Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Ambit and Scope of the Chapter. The chapter deals with the regulation and
governance of the certifying authorities. It also lays down who will excercise
control over these authorities.
Who is a Controller?
Under the Information Technology Act, 2000, the controller has been defined as
“the Controller of Certifying Authorities appointed under sub-section (1) of
section 17” [under Section 2(1)(m)]. Further, under section 17 of the Act, the
Central Government has been authorized to appoint a Controller of Certifying
Authorities and such number of Deputy Controllers and Assistant Controllers, as
it deems fit for the purposes of the Act, by notification in the Official Gazette. In
Directive 95/46/EC of the European Parliament and of the Council, it has been
defined as “the natural or legal person, public authority, agency or any other
body which alone or jointly with others determines the purposes and means of
the processing of personal data; where the purposes and means of processing
are determined by national or Community laws or regulations, the controller or
the specific criteria for his nomination may be designated by national or
Community law” [under Article 2(d)]. Under section 2(b) of Electronic
Transactions (Amendment) Act, 2009 of Mauritius, reference has been made to
section 37 of the Act.
In furtherance of this, clause (1) of section 37 lays down that for the
purposes of this Act, there shall be a Controller of Certification Authorities.
Clause (2) of this section says that “for the purposes of this Act, the ICT
Authority shall be the Controller and may be assisted by such of its officers and
other members of its staff as may be necessary.
Taking the note of the provisions in various legislations a clear definition
of “controller” emerges. Under the IT Act, 2000, controller refers to the
Controller of Certifying Authorities as appointed by the Central Government, by
notification in the Official Gazette. The Controller has the duty to discharge his
functions subject to the general control and directions of the Central
Government. The Office of the CCA came into existence on November 1, 2000.
It aims at promoting the growth of E-Commerce and E-Governance through the
wide use of digital signatures. Section 57 of the Information Technology Act,
2000 vests in Cyber Appellate Tribunal the jurisdiction to hear appeals from the
orders of the Controller and the Appellate Tribunal has been set up with the
express and limited purpose of providing any party aggrieved from the order of
the Controller, a forum to seek redress. Any complaint filed before the
Controller of Certifying Authorities will not serve the requirement of complaint
before the Adjudicating Officer, for the purpose of adjudication under the
Information Technology Act. The appellant is required to file a complaint before
the Adjudicating Officer who has the jurisdiction for deciding the disputes of
such nature (Mascon Global Limited v. Controller of Certifying
Authorities, GMAIL.COM and Google Inc. MANU/CY/ 0006/2010).