Information Technology Act 2000 Article Index for
Information Technology 		Website Links For
Information Technology 		 

Information About

Information Technology Act 2000
APPAREL
BABY
BEAUTY
BOOKS
CAR TOYS
CELL PHONES
DVD'S
ELECTRONICS
GOURMET FOOD
GROCERIES
HEALTH & PERSONAL
HOME & GARDEN
JEWELRY
MUSIC
MUSIC INSTRUMENTS
OFFICE PRODUCTS
SOFTWARE
SPORTING GOODS
TOOLS & HARDWARE
TOYS
VIDEO GAMES
SHOPPING HOME
MORE SHOPPING...




INTRODUCTION:

Connectivity via the Internet has greatly abridged geographical distances and made communication even more rapid. While activities in this limitless new universe are increasing incessantly, laws must be formulated to monitor these activities. Some countries have been rather vigilant and formed some laws governing the net. In order to keep pace with the changing generation, the Indian Parliament passed the much-awaited Information Technology (IT) Act, 2000 (hereinafter referred to as ‘the Act’). As they say, "It’s better late than never". Electronic technology has been growing in a geometric progression globally. From a stand alone P.C. to a network of networks – the growth has been stupendous. A boundless, timeless and space less medium has emerged to environ the future businesses – the ‘Cyber Medium’. India has been starved of a law to take care of the technological advancements that have taken place in the cyber medium.

Internet grew in a completely unplanned and unregulated manner. Cyber law is a much newer phenomenon having emerged much after the onset of Internet. Internet is growing rapidly and with the population of Internet doubling roughly every 100 days, Cyberspace is becoming the new preferred environment of the world. The growth rate of cyberspace has been enormous. Even the inventors of Internet could not have really anticipated the scope and far reaching consequences of cyberspace. In response to the absolutely complex and newly emerging legal issues relating to cyberspace, CYBERLAW or the law of Internet came into being. With the spontaneous and almost phenomenal growth of cyberspace, new and ticklish issues relating to various legal aspects of cyberspace began cropping up. The growth of Cyberspace has resulted in the development of a new and highly specialized branch of law called CYBERLAWS- LAWS OF THE INTERNET AND THE WORLD WIDE WEB.

Cyber law is a generic term which refers to all the legal and regulatory aspects of Internet and the World Wide Web. Anything concerned with or related to or emanating from any legal aspects or issues concerning any activity of netizens in and concerning Cyberspace comes within the ambit of Cyber law. Question arises why, should one study the Cyber Law? The answer to this question is given as below:

The study of cyber laws has become essential in light of the growth and advent of Information Technology systems. The use of technology by individuals and organization’s for communication and business has made it imperative for people to understand the implications and legal mechanisms adopted. Cyber law has made its impact in every profession.
1. As Law students this will help them:
o gain an understanding of an emerging area of law
o improve your career opportunities
o excel in prestigious moot court competitions
o gain an edge over others for entry into prominent law firms and corporate houses.

2. As Lawyers this will help them:
o gain an understanding of an emerging area of law
o handle technology related legal issues
o advise corporate and Government bodies on cyber law and cyber crime matters
o provide the best techno-legal remedies to your clients
o represent multi-million dollar cases before a court of law or Adjudicating Officers
o provide expert opinion in cyber crime cases in court
o draft e-commercial contracts/agreements/disclaimers
o Establish security policies for clients.

3. As IT Professionals, Security Consultants, IT students, Security Auditors and Network Administrators this will help them:
o gain an in-depth understanding of technology issues in light of the legal aspects
o make organizational security policies that would comply with legal procedures
o understand legal compliances for use of technology within organizations
o adopt best legal practices for use of e-commerce technology

4. As Chartered Accountants, Banking, Insurance and other Professionals this will help them:
o gain an understanding of the intricacies of commercial transactions online
o advise clients and customers on tax and insurance issues related to e-commerce
o adopt best practices for e-commerce taxation
o understand and enhance business prospects through online transactions
o Conduct cyber-legal audits and establish security policies.

