University Institute of Legal Studies
Ava Lodge,Chaura Maidan
Submitted to:
Submitted by:
Mrs.Priyam Kohli
Shantanu Sahota
Sub: IT Law
Class Roll no. 689
Xth Sem
�University Roll no.955
Introduction:
Since the beginning of civilization, man has always been motivated by the need to make
progress and better the existing technologies. This has led to tremendous development
and progress which has been a launching pad for further developments. Of all the
significant advances made by mankind from the beginning till date, probably the most
important of them is the development of Internet.
However, the rapid evolution of Internet has also raised numerous legal issues and
questions. As the scenario continues to be still not clear, countries throughout the world
are resorting to different approaches towards controlling, regulating and facilitating
electronic communication and commerce.
The Parliament of India has passed its first Cyberlaw, the Information Technology Act,
2000 which provides the legal infrastructure for E-commerce in India. The said Act has
received the assent of the President of India and has become the law of the land in
India.
At this juncture, it is relevant for us to understand what the IT Act,2000 offers and its
various perspectives.
The object of The Information Technology Act,2000 as defined therein is as under :"to provide legal recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication, commonly referred to as
"electronic methods of communication and storage of information, to facilitate electronic
filing of documents with the Government agencies and further to amend the Indian
Penal Code, the Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891 and
the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental
thereto."
Towards that end, the said Act thereafter stipulates numerous provisions. The said Act
aims to provide for the legal framework so that legal sanctity is accorded to all electronic
records and other activities carried out by electronic means. The said Act further states
that unless otherwise agreed, an acceptance of contract may be expressed by
electronic means of communication and the same shall have legal validity and
�enforceability. The said Act purports to facilitate electronic intercourse in trade and
commerce, eliminate barriers and obstacles coming in the way of electronic commerce
resulting from the glorious uncertainties relating to writing and signature requirements
over the Internet. The Act also aims to fulfil its objects of promoting and developing the
legal and business infrastructure necessary to implement electronic commerce.
Chapter-II of the said Act specifically stipulates that any subscriber may authenticate an
electronic record by affixing his digital signature. It further states that any person by the
use of a public key of the subscriber can verify the electronic record.
CHAPTER III of the Act details about Electronic Governance and provides interalia
amongst others that where any law provides that information or any other matter shall
be in writing or in the typewritten or printed form, then, notwithstanding anything
contained in such law, such requirement shall be deemed to have been satisfied if such
information or matter is(a) rendered or made available in an electronic form; and
(b) accessible so as to be usable for a subsequent reference.
The said chapter also details about the legal recognition of Digital Signatures. The
various provisions further elaborate on the use of Electronic Records and Digital
Signatures in Government Agencies. The Act further talks of publications of rules and
regulations in the Electronic Gazette.
Chapter IV of the said Act gives a scheme for Regulation of Certifying Authorities. The
Act envisages a Controller of Certifying Authorities who shall perform the function of
exercising supervision over the activities of the Certifying Authorities as also laying
down standards and conditions governing the Certiying Authorities as also specifying
the various forms and content of Digital Signature Certificates. The Act recognises the
need for recognising foreign Certifying Authorities and it further details the various
provisions for the issue of license to issue Digital Signature Certificates.
Chapter VII of the Act details about the scheme of things relating to Digital Signature
Certificates. The duties of subscribers are also enshrined in the said Bill.
Chapter IX of the said Act talks about penalties and adjudication for various offences.
The penalties for damage to computer, computer system etc. have been fixed as
damages by way of compensation not exceeding Rs. 100,00,000/- to affected persons.
The Act talks of appointment of any officers not below the rank of a Director to the
Government of India or an equivalent officer of state government as an Adjudicating
�Officer who shall adjudicate whether any person has made a contravention of any of the
provisions of the said act or rules framed thereunder. The said Adjudicating Officer has
been given the powers of a Civil Court.
There is a provision in Chapter X which envisage the Cyber Regulations Appellate
Tribunal shall be an appellate body where appeals against the orders passed by the
Adjudicating Officers shall be preferred. The said Tribunal shall not be bound by the
principles of the Code of Civil Procedure but shall follow the principles of natural justice
and shall have the same powers as those are vested in a Civil Court. Against an order
or decision of the Cyber Appellate Tribunal, an appeal shall lie to the High Court.
Chapter XI of the said Act talks about various offences and the said offences shall be
investigated only by a Police Officer not below the rank of the Deputy Superintendent of
Police. These offences include tampering with computer source documents, publishing
of information which is obscene in electronic form, breach of confidentiality and privacy,
misrepresentation, publishing Digital Signature Certificate false in certain particulars and
publication for fraudulent purposes.
