Entrepreneurs’ increasingly use computers to create transmit and store information in electronic form instead of traditional paper form. Information stored in this form is cheaper, easier to store and retrieve. New communication system and digital technologies are used to transact business electronically. Though, such kind of electronic form has its own advantages but people are reluctant to conduct business due to lack of proper legal frame work. E Commerce (Electronic Commerce) eliminates the need of paper based transactions however, two main hindrances in facilitating E commerce are writing and signature for legal documents.
Indian Government realized the need of the hour so thought of introducing a law to facilitate e-commerce and give legal recognitions to electronic records and digital signatures. This need gave birth to legal recognitions to electronic commerce and introduced Information Technology Bill 1999. Further, in the year 2000 both house of parliament passed the Bill which received President’s assent in August 2000 which was named Information Technology Bill 2000 and was a part of it.
Objectives of the Act:
- The act was formed to give legal recognitions to.
- Digital Signature for authentication.
- Grant recognition for transaction carried out by means of Electronic Data Interchange.
- Facilitate electronic filing of documents with Government Departments.
- Facilitate Electronic Storage of Data.
- Legal sanctions to Electronic fund transfer between banks and financial sectors.
- Provide legal recognition for keeping accounts by bankers in electronic form.
- To amend the Indian Penal Code, Indian Evidence Act of 1872, Banker’s Book Evidence Act 1891 and the Reserve Bank Act of 1934.
The Information Technology Act, 2000 consists of 94 sections spread over 13 chapters and 4 schedules. This Act is extended to the whole of India and it applies to any offence committed outside India. This Act will not apply to Power of Attorney Act, Negotiable Instruments Act, India Trusts Act, Indian Succession Act, contract for sale of immovable property and any transaction or document notified by the Central Government in the official Gazette.
Digital Signature is like a handwritten signature which is difficult for the sender to forge and for the receiver to reproduce. A technology called Key Pair; Public Key is used for distribution whereas the private key is used by the user himself. Any document to be valid needs has to have integrity and signed. Hash function or hashing is used to maintain integrity and digital signature used for authentication of data. Hash Function is an algorithm which is run over the message or content of agreement and it generates a big alphanumeric number known as message digest. The message digest is encrypted with private key and generates a value known as Digital Signature.
Digital Certificate concept was introduced to deal with the hacker who target high end security systems. It is used to ensure the receiver that the senders’ public key is valid. To obtain a digital certification the sender needs to send the public key to Certification Authority along with the information specific to its identification and other information. The Authority then verifies whether the information is valid or not. The duties of the Controllers of these certifying authorities are to exercise supervision, certify public keys, specifying the terms and conditions, specifying the contents of written or visual material along with keeping a check on experience and qualifications of the employees handling the data.
Cyber Regulations and certifying authorities:
The Government of India makes rules, Cyber Act Regulations Authority regulates and controls the participants as per rules, Controller of Certifying Authority controls these authorities, Certifying Authorities issue digital certificate for digital signatures to subscribers and the subscriber creates digital signature.
The IT Act of 2000 establishes one more Cyber Law which is known as Cyber Regulation Appellate Tribunal. This body is not bound by principle of code of civil procedure but shall follow the principles of natural justice and shall have powers in the civil court. If any order is passed against the decision of the Cyber Appellate Tribunal an appeal would be made at the High Court.
Networking is so much prevalent that we barely know about its consequences. Section 79 states that Network Service Providers are not liable for third party information if they prove that the offenses committed were without its consent. Damages like introduction of virus, damage to computer system, disruption in network and provide unauthorized access to computer may lead to a penalty of Rs 1 crore to the affected person if decided by the Adjudicating Officer under section 43. Likewise, sections 65 to 78 deals with computer crimes.
Punishment for publishing obscene information may lead to 5 years of imprisonment with a fine of Rs 1 to 2 lakhs. Publishing false Digital Signature will lead to an imprisonment of 2 year or a fine of Rs 1 lakh. Hacking may lead to a fine of Rs 2 lakhs or an imprisonment of 3 years.
The above mentioned rules and regulations were introduced to follow certain rules and guidelines so that one is secure from intrusion and misuse. It shall provide level of reliability by adhering to security procedures and shall ensure compliance of act.