The Information Technology Act, 2000

The Department of Electronics, Government of India, proposes to enact legislation in the Parliament to facilitate Electronic Commerce and to regulate the cyber environment. Similar legislations have been in vogue in US and other countries for the past few years. With the advent the Internet and the consequent unlimited scope for E-Commerce in India, the need for an Information Technology Act has long been felt. This has been fulfilled recently by the Information Technology Act 2000.

After its introduction in the House, the bill was referred to the 42-member Parliamentary Standing Committee following demands from the Members. The Standing Committee made several suggestions to be incorporated into the bill. However, only those suggestions that were approved by the Ministry of Information Technology were incorporated. One of the suggestions that was highly debated upon was that a cyber café owner must maintain a register to record the names and addresses of all people visiting his café and also a list of the websites that they surfed. This suggestion was made as an attempt to curb cyber crime and to facilitate speedy locating of a cyber criminal. However, at the same time it was ridiculed, as it would invade upon a net surfer’s privacy and would not be economically viable. As Mr. Dewang Mehta, Executive Director of the National Association of Software and Service (NASSCOM) said, "it would only result in closing down of all cyber cafés and ultimately deprive people of these facilities." Finally, this suggestion was dropped by the IT Ministry in its final draft.
The Union Cabinet approved the bill on May 13, 2000 and both the houses of Parliament finally passed it by May 17, 2000. The Presidential Assent was finally received in the third week of June 2000.
IMPORTANT PROVISIONS
The Act is arranged in 13 Chapters comprising of 93 Sections along with Four Schedules.

Preamble:
The Preamble to the Act states that it aims at providing ‘legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "electronic commerce", which involve the use of alternatives to paper-based methods of communication and storage of information and aims at facilitating electronic filing of documents with the Government agencies.
The General Assembly of the United Nations had adopted the Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law (UNCITRAL) in its General Assembly Resolution A/RES/51/162 dated January 30, 1997. The Indian Act is in keeping with this resolution that recommended that member nations of the UN enact and modify their laws according to the Model Law.
Thus with the enactment of this Act, Internet transactions will now be recognised, on-line contracts will be enforceable and e-mails will be legally acknowledged. It will tremendously augment domestic as well as international trade and commerce.

Important features:

New challenges have arisen in solving problems unique to storage and transmission of electronic data. Challenges such as data authentication, data integrity, non-repudiation of data, evidentiary standards, choice of technology, liability standards, contractual freedom, consumer protection and cross-border recognition of electronically signed documents are unique to the cyber medium.

The Act has been drafted in tune with the actual ground realities and requirements in the field of Information Technology. The sooner it is enacted as legislation in the Parliament, the faster the development of E-Commerce would be in India. In nutshell, the Act caters to the following requirements:

 Authentication of Instruments
 Countermanding or Reversal of Instructions
 Operational Security of the System
 Check against Fraud, Technical Failure & Errors
 Evidence, Data Protection and Record Preservation

The Act consists of 13 chapters. It governs the law relating to Electronic Contracts, Electronic Records, Digital Signatures, Certification Authorities and the use of Electronic Records and Signatures in Government Records. It also regulates the activities of Network Service Providers.


STATEMENT OF OBJECTS AND REASONS:


New communication systems and digital technology have made dramatic changes in the way we live. A revolution is occurring in the way people transact business. Businesses and consumers are increasingly using computers to create, transmit and store information in the electronic form instead of traditional paper documents. Information stored in electronic form has many advantages. It is cheaper, easier to store, retrieve and speedier to communicate. Although people are aware of these advantages they are reluctant to conduct business or conclude any transaction in the electronic form due to lack of appropriate legal framework. The two principal hurdles which stand in the way of facilitating electronic commerce and electronic governance are the requirements as to writing and signature for legal recognition. The Law of Evidence is traditionally based upon paper based records and oral testimony. Since electronic commerce eliminates the need for paper based transactions, hence to facilitate e-commerce, the need for legal changes has become an urgent necessity.

There is a need for bringing in suitable amendments in the existing laws in our country to facilitate e-commerce. It is therefore proposed to provide for legal recognition of electronic records and digital signatures. This will enable the conclusion of contracts and the creation of rights and obligations through the electronic medium. It is also proposed to provide for a regulatory regime to supervise the Certifying Authorities issuing Digital Signature Certificates.