Hacking has been properly defined in Section 66 as, "Whoever with the intent to cause
or knowing that he is likely to cause wrongful loss or damage to the public or any person
destroys or deletes or alters any information residing in a computer resource or
diminishes its value or utility or affects it injuriously by any means, commits hacking."
Further for the first time, punishment for hacking as a cyber crime prescribed in the form
of imprisonment upto 3 years or with fine which may extend to Rs. 2,00,000/- or with
both. This is a welcome measure as hacking has assumed tremendous importance in
the present day scenario. On previous occasions, the web sites of the Government
have been hacked into but no legal provision within the existing legislation could be
invoked to cover "hacking" as a cyber crime. It shall now be possible to try and punish
hackers under section 66 of the IT Act,2000.
The said Act also provides for the constitution of the Cyber Regulations Advisory
Committee which shall advice the government as regards any rules or for any other
purpose connected with the said act. The said Act also has four Schedules which
amend the Indian Penal Code, 1860, the Indian Evidence Act, 1872, The Bankers'
Books Evidence Act, 1891, The Reserve Bank of India Act, 1934 to make them in tune
with the provisions of the IT Act.
The said IT Bill was tabled in Parliament in December, 1999 and was referred to the
Standing Committee on Science and Technology, Environment and Forests for
examination and report. The Standing Committee examined the said IT Bill 1999 and
proposed some stringent measures to further strengthen the legal infrastructure of the
�IT Bill 1999. The most positive aspect of the said report was that it recommended the
insertion of the definition and punishment for "hacking".
Looking from an overall perspective, the Information Technology Act,2000 is a laudable
effort by the Government to create the necessary legal infrastructure for promotion and
growth of electronic commerce. As on date, the judiciary in India is reluctant to accept
electronic records and communications as evidence. Even email has not been defined
in the prevailing statutes of India and is not an accepted legal form of communication as
evidence in a court of law as of today. The said IT Act,2000 indeed is a step forward in
that direction also.
Positive aspects of I.T.Law:
From the perspective of the corporate sector, the IT Act 2000 and its provisions contain
the following positive aspects:(A) The implications of these provisions for the corporate sector would be that email will
now be a valid and legal form of communication in our country, which can be duly
produced and approved in a court of law. The corporates today thrive on email, not only
as the form of communication with entities outsides the company but also email is used
as an indispensable tools for intra company communication. Till now it has been seen
that the corporates in their intra company communications on email have not been very
careful in using the language in such emails. Corporates will have to understand that
they shall need to be more careful while writing emails, whether outside the company or
within as the same with whatever language could be proved in the court of law,
sometimes much to the detriment of the company. Even intra company notes and
memos, till now used only for official purposes, shall also be coming within the ambit of
the IT Act and will be admissible as evidence in a court of law. A possible consequence
of the same for a typical wired company would be that any employee, unhappy with a
particular email communication, whether in personal or received in a official or personal
capacity, may make the said email as the foundation for launching a litigation in a court
�of law. Further, when a company executive sends an email to another executive in the
company with some defamatory or other related material and copies the same to others,
there are possibilities that he may land in a litigation in a court of law.
(B)Companies shall now be able to carry out electronic commerce using the legal
infrastructure provided by the Act. Till now, the growth of Electronic commerce was
impeded in our country basically because there was no legal infrastructure to regulate
commercial transactions online.
( C ) Corporates will now be able to use digital signatures to carry out their transactions
online. These digital signatures have been given legal validity and sanction in the Act.
(D) The Act also throws open the doors for the entry of corporates in the business of
being of being Certifying Authorities for issuing Digital Signatures Certificates. The Act
does not make any distinction between any legal entity for being appointed as a
Certifying Authority so long as the norms stipulated by the government have been
followed.
(E) The Act also enables the companies to file any form, application or any other
document with any office, authority, body or agency owned or controlled by the
appropriate Government in the electronic form by means of such electronic form as may
be prescribed by the appropriate Government. India is rapidly moving ahead in the field
of electronic governance and it will not be long before governments start taking
applications or issuing licence, permit, sanction or approvals ,by whatever name called,
online . This provision shall be a great leveler as this will enable all kinds of companies
to do a lot of their interaction with different government departments online, thereby
saving costs, time and wastage of precious manpower.
