundamental requirements, one authenticity of
the sender to enable the recipient (or relying party) to determine who
really sent the message, two messages integrity, the recipient must be able
to determine whether or not the message received has been modified en
route or is incomplete and third, non-repudiation, the ability to ensure that
the sender cannot falsely deny sending the message, nor falsely deny the
contents of the message. The Act provides for Digital signatures, which may
be considered functional equivalent to physical world signatures capable of
meeting all thefundamental requirements, like authenticity of the sender,
message integrityand non-repudiation. Digital signature is a misnomer. It
does not meanscanning the handwritten signatures electronically. In fact by
applying digital signatures one may actually transform an electronic
message into an alphanumeric code. It requires a key pair (private key for
encryption and public key for decryption) and a hash function (algorithm).
(c) A Regulating Act :
The Information Technology Act, 2000 is a regulating Act as it regulates
cyber crimes. As stated above, cyber crime is a collective term
encompassing both cyber contraventions and cyber offences. The Act not
only demarcates contraventions from offences, but also provides a
separate redressal mechanism for both.