With the view to facilitate Electronic Governance, it is proposed to provide for the use and acceptance of electronic records and digital signatures in the government offices and its agencies. This will make the citizens interaction with the governmental offices hassle free.

It is proposed to make consequential amendments in the Indian Penal Code and the Indian Evidence Act, 1872 to provide for necessary changes in the various provisions which deal with offences relating to documents and paper based transactions. It is also proposed to amend the Reserve Bank of India Act 1934 to facilitate electronic fund transfers between the financial institutions and banks and the Bankers Books Evidence Act 1891 to given legal sanctity for books of accounts maintained in the electronic form by the banks.


THE ACT:


''To provide legal recognition for transactions carried out by means of electronic data inter-change and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act 1872, the Banker’s Book Evidence Act, 1891 and the Reserve Bank of India Act 1934 and for matters connected therewith or incidental thereto.''


SHORT TITLE, EXTENT, COMMENCEMENT AND APPLICATION:


This Act may be called the Information Technology Act, 2000.

 It shall extend to the whole of India and save as otherwise provided in this Act, it applies also to any offence or contravention there under committed outside India by any person.

 It shall come into force on such date as the Central Government may, by notification, appoint and different dates may be appointed for different provisions of this Act and any reference in any such provision to the commencement of this Act shall be construed as a reference to the commencement of that provision.

Legitimacy and Use of Digital Signatures:
The Act has adopted the Public Key Infrastructure (PKI) for securing electronic transactions. As per Section 2(1)(p) of the Act, a digital signature means an authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the other provisions of the Act. Thus a subscriber can authenticate an electronic record by affixing his digital signature. A private key is used to create a digital signature whereas a public key is used to verify the digital signature and electronic record. They both are unique for each subscriber and together form a functioning key pair.
Section 5 provides that when any information or other matter needs to be authenticated by the signature of a person, the same can be authenticated by means of the digital signature affixed in a manner prescribed by the Central Government. Under Section 10, the Central Government has powers to make rules prescribing the type of digital signature, the manner in which it shall be affixed, the procedure to identify the person affixing the signature, the maintenance of integrity, security and confidentiality of electronic records or payments and rules regarding any other appropriate matters.
Furthermore, these digital signatures are to be authenticated by Certifying Authorities (CAs) appointed under the Act. These authorities would inter alia, have the license to issue Digital Signature Certificates (DSCs). The applicant must have a private key that can create a digital signature. This private key and the public key listed on the DSC must form the functioning key pair.
Once the subscriber has accepted the DSC, he shall generate the key pair by applying the security procedure. Every subscriber is under an obligation to exercise reasonable care and caution to retain control of the private key corresponding to the public key listed in his DSC. The subscriber must take all precautions not to disclose the private key to any third party. If however, the private key is compromised, he must communicate the same to the Certifying Authority (CA) without any delay.
Writing requirements:
Section 4 of the Act states that when under any particular law, if any information is to be provided in writing or typewritten or printed form, then notwithstanding that law, the same information can be provided in electronic form which can also be accessed for any future reference. This non-obstante provision will make it possible to enter into legally binding contracts on-line!
Attribution, Acknowledgement and Dispatch of Electronic Records:
Chapter IV of the Act explicates the manner in which electronic records are to be attributed, acknowledged and dispatched. These provisions play a vital role while entering into agreements electronically.
Section 11 states that an electronic record shall be attributed to the originator as if it was sent by him or by a person authorised on his behalf or by an information system programmed to operated on behalf of the originator.
As per Section 12, the addressee may acknowledge the receipt of the electronic record either in a particular manner or form as desired by the originator and in the absence of such requirement, by communication of the acknowledgement to the addresses or by any conduct that would sufficiently constitute acknowledgement. Normally if the originator has stated that the electronic record will be binding only on receipt of the acknowledgement, then unless such acknowledgement is received, the record is not binding. However, if the acknowledgement is not received within the stipulated time period or in the absence of the time period, within a reasonable time, the originator may notify the addressee to send the acknowledgement, failing which the electronic record will be treated as never been sent.
Section 13 specifies that an electronic record is said to have been dispatched the moment it leaves the computer resource of the originator and said to be received the moment it enters the computer resource of the addressee.