(F) Corporates are mandated by different laws of the country to keep and retain
valuable and corporate information. The IT Act enables companies legally to retain the
said information in the electronic form, if(a) the information contained therein remains accessible so as to be usable for a
subsequent reference;
(b) the electronic record is retained in the format in which it was originally generated,
sent or received or in a format which can be demonstrated to represent accurately the
information originally generated, sent or received;
�(c) the details which will facilitate the identification of the origin, destination, date and
time of dispatch or receipt of such electronic record are available in the electronic
record:
(G) The It Act also addresses the important issues of Security which are so critical to the
success of electronic transactions. The Act has also given a legal definition to the
concept of secure digital signatures which would be required to have been passed
through a system of a security procedure, as stipulated by the government at a later
date. In the times to come, secure digital signatures shall play a big role in the New
Economy particularly from the perspective of the corporate sector as it will enable a
more secure transaction online.
In today's scenario, information is supreme. Information is stored on their respective
computer systems by the companies apart from maintaining a back up. Under the IT
Act,2000, it shall now be possible for corporates to have a statutory remedy in case if
anyone breaks into their computer systems or network and causes damages or copies
data. The remedy provided by the Act is in the form of monetary damages not
exceeding Rs.100,00,000. This penalty of damages apply to any person who, without
permission of the owner or any other person who is in charge of a computer, computer
system or computer network,(a) accesses or secures access to such computer, computer system or computer
network.
(b) downloads, copies or extracts any data, computer data base or information from
such computer, computer system or computer network including information or data
held or stored in any removable storage medium;
(c) introduces or causes to be introduced any computer contaminant or computer virus
into any computer, computer system or computer network;
(d) damages or causes to be damaged any computer, computer system or computer
network, data, computer data base or any other programmes residing in such computer,
computer system or computer network;
(e) disrupts or causes disruption of any computer, computer system or computer
network;
(f) denies or causes the denial of access to any person authorised to access any
computer, computer system or computer network by any means;
�(g) provides any assistance to any person to facilitate access to a computer, computer
system or computer network in contravention of the provisions of this Act, rules or
regulations made thereunder,
(h) charges the services availed of by a person to the account of another person by
tampering with or manipulating any computer, computer system, or computer network.
(H) Corporates in India can now take a sigh of relief as the IT Act has defined various
cyber crimes and has declared them penal offences punishable with imprisonment and
fine. These include hacking and damage to computer source code. Often corporates
face hacking into their systems and information. Till date, the corporates were in a
helpless condition as there was no legal redress to such issues.But the IT Act changes
the scene altogether.
Negative Aspects of I.T.Law:
�However, despite the overwhelming positive features of the IT Act,2000 for the
corporate sector, there are a couple of issues that concern the corporates in the said
Act:(1)The said step has come a bit late. With the phenomenon growth of Internet which
doubles approximately every 100 days, the said Act should have been passed long time
back.
(2)It may be pertinent to mention that the said Act purports to be applicable to not only
the whole of India but also to any offence or contravention there under committed
outside of India by any person. This provisions in section 1(2) is not clearly and happily
drafted. It is not clear as to how and in what particular manner, the said Act shall apply
to any offence or contravention there under committed outside of India by any person.
The enforcement aspect of the IT Act is an area of grave concern. Numerous difficulties
are likely to arise in the enforcement of the said Act as the medium of Internet has
shrunk the size of the world and slowly, national boundaries shall cease to have much
meaning in Cyberspace.
(3)It is also strange that section 1(4) of the said Act excludes numerous things from the
applicability of the IT Act. The Act does not apply to (a) a negotiable instrument as
defined in section 13 of the Negotiable Instruments Act, 1881; (b) a power of attorney as
defined in section 1 A of the Powers-of-Attorney Act, 1882; (c) a trust as defined in
section 3 of the Indian Trusts Act, 1882; (d) a will as defined in clause (h) of section 2 of
the Indian Succession Act, 1925 including any other testamentary disposition by
whatever name called; (e) any contract for the sale or conveyance of immovable
property or any interest in such property. The said IT Act already excludes numerous
important things. The Act talks about promoting electronic commerce and it begins by
excluding immovable property from the ambit of electronic commerce- a reasoning
which defies logic!
(4)The IT Act, 2000 does not touch at all the issues relating to Domain Names. Even
Domain Names have not been defined and the rights and liabilities of Domain Name
owners do not find any mention in the said law. It may be submitted that Electronic
Commerce is based on the system of Domain Names and excluding such important
issues from the ambit of India's First Cyberlaw does not appeal to logic.
(5)The IT Act, 2000 does not also deal at all with the Intellectual Property Rights of
Domain Name owners. Contentious yet very important issues concerning Copyright,
Trademark and Patent have been left untouched in the said law thereby leaving many
loopholes in the said law.
