TheInformation Technology Act,2000
Newcommunication systems and digital technology have made dramatic changes in wayof transacting business. Use of computers to create, transmit and storeinformation is increasing. Computer has many advantages in e-commerce. It isdifficult to shift business from paper to electronic form due to two legalhurdles - (a) Requirements as to writing and (b) Signature for legalrecognition. Many legal provisions assume paper based records and documents andsignature on paper.
The GeneralAssembly of the United Nations by resolution dated the 30th January, 1997adopted the Model Law on Electronic Commerce and recommended that allStates should give favourable consideration to the Model Law when they enact orrevise their laws.
TheInformation Technology Act has been passed to give effect to the UN resolutionand to promote efficient delivery of Government services by means of reliableelectronic records.
As perpreamble to the Act, the purpose of Act is (a) to provide legal recognition fortransactions carried out by means of electronic data interchange and othermeans of electronic communication, commonly referred to as "electroniccommerce", which involve the use of alternatives to paper-based methods ofcommunication and storage of information and (b) to facilitate electronicfiling of documents with the Government agencies. - - The Act came into effecton 17.10.2000.
The Act doesnot apply to — (a) a negotiable instrument as defined in section13 of the Negotiable Instruments Act, except cheque (b) a power-of-attorneyas defined in section 1A of the Powers-of-Attorney Act (c) a trust as definedin section 3 of the Indian Trusts Act(d) a will as defined in section2(h) of the Indian Succession Act, including any other testamentary dispositionby whatever name called (e) any contract for the sale or conveyance ofimmovable property or any interest in such property (f) any suchclass of documents or transactions as may be notified by the Central Governmentin the Official Gazette. - - Broadly, documents which are required to bestamped are kept out of the provisions of the Act.
Overview ofthe Act- The Act provides for - * Electronic contracts will be legally valid * Legalrecognition of digital signatures * Digital signature to be effected by use ofasymmetric crypto system and hash function * Security procedure for electronicrecords and digital signature * Appointment of Certifying Authorities andController of Certifying Authorities, including recognition of foreignCertifying Authorities * Controller to act as repository of all digitalsignature certificates * Certifying authorities to get License to issue digitalsignature certificates * Various types of computer crimes defined and stringentpenalties provided under the Act * Appointment of Adjudicating Officer forholding inquiries under the Act * Establishment of Cyber Appellate Tribunalunder the Act * Appeal from order of Adjudicating Officer to Cyber AppellateTribunal and not to any Civil Court * Appeal from order of CyberAppellate Tribunal to High Court * Act to apply for offences or contraventionscommitted outside India * Network service providers not to be liable in certaincases * Power of police officers and other officers to enter into any publicplace and search and arrest without warrant * Constitution of Cyber RegulationsAdvisory Committee who will advice the Central Government and Controller
What does ITAct enable? - The Information Technology Act enables:* Legal recognitionto Electronic Transaction / Record * Facilitate Electronic Communication bymeans of reliable electronic record * Acceptance of contract expressed byelectronic means * Facilitate Electronic Commerce and Electronic Datainterchange * Electronic Governance * Facilitate electronic filing of documents* Retention of documents in electronic form * Where the law requires thesignature, digital signature satisfy the requirement * Uniformity of rules,regulations and standards regarding the authentication and integrity ofelectronic records or documents * Publication of official gazette in theelectronic form * Interception of any message transmitted in the electronic orencrypted form * Prevent Computer Crime, forged electronic records,international alteration of electronic records fraud, forgery or falsificationin Electronic Commerce and electronic transaction.
Digital signature - Any subscriber may authenticate anelectronic record by affixing his digital signature. [section 3(1)].“Subscriber" means a person in whose name the Digital SignatureCertificate is issued. [section 2(1)(zg)]. "Digital SignatureCertificate" means a Digital Signature Certificate issued under section35(4) [section 2(1)(q)].
"Digitalsignature" means authentication of any electronic record by a subscriberby means of an electronic method or procedure in accordance with the provisionsof section 3. [section 2(1)(p)].
"Affixingdigital signature" with its grammatical variations and cognate expressionsmeans adoption of any methodology or procedure by a person for the purpose ofauthenticating an electronic record by means of digital signature. [section2(1)(d)].
Authenticationof records - The authentication of the electronic record shall beeffected by the use of asymmetric crypto system and hash function which envelopand transform the initial electronic record into another electronic record.[section 3(2)].
Verificationof digital signature - Any person by the use of a public key ofthe subscriber can verify the electronic record. [section 3(3)]. The privatekey and the public key are unique to the subscriber and constitute afunctioning key pair. [section 3(4)].
The idea issimilar to locker key in a bank. You have your ‘private key’ while bank managerhas ‘public key’. The locker does not open unless both the keys come togethermatch.
Electronic recordsacceptable unless specific provision to contrary - Where anylaw provides that information or any other matter shall be in writing or in thetypewritten or printed form, then, notwithstanding anything contained in suchlaw, such requirement shall be deemed to have been satisfied if suchinformation or matter is - (a) rendered or made available in an electronicform; and (b) accessible so as to be usable for a subsequent reference.[section 4]. - - Unless there is specific provision in law to contrary,electric record or electronic return is acceptable. - - Soon, it will bepossible to submit applications, income tax returns and other returns throughinternet.
Department or ministry cannot be compelled to accept electronicrecord- Section 8 makes it clear that no department or ministry can be compelled toaccept application, return or any communication in electronic form.
Legalrecognition of digital signatures - Where any law provides thatinformation or any other matter shall be authenticated by affixing thesignature or any document shall be signed or bear the signature of any personthen, notwithstanding anything contained in such law, such requirement shall bedeemed to have been satisfied, if such information or matter is authenticatedby means of digital signature affixed in such manner as may be prescribed bythe Central Government. - - "Signed", with its grammatical variationsand cognate expressions, shall, with reference to a person, mean affixing ofhis hand written signature or any mark on any document and the expression"signature" shall be construed accordingly. [section 5].
Securedigital signature - If, by application of a security procedureagreed to by the parties concerned, it can be verified that a digitalsignature, at the time it was affixed, was - (a) unique to the subscriberaffixing it (b) capable of identifying such subscriber (c) created in amanner or using a means under the exclusive control of the subscriber and islinked to the electronic record to which it relates in such a manner that ifthe electronic record was altered the digital signature would be invalidated, -- then such digital signature shall be deemed to be a secure digital signature.[section 15].
Certifying digital signature - Thedigital signature will be certified by ‘Certifying Authority’. The ‘certifiedauthority’ will be licensed, supervised and controlled by ‘Controller ofCertifying Authorities’