Utility of electronic records and digital signatures in Government Audits Agencies:
According to the provisions of the Act, any forms or applications that have to be filed with the appropriated Government office or authorities can be filed or any licence, permit or sanction can be issued by the Government in an electronic form. Similarly, the receipt or payment of money can also take place electronically.
Moreover, any documents or records that need to be retained for a specific period may be retained in an electronic form provided the document or record is easily accessible in the same format as it was generated, sent or received or in another format that accurately represents the same information that was originally generated, sent or received. The details of the origin, destination, date and time of the dispatch or receipt of the record must also be available in the electronic record.
Furthermore, when any law, rule, regulation or byelaw has to be published in the Official Gazette of the Government, the same can be published in electronic form. If the same are published in printed and electronic form, the date of such publication will be the date on which it is first published.
However, the above mentioned provisions do not give a right to anybody to compel any Ministry or Department of the Government to use electronic means to accept, issue, create, retain and preserve any document or execute any monetary transaction. Nevertheless, if these electronic methods are utilised, the Government will definitely save a lot of money on paper!
Regulation of Certifying Authorities (CAs):
A CA is a person who has been granted a license to issue digital signature certificates. These CAs are to be supervised by the Controller of CAs appointed by the Central Government. Deputy or Assistant Controllers may also assist the Controller. The Controller will normally regulate and monitor the activities of the CAs and lay down the procedure of their conduct.
The Controller has the power to grant and renew licenses to applicants to issue DSCs and at the same time has the power to even suspend such a license if the terms of the license or the provisions of the Act are breached. The CAs have to follow certain prescribed rules and procedures and must comply with the provisions of the Act.


Issuance, Suspension and Revocation of Digital Signature Certificates (DSCs):
As per Section 35, any interested person shall make an application to the CA for a DSC. The application shall be accompanied by filing fees not exceeding Rs. 25,000 and a certification practice statement or in the absence of such statement, any other statement containing such particulars as may be prescribed by the regulations. After scrutinising the application, the CA may either grant the DSC or reject the application furnishing reasons in writing for the same.
While issuing the DSC, the CA must inter alia, ensure that the applicant holds a private key which is capable of creating a digital signature and corresponds to the public key to be listed on the DSC. Both of them together should form a functioning key pair.
The CA also has the power to suspend the DSC in public interest on the request of the subscriber listed in the DSC or any person authorised on behalf of the subscriber. However, the subscriber must be given an opportunity to be heard if the DSC is to be suspended for a period exceeding fifteen days. The CA shall communicate the suspension to the subscriber.
There are two cases in which the DSC can be revoked. Firstly, as per Section 38 (1), it may be revoked either on the request or death of the subscriber or when the subscriber is a firm or company, on the dissolution of the firm or winding up of the company. Secondly, according to Section 38(2), the CA may suo moto revoke it if some material fact in the DSC is false or has been concealed by the subscriber or the requirements for issue of the DSC are not fulfilled or the subscriber has been declared insolvent or dead et al.
A notice of suspension or revocation of the DSC must be published by the CA in a repository specified in the DSC.
Penalties for Computer Crimes:
As per the Act, civil liability and stringent criminal penalties may be imposed on any person who causes damage to a computer or computer system. The offender would be liable to pay compensation not exceeding Rs. 1 Crore (10 million) for gaining unauthorised access to a computer or computer system, damaging it, introducing a virus in the system, denying access to an authorised person or assisting any person in any of the above activities.
Furthermore, the Act also defines specific penalties for violation of its provisions or of any rules or regulations made thereunder. However, if any person contravenes any rules or regulations framed under the Act for which no specific penalty is prescribed, he will be liable to pay compensation not exceeding Rs. 25,000.
Moreover, any person who intentionally or knowingly tampers with computer source documents would be penalised with imprisonment up to three years or a fine of up to Rs. 2 lakhs or both. In simpler terminology, hacking is made punishable.
The Act also disallows the publishing and dissemination of obscene information and material. The introduction of this provision should curtail pornography over the net. Any person who disobeys this provision will be punishable with imprisonment of two years and a fine of Rs. 25,000 for the first conviction. In the event of a subsequent conviction, the imprisonment is five years and the fine doubles to Rs. 50,000.
The Controller has the power to issue directions for complying with the provisions of the Act. Failure to comply with his directions is punishable. Moreover, the interference with ‘protected systems’ or the reluctance to assist a Government Agency to intercept information in order to protect state sovereignty and security is also made punishable.
The adjudicating court also has the powers to confiscate any computer, computer system, floppies, compact disks, tape drives or any accessories in relation to which any provisions of the Act are being violated. No penalty or confiscation made under this Act will affect the imposition of any other punishment under any other law in force.
If penalties that are imposed under the Act are not paid, they will be recovered as arrears of land revenue and the licence or DSC shall be suspended till the penalty is paid.
Adjudicating Officers:
The Central Government shall appoint an officer not below the rank of Director to the Government of India or equivalent officer of the State Government as an adjudicating officer to adjudicate upon any inquiry in connection with the contravention of the Act. Such officer must have the legal and judicial experience as may be prescribed by the Central Government in that behalf.
The Adjudicating Officer must give the accused person an opportunity to be heard and after being satisfied that he has violated the law, penalise him according to the provisions of the Act. While adjudicating, he shall have certain powers of a Civil Court.