�(6)The IT Act talks about the use of electronic records and digital signatures in
government agencies. Yet, strangely it further says in section 9, that this does not confer
any right upon any person to insist that the document in questions should be accepted
in electronic form. The control of the Government is apparent, as the Controller of
Certifying Authorities has to discharge his functions subject to the general control and
direction of Central Government. The Internet and the phenomenon of electronic
commerce require that minimum hurdles and obstacles need to be put in their way. The
Act seeks to bureaucratize the entire process of controlling electronic commerce. This is
likely to result into consequences of delays and other related problems.
(7)As Cyberlaw is growing, so are the new forms and manifestations of cyber crimes.
The offences defines in the IT Act are by no means exhaustive. However, the drafting of
the relevant provisions of the IT Act make it appear as if the offences detailed in the said
IT Act are the only Cyber offences possible and existing. For example, cyber offences
like cybertheft, cyberstalking, cyber harassment and cyber defamation are not covered
under the Act.
(8)The IT Act talks of Adjudicating Officers who shall adjudicate whether any person has
committed a contravention of any provisions of this Act of any rules, regulations,
directions or order made there under. How these Adjudicating Officers will adjudicate
the contravention of the Act has not been made clear or well defined. Further, it has also
not been specified as to how the said Adjudicating Officers shall determine whether any
contravention of the Act or any offence has been committed by any person out side
India. Further, what authority would these Adjudicating Officers have viz-a-viz persons
out side India who have committed any cyber offences have not been defined. No
definitive procedure for adjudication by Adjudicating Officers has been exhaustively
spelt out by the IT Act. Further the territorial jurisdiction of the said Adjudicating Officers
and also the Cyber Regulations Appellate Tribunal has not been defined.
(9)Section 55 of the IT Act states that no order of the Central Government appointing
any person as the Presiding Officer of a Cyber Appellate Tribunal shall be called in
question in any manner and no Act or proceeding before a Cyber Appellate Tribunal
shall be called in question in any manner on the ground merely of any defect in the
constitution of a Cyber Appellate Tribunal. The said provisions is violative of the
Fundamental Rights of the citizens as are enshrined in Chapter III of the Constitution of
India and the said provision is not expedient and is likely to be struck down by the
courts. The Central Government cannot claim immunity in appointments to Cyber
Appellate Tribunal, as the same is contrary to the spirit of the Constitution of India.
Further, it may be submitted that if there is a defect in the constitution of a Cyber
Appellate Tribunal, that goes to the root of the matter and renders all proceedings and
acts of the said Cyber Appellate Tribunal null & void abinitio.
�(10)Further the said IT Act talks of any agency of the government intercepting any
information transmitted through any computer resource if the same is necessary in the
interest of the sovereignty or integrity of India, the security of the State, friendly relations
with foreign States or public order or for preventing incitement to the commission of any
cognizable offence. This is one provision which is likely to be misused by future
governments to suit their political motives as also for the purpose of victimization. No
standards or provisions have been laid down by the IT Act, which define any conditions
detailed above. The supporters of the cause of individual privacy and freedom see this
provisions as a gross violation of individual freedom and that aforesaid conditions are
unreasonable restrictions, which are not permissible in the context of the rapid growth of
Internet.
(11)Further, the said IT Act is likely to cause a conflict of jurisdiction.
(12)Another major gray area is that the draconian powers given to a police officer not
below rank of the Deputy Superintendent of Police under Section 80 of the Act have
been left untouched. Nowhere in the world do be find a parallel such a wide an
unrestricted power to given to any officer for the purpose of investigating and preventing
the commission of a cyber crime. After all, the power given by the IT Act to the said DSP
includes the power to " enter any public place and search and arrest without warrant
any person found therein who is reasonably suspected or having committed or of
committing or of being about to commit any offence under this Act." The said power has
been given without any restrictions of any kind whatsoever. It is very much possible that
the same is likely to be misused and abused in the context of Corporate India as
companies have public offices which would come within the ambit of "public place"
under Section 80 and companies will not be able to escape potential harassment from
the hands of the DSP . This area of the IT Act can be one of the greatest concerns for
the government, the industry and the people at large.
(13)The biggest concern about the new Indian Cyberlaw relates to its implementation.
The said Act does not lay down parameters for its implementation. Also when Internet
penetration in India is extremely low and government and police officials, in general are
not at all, computer savvy, the new Indian Cyberlaw raises more questions than it
answers them. It seems that the Parliament would be required to amend the IT Act,
2000 to remove the gray areas mentioned above.
�Conclusion:
All said and done, The Information Technology Act,2000 is a great achievement and a
remarkable step ahead in the right direction. The IT Act is a first step taken by the
Government of India towards promoting the growth of electronic commerce so that
Electronic Commerce in India can leap frog to success. Despite all its failings, it is a first
historical step. The other steps have to follow.
