Information Technology Act2000 : Prepared by:
Gurvinderjeet Singh Information Technology Act2000 Background : Background Drew inspiration from Model Law on Electronic Commerce adopted by the United Nations Commission of International Trade Law (UNCITRAL).
The said resolution recommends inter alia that all states give favorable consideration to the said Model Law when they enact or revise their laws. THE INFORMATION TECHNOLOGY ACT, 2000 : THE INFORMATION TECHNOLOGY ACT, 2000 An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto. Objective OF IT ACT 2000 : Objective OF IT ACT 2000 Seeks to address two different aspects of technological revolution.
Providing legal recognition to electronic transactions and use of alternatives to paper-based methods of communications and storage etc.
Regulation and control of Cyber Crime and other offences.
Seeks to define various offences arising out of use of Digital Signatures
Lays guidelines for regulating these offences. Structure of the Act : Structure of the Act Chapter 1: Describes the scope and applicability of the act and the definitions clause.
Chapter 2: Authentication using digital signatures and asymmetric cryptosystem
Chapter 3: Legal recognition of electronic records and digital signatures.
Chapter 4: Contractual aspects of use of electronic records such as attribution, acknowledgement, time and place of dispatch and receipt. Contd.. : Contd.. Chapter 5: presumptions available to secure electronic records and digital signatures
Chapter 6,7,& 8: legal frame work within which DS can be issued and used.
Chapter 9,10 & 11: contraventions offences and penalties.
Chapter 12: single provision directed towards issue of network service provider liability
Chapter 13: miscellaneous provisions CHAPTER IIDIGITAL SIGNATURE : CHAPTER IIDIGITAL SIGNATURE The authentication to be affected by use of asymmetric crypto system and hash function.
The private key and the public key are unique to the subscriber and constitute functioning key pair.
Verification of electronic record possible. CHAPTER IIIELECTRONIC GOVERNANCE : CHAPTER IIIELECTRONIC GOVERNANCE 4. Legal recognition of electronic records.
5. Legal recognition of digital signatures.
6. Use of electronic records and digital signatures in Government and its agencies.
The appropriate Government may, by rules, prescribe—
(a) the manner and format in which such electronic records shall be filed, created or issued;
(b) the manner or method of payment of any fee or charges for filing, creation or issue any electronic record Contd… : Contd… 7. Retention of electronic records.
8. Publication of rule, regulation, etc., in Electronic Gazette.
9. Sections 6,7 and 8 not to confer right to insist document should be accepted in electronic form.
10. Power to make rules by Central Government in respect of digital signature. CHAPTER IVATTRIBUTION, ACKNOWLEDGMENT AND DISPATCH OF ELECTRONIC RECORDS : CHAPTER IVATTRIBUTION, ACKNOWLEDGMENT AND DISPATCH OF ELECTRONIC RECORDS 11. Attribution of electronic records.
12. Acknowledgment of receipt.
13. Time and place of despatch and receipt of electronic record. CHAPTER VSECURE ELECTRONIC RECORDS AND SECURE DIGITAL SIGNATURES : CHAPTER VSECURE ELECTRONIC RECORDS AND SECURE DIGITAL SIGNATURES 14. Secure electronic record.
15. Secure digital signature.
16. Security procedure. CHAPTER VIREGULATION OF CERTIFYING AUTHORITIES : CHAPTER VIREGULATION OF CERTIFYING AUTHORITIES 17. Appointment of Controller and other officers.
The Central Government may, by notification in the Official Gazette, appoint a Controller of Certifying Authorities for the purposes of this Act and may also by the same or subsequent notification appoint such number of Deputy Controllers and Assistant Controllers as it deems fit.
The qualifications, experience and terms and conditions of service of Controller, Deputy Controllers and Assistant Controllers shall be such as may be prescribed by the Central Government. Contd.. : Contd.. 18. Functions of Controller.
Exercising supervision over the activities of the Certifying Authorities
Certifying public keys
Laying down the standards
Facilitating the establishment of any electronic system by a Certifying Authority / Certifying Authorities
Resolving any conflict of interests between the Certifying Authorities and the subscribers
Laying down the duties of the Certifying Authorities Contd.. : Contd.. Maintaining a data base containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to public.
Act as repository
Recognition of foreign Certifying Authorities.
Power to delegate
Power to investigate contraventions.
Access to data and computer systems CHAPTER VIIDIGITAL SIGNATURECERTIFICATES : CHAPTER VIIDIGITAL SIGNATURECERTIFICATES Any person may make an application to the Certifying Authority for issue of Digital Signature Certificate. The Certifying Authority while issuing such certificate shall certify that it has complied with the provisions of the Act.
The Certifying Authority has to ensure that the subscriber holds the private key corresponding to the public key listed in the Digital Signature Certificate and such public and private keys constitute a functioning key pair.
The Certifying Authority has the power to suspend or revoke Digital Signature Certificate. CHAPTER VIIIDUTIES OF SUBSCRIBERS : CHAPTER VIIIDUTIES OF SUBSCRIBERS Generating key pair.
Acceptance of Digital Signature Certificate.
Control of private key. CHAPTER IXPENALTIES AND ADJUD1CATION : CHAPTER IXPENALTIES AND ADJUD1CATION Penalty for damage to computer, computer system, etc.
liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.
Penalty for failure to furnish information return, etc.
liable to a penalty not exceeding one lakh and fifty thousand rupees for each such failure. CHAPTER XTHE CYBER REGULATIONS APPELLATETRIBUNAL : CHAPTER XTHE CYBER REGULATIONS APPELLATETRIBUNAL CHAPTER XIOFFENCES : CHAPTER XIOFFENCES Tampering with computer source documents.
Hacking with computer system.
Publishing of information which is obscene in electronic form.
Publication for fraudulent purpose. CHAPTER XIINETWORK SERVICE PROVIDERS NOT TO BE LIABLE IN CERTAIN CASES : CHAPTER XIINETWORK SERVICE PROVIDERS NOT TO BE LIABLE IN CERTAIN CASES No network service provider shall be liable under this Act, rules or regulations made thereunder for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention. CHAPTER XIIIMISCELLANEOUS : CHAPTER XIIIMISCELLANEOUS Power of police officer and other officers to enter, search, etc.
Controller, Deputy Controller and Assistant Controllers to be public servants.
Protection of action taken in good faith.
Offences by companies.
Power of Central Government to make rules.
Power of Controller to make regulations.