CYBER REGULATIONS APPELLATE TRIBUNAL (CRAT):

A Cyber Regulations Appellate Tribunal (CRAT) is to be set up for appeals from the order of any adjudicating officer. Every appeal must be filed within a period of forty-five days from the date on which the person aggrieved receives a copy of the order made by the adjudicating officer. The appeal must be the appropriate form and accompanied by the prescribed fee. An appeal may be allowed after the expiry of forty-five days if ‘sufficient cause’ is shown.
The appeal filed before the Cyber Appellate Tribunal shall be dealt with by it as expeditiously as possible and endeavour shall be made by it to dispose of the appeal finally within six months from the date of receipt of the appeal. The CRAT shall also have certain powers of a civil court.
As per Section 61, no court shall have the jurisdiction to entertain any matter that can be decided by the adjudicating officer or the CRAT. However, a provision has been made to appeal from the decision of the CRAT to the High Court within sixty days of the date of communication of the order or decision of the CRAT. The stipulated period may be extended if sufficient cause is shown. The appeal may be made on either any question of law or question of fact arising from the order.
Police Powers:
A police officer not below the rank of deputy superintendent of police has the power to enter any public place and arrest any person without a warrant if he believes that a cyber crime has been or is about to be committed. This provision may not turn to be very effective for the simple reason that most of the cyber crimes are committed from private places such as one’s own home or office. Cyber-cafés and public places are rarely used for cyber crimes. However, if the Act did give the police department powers to enter people’s houses without search warrants, it would amount to an invasion of the right to privacy and create pandemonium. Keeping this in mind, the Legislature has tried to balance this provision so as to serve the ends of justice and at the same time, avoid any chaos.
On being arrested, the accused person must, without any unnecessary delay, be taken or sent to the magistrate having jurisdiction or to the officer-in-charge of a police station. The provisions of the Code of Criminal Procedure, 1973 shall apply in relation to any entry, search or arrest made by the police officer.



NETWORK SERVICE PROVIDERS NOT LIABLE IN CERTAIN CASES:

To quote Section 78, it states:
"For the removal of doubts, it is hereby declared that no person providing any service as a network service provider shall be liable under this Act, rules or regulations made thereunder for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention."
"Explanation.—For the purposes of this section,—
(a) ‘network service provider’ means an intermediary;
(b) ‘third party information’ means any information dealt with by a network service provider in his capacity as an intermediary."
Thus a plain reading of the section indicates that if the network service provider is unable to prove its innocence or ignorance, it will be held liable for the crime.
Cyber Regulations Advisory Committee (CRAC):
The Act also provides that as soon as it is enacted and it comes into force, the Central Government shall constitute the CRAC. The CRAC will assist the Central Government as well as the Controller of CAs to form rules and regulations consistent with the provisions of the Act. The Controller will notify these regulations in the Official Gazette after consultation with the CRAC and the Central Government.
Amendments:
With the introduction of the IT Act certain amendments are to be carried out in the Indian Penal Code, 1860, the Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934. These amendments will try and make these existing codes Internet compatible.
LACUNAE
After having discussed the important provisions of the Act, attention should also be drawn to some of its loopholes.



