Legal Issues involved in Net Banking in India

There has been rapid development in banking sector services over a decade and banks in India
have started to use new technologies to provide efficient, prompt and hassle free services to its
customers. Internet is being the indispensible source which helps in fulfilling the demand and
supply of services cost effectively. E-banking have lots of incomparable features but with these
features there are lots of risks associated. Some of them are as follow:

Operational risk
Security risk
System architecture & design risk
Reputational risk
Legal risks
Money laundering risk
Strategic risk 1

Internet banking is an extended version of the traditional banking, which uses Internet both as a
medium and platform for receiving instructions, suggestions, advices and requests from the
customers and also delivering banking services. Hence, conceptually, various provisions of law,
which are applicable to traditional banking activities, are also applicable to E-banking.2
However, use of Internet in banking transactions, has put to question the legality of transactions
in the context of existing statute.3 Government of India has enacted, The Information
Technology Act, 2000, in order to provide legal recognition for transactions carried out by means
of electronic data interchange and other means of electronic communication. In the course of
providing E-banking services the banks in India are facing new challenges relating to online
opening of accounts, authentication, secrecy of customers accounts, non-repudiation, liability
standards and consumer protection, etc., each of which has been examined in the context of
existing legal framework.

1
See prof. Virender Singh Solanki, RISKS IN E-BANKING AND THEIR MANAGEMENT, International Journal of
Marketing, Financial Services & Management Research Vol.1 Issue 9, September 2012.
2
See Dasgupta, P. , Future of E banking in India, 2002, available at www.projectshub.com
3
Ganesan R, and Vivekanandan K, A secured hybrid architecture model for internet banking (e-banking), Journal
of Internet banking and commerce, April, vol.14, no.1., 2009.
The bankers action in good faith and without negligence have been discussed in various case
laws and one of the relevant passages from the judgment of Justice Chagla in the case of Bapulal
Premchand Vs Nath Bank Ltd.45 is as follows: Primarily, inquiry as to negligence must be
directed in order to find out whether there is negligence in collecting the cheque and not in
opening the account, but if there is any antecedent or present circumstance which aroused the
suspicion of the banker then it would be his duty before he collects the cheque to make the
necessary enquiry and undoubtedly one of the antecedent circumstances would be the opening of
the account. In certain cases failure to make enquiries as to the integrity of the proposed
customer would constitute negligence.

In the context of E-banking and after coming into force of the Information Technology Act,
2000, it may be possible for the banks to rely on the electronic signatures of the introducer.

The present legal regime does not set out the parameters as to the extent to which a person can be
bound in respect of an electronic instruction purported to have been issued by him. Generally,
authentication is achieved by what is known as security procedure. Methods and devices like the
personal identification numbers (PIN), code numbers, telephone-PIN numbers, relationship
numbers, passwords, account numbers and encryption are evolved to establish authenticity of an
instruction. From a legal perspective, the security procedure requires to be recognized by law as
a substitute for signature.6 Hence, Section 3(2) of the Information Technology Act, 2000, may
need to be amended to provide that the authentication of an electronic record may be effected
either by the use of the asymmetric crypto system and hash function, or a system as may be
mutually determined by the parties or by such other system as may be prescribed or approved by
the Central Government.7 If the agreed procedure is followed by the parties concerned it should
be deemed as being an authenticate transaction. A clarification to this effect by way of an
amendment of the aforesaid Act will facilitate the E-banking transactions.

The existing regime also imposes a legal obligation on the bankers to maintain secrecy and
confidentiality about the customers account. The law at present requires the banker to take

4
AIR 1946 Bom.482
5
Union of India Vs National Overseas Grindlays Bank Ltd. (1978) 48 Com.Cases 277 (Del).
6
See, Journal of Internet Banking and Commerce - www.Arraydev.com/commerce/jibc
7
See, Vikas Chauhan, Dr. Vipin Choudhary, InternetBanking:ChallengesandOpportunitiesin Indian Context,
JournalofManagementSciencesandTechnology2(3),June-2015.
scrupulous care not to disclose the state of his customer's account except on reasonable and
proper occasions.

However, if the password or the identification number is misplaced or lost or gets into the hands
of the wrong person and such person procures details about the customers account then the
banker may be faced with legal proceedings on the grounds of violation of the obligation to
maintain secrecy of the customer's accounts.8

Central Government has created a Group to look after the important aspect of the banking sector.
The Group is of the considered opinion that that this has been adequately taken care of by
Section 7 and Third Schedule of the Information Technology Act, 2000. There was no specific
enactment in India which protects privacy of customers. The Information Technology Act, 2000,
in Section 72 has provided for penalty for breach of privacy and confidentiality. Further, Section
79 of the Act has also provided for exclusion of liability of a network service provider for data
travelling through their network subject to certain conditions.9 Thus, the liability of banks for
breach of privacy when data is travelling through network is not clear. This aspect needs detailed
legal examination. The issue of ownership of transactional data stored in banks computer
systems also needs further examination. Cross border transactions carried through Internet also
posses the issue of jurisdiction and conflict of laws of different nations.

The Consumer Protection Act, 1986 defines the rights of consumers in India and is applicable to
banking services as well. The rights and liabilities of customers availing of Internet banking
services are being determined by bilateral agreements between the banks and customers.10
Considering the banking practice and rights enjoyed by customers in traditional banking, banks
liability to the customers on account of unauthorized transfer through hacking, denial of service
on account of technological failure etc. requires to be assessed and banks providing Internet
banking ought to insure themselves against such risks.

Conclusion

8
See, Dr. (Mrs.) Aditi A. Mahajan, ISSUES CONFRONTED BY INTERNET BANKING, International Journal of
Applied Research & Studies.
9
See, Prithviraj Dasgupta and Kasturi Sengupta, E-Commerce in the Indian Insurance Industry; Electronic
Commerce Research; Vol.2, 2002; pp.43-6.
10
See, Farooq Ahmed, Electronic Commerce : An Indian perspective, International Journal of Law and Information
Technology; Vol.9, No.2, 2001;pp.133-170.
With rapid changes in technology and innovation in the field of e-banking, there is a need for
constant review of different laws relating to banking and commerce. that the Reserve Bank of
India may constitute a multi disciplinary high level standing committee to review the legal and
technological requirements of e-banking on continual basis and recommend appropriate
measures as and when necessary.