Information Technology Act 2000

and Amendments therein

E K Bharat Bhushan
Joint Secretary and Financial Advisor
Department of Information Technology

1
 Digital Revolution Internet Infra in INDIA
Internet INDIA Internet Infrastructure:2008.5
1Mil. Domains
(0.5 Mil. “.in”)

Bharti
BSNL NIC

130+ IDCs 134 Major Mail Servers

ISPs
ERNET

Reliance
TATA
Communications

4.8 Mil. High DNS

Speed Internet
Enterprise
IT /
65 Mil. Internet Govt. ITES
Users BPO
Home
248 Mil. Mobile Academia
Phones
8 Mil. Mobile Phones being added
per month `

Tele Density 24 per 1000 person

Targetted Broadband connection = 10 Mil. VOIP, IPTV
(2010) 2
 THREE OUTSTANDING FEATURESWHICH MAKE
DIGITAL REVOLUTION UNIQUE ARE THE RESULTANT

1. Cyberspace
2. Knowledge Economy
3. Speed with which it has transformed
industrial economy into a knowledge
Economy

3
 LEGAL PROBLEMS OF THE NEW
TECHNOLOGY

• APPLICATION OF JURISPRUDENTIAL
CONCEPTIONS TO
CYBERSPACE.
• FRAGILE EVIDENCE

4
VANISHING BORDERS IN CYBERSPACE

• Sovereignty and exercise of Jurisdiction

which are attributes of statehood are
linked to territorial nexus
• In Cyberspace territorial boundaries are
meaningless
• Internet address has no relation to the
physical location of the computer or its
user
• Law implies the application of coercive
force but this is not feasible over
individuals not within the territory
5
ANONYMITY AND PSEUDO-ANONYMITY

• Cyberspace permits anonymity and

pseudo anonymity
• Users can mask their real flesh and blood
identities and assume digital avtars
• anonymous remailers facilitate sending
messages without revealing their identity
or origin
6
 CHALLENGE OF CYBERSPACE

Cyberspace calls into question many

traditional legal conceptions like
• Ownership
• Freedom of expression
• Liability
• Property etc

7
INFLUENCE OF US CONSTITUTIONAL AND LEGAL
DOCTRINES ON GROWTH OF CYBERLAW

Internet is a product of US Technology, so

issues relating to Internet are heavily
flavoured by US Constitutional and Legal
doctrines

8
 TWO SCHOOLS OF THOUGHT ON
GOVERNANCE OF CYBERSPACE

Regulation skeptics Governments should not

regulate Cyberspace
Reasons
•Laws involved on geographical basis have
no application to cyberspace which is
borderless
•Cyberspace transactions occur
simultaneously in all jurisdictions assumption
of jurisdiction by multiple states will lead to
jurisdictional mayhem
•Architecture of Cyberspace precludes
previous notice of applicable laws 9
RELATIONSHIP BETWEEN LAW AND SOCIAL
CHANGE

“The controversy between those who

believe that law should essentially follow
and not lead and it should do so clearly
formulated social sentiment and those who
believe that law should be determined
agent in the creation of new social norms is
one of the recurring themes in the history of
legal thought”

PROFESSOR WOLFGANG FRIEDMANN –

Law in the Changing Society
10
 Salient features of the Act
The salient features of the Information Technology Act, 2000 are
as follows:—

(i) Extends to the whole of India (Section 1)

(ii) Authentication of electronic records (Section 3)
(iii) Legal Framework for affixing Digital signature by use of
asymmetric crypto system and hash function (Section 3)
(iv) Legal recognition of electronic records (Section 4)
(v) Legal recognition of digital signatures (Section 5)
(vi) Retention of electronic record (Section 7)
(vii) Publication of Official Gazette in electronic form (Section 8)
(viii) Security procedure for electronic records and digital
signature (Sections 14, 15, 16)
(ix) Licensing and Regulation of Certifying authorities for issuing
digital signature certificates (Sections 17-42)
(x) Functions of Controller (Section 18)
 Contd..
(xi) Appointment of Certifying Authorities and Controller of Certifying Authorities,
including recognition of foreign Certifying Authorities (Section 19)
(xii) Controller to act as repository of all digital signature certificates (Section 20)
(xiii) Data Protection (Sections 43 & 66)
(xiv) Various types of computer crimes defined and stringent penalties provided under the
Act (Section 43 and Sections 66, 67, 72)
(xv) Appointment of Adjudicating officer for holding inquiries under the Act (Sections 46 &
47)
(xvi) Establishment of Cyber Appellate Tribunal under the Act (Sections 48-56)
(xvii) Appeal from order of Adjudicating Officer to Cyber Appellate Tribunal and not to any
Civil Court (Section 57)
(xviii) Appeal from order of Cyber Appellate Tribunal to High Court (Section 62)
(xix) Interception of information from computer to computer (Section 69)
(xx) Protection System (Section 70)
(xxi) Act to apply for offences or contraventions committed outside India (Section 75)
(xxii) Investigation of computer crimes to be investigated by officer at the DSP (Deputy
Superintendent of Police) level
(xxiii) Network service providers not to be liable in certain cases (Section 79)
(xxiv) Power of police officers and other officers to enter into any public place and search
and arrest without warrant (Section 80)
(xxv) Offences by the Companies (Section 85)
(xxvi) Constitution of Cyber Regulations Advisory Committee who will advice the Central
Government and Controller (Section 88)
New Provisions added through Amendments
• New Section to address technology neutrality from Section 3A
its present “technology specific” form
(i.e. Digital Signature to Electronic Signature)
• New Section to address promotion of e-Governance Section 6A
& other IT application
– Delivery of Service
– Outsourcing – Public Private Partnership

• New Section to address electronic contract Section 10A

• New Section to address data protection and privacy Section 43

• Body corporate to implement best security practices Sections 43A &

72A

• Multimember Appellate Tribunal Sections 49-52

 Contd.
• New Section to address new forms of computer misuse

– Impersonation Section 419A

– Identity theft and E-commerce frauds Section 417A
like phishing
– Video voyeurism Section 502A
– Offensive messages and Spam Section 66A
– Pornography Section 67A

• Preservation and Retention of Data/Information Section 67C

• Revision of existing Section 69 to empower Central Section 69

Government to designate agencies and issue direction
for interception and safeguards for monitoring and decryption

• Blocking of Information for public access Section 69A

 Contd.
• Monitoring of Traffic Data and Information for Section 69B
Cyber Security

• New section for designating agency for protection Section 70A

of Critical Information Infrastructure

• New Section for power to CERT-In to call and Section 70B

analyse information relating to breach in cyber
space and cyber security

• Revision of existing Section 79 for prescribing liabilities Section 79

of service providers in certain cases and to Empower
Central Government to prescribe guidelines to be observed
by the service providers for providing services. It also
regulate cyber cafes.

• New Section for Examiner of Digital Evidence Section 79A

• New Section for power to prescribe modes of Encryption Section 84A

• Punishment for most of offences were reduced from three

years to two years
 Thank you

Incident Response Help Desk

Phone: 1800 11 4949
FAX: 1800 11 6969
e-mail: incident at cert-in.org.in
http://www.cert-in.org.in