INAPPLICABILITY:

The first and foremost setback is that the provisions of the Act do not apply to the following:
a. a negotiable instrument as defined in Section 13 of the Negotiable Instruments Act, 1881;
b. power of attorney as defined in Section 1A of the Powers-of-Attorney Act, 1882;
c. a trust as defined in Section 3 of the Indian Trusts Act, 1882;
d. a will as defined in Section (h) of Section 2 of the Indian Succession Act, 1925, including any other testamentary disposition by whatever name called;
e. any contract for the sale or conveyance of immovable property or any interest in such property.
It is envisaged that the efficacy of the Act may not be considerable owing to its restrictive applicability.
Digital Signatures:
Act deals only with PKI framework for authentication. It does not recognize any other authentication procedure though the ambit of ‘legal record’ is wide. This may cause problems for m-commerce transactions that may not necessarily use the PKI system for authentication and security purposes.
Qualifications and Powers of Adjudicating Officers Unclear:
The Act is unclear as to the qualifications of an adjudicating officer and the manner in which he shall adjudicate.
Moreover, though the statute is supposedly a ‘long arm statute’, it does not indicate the powers of the adjudicating officers when a person commits a cyber crime or violates any provisions of the law from outside India. Several practical difficulties may also arise in importing the cyber criminal to India. The Act does not lay down any provisions whereby extradition treaties can be formed with countries where the cyber criminal is located. Therefore, the extra-territorial scope of the Act may be difficult to achieve.
Furthermore, the powers to impose a penalty for a computer crime up to Rs. 1 crore offers a large discretion to adjudicating officers and may turn out to be harmful.



POSSIBLE VIOLATION OF FUNDAMENTAL RIGHTS:

The provision that no order of the Central Government appointing any person as the presiding officer of a CRAT shall be called into question in any manner and no act or procedure before a CRAT shall be called into question in any manner merely because there is a defect in the constitution of the CRAT may be violative of the fundamental rights of citizens under the Constitution of India. This provision could be misused by the Central Government in an unfair and arbitrary manner. It is recommended that is provision be modified so that the interests of the public at large are safeguarded.
Misuse of Police Powers:
The search and arrest powers given to police officers are without any definite guidelines and may be ill-used.
ISP Liability - Responsibility for Content Regulation not attributable:
While Section 78 absolves a network service provider of its liability if it can prove its ignorance and due diligence, it fails to specify as to who would be held liable for such contravention in such an event. This provision will certainly cause problems when an offence regarding third party information or provision of data is committed.
No Intellectual Property Rights Protection Guaranteed:
Regulation of intellectual property rights, particularly copyright on the Internet is an ever-growing problem. The Act does not discuss the implications of any copyright violations over the net. It has no provisions to penalise copyright infringers, commonly known as "pirates" for their activities over the net. Internet piracy is a major problem has not been tackled by this Act. No amendments have been proposed to the Copyright Act of India.
CONCLUSION
The IT Act is a comprehensive piece of legislation which aims at policing some of the activities over the Internet. The fundamental approach of the Act is towards validating and legalising electronic and on-line transactions. Business transaction costs will be curtailed and transaction volumes will grow manifold. Computer and Cyber Crimes will hopefully be curbed and offenders will be strictly penalised. Policing these crimes is extremely necessary. At the same time the police officers who occupy large powers under the IT Act must also be educated in computers and Internet. This would help them in executing their powers effectively and efficiently.
But in order to curb computer crimes, the police alone cannot make all the difference. Awareness regarding these cyberlaws must be created. Private and Non Governmental organisations must play an active role in communicating this message to the masses. Moreover, the judiciary will also have to play a proactive role in adjudicating cyber trials. A large part of the judiciary is probably unaware of cyberlaws and their implications. They must themselves study the laws carefully and effectively enforce them. Co-ordination amongst the organisations, police and judiciary will definitely create some impact and minimise the crime rate.
However, the working and implementation of this law will depend greatly on the rules and regulations that will be formed by the Government and other authorities constituted under the Act. The Act is only a skeletal figure, while it is the rules and regulations that will form the fleshy content.
This Act is not the end but only a beginning to a plethora of legislation that still needs to be formed. It leaves various issues untouched, some of them relating to intellectual property rights, data protection and taxation. No concrete regulations have also been formulated for cross border issues. These issues are of immense importance and the Parliament must speedily frame laws to govern them.
While legislation will always be lacking behind as time and technology progress, the Parliament must ensure that it keeps amending the law and enacting new laws to keep pace with ever-changing standards. At the same time, Indian law must be consonant with international standards that are prescribed and that may be prescribed in the future. This is essential if we desire to effectively regulate this boundless world.
India is amongst few of the countries in the world which have any legal framework for e-commerce and e-governance. Indian industry projections indicate that business transactions over the net would cross Rs. 2500 crore (Rs.25 Billion) by 2002. The correct and honest implementation of this Act would definitely be a boon to the Indian Infotech Sector. The Act has been passed at a time when the Internet population in India is low and therefore it is hoped that implementing the law should not be very difficult. Change is the essence of life. What seems impeccable and indestructible today might not remain the same tomorrow. Internet, being a global phenomenon is bound to attract many crimes. India has taken a key step in curbing Cyber Crimes by the enactment of the Information Technology Act and by giving exclusive powers to the police and other authorities to tackle such crimes.

Similar efforts have been made by various countries to fight this menace by enacting national legislations but in the long run, they may not prove to be as beneficial as desired. An effort is still wanted to formulate an international law on the use of Internet to curb this imminent danger of Cyber Crimes and to achieve a crime free Cyber Space. Prevention they say is the best cure. Cyber laws aim to prevent cyber crimes through the use of penal provisions. A great deal however needs to be done before Cyber laws can stand a fair chance to influence the modern world in the much anticipated manner.


CASES:

1. MMS porn case in which the CEO of bazee.com Mr. Bajaj (an Ebay Company) was arrested for allegedly selling the MMS clips involving school children on its website is the most apt example in this reference.

2. Other cases where the law becomes hazy in its stand includes the case where the newspaper Mid-Daily published the pictures of the Indian actor kissing her boyfriend at the Bombay nightspot

3. The arrest of Krishan Kumar for illegally using the internet account of Col. (Retd.) J.S. Bajwa. This connotes the usage by an unauthorized person of the Internet hours paid for by another person. In May 2000, the economic offences wing, IPR section crime branch of Delhi police registered its first case involving theft of Internet hours. In this case, the accused, Mukesh Gupta an engineer with Nicom System (p) Ltd. was sent to the residence of the complainant to activate his Internet connection. However, the accused used Col. Bajwa’s login name and password from various places causing wrongful loss of 100 hours to Col. Bajwa. Delhi police arrested the accused for theft of Internet time. On further inquiry in the case, it was found that Krishan Kumar, son of an ex army officer, working as senior executive in M/s Highpoint Tours & Travels had used Col Bajwa’s login and passwords as many as 207 times from his residence and twice from his office. He confessed that Shashi Nagpal, from whom he had purchased a computer, gave the login and password to him. The police could not believe that time could be stolen. They were not aware of the concept of time-theft at all. Colonel Bajwa’s report was rejected. He decided to approach The Times of India, New Delhi. They, in turn carried a report about the inadequacy of the New Delhi Police in handling cyber crimes. The Commissioner of Police, Delhi then took the case into his own hands and the police under his directions raided and arrested Krishan Kumar under sections 379, 411, 34 of IPC and section 25 of the Indian Telegraph Act. In another case, the Economic Offences Wing of Delhi Police arrested a computer engineer who got hold of the password of an Internet user, accessed the computer and stole 107 hours of Internet time from the other person’s account. He was booked for the crime by a Delhi court during May 2000.

4. DPS Clips

5. Porn Clips of Miss Jammu

6. Recent Indian case about cyber lotto was very interesting. A man called Kola Mohan invented the story of winning the Euro Lottery. He himself created a website and an email address on the Internet with the address 'eurolottery@usa.net.' Whenever accessed, the site would name him as the beneficiary of the 12.5 million pound. After confirmation a telgu newspaper published this as a news. He collected huge sums from the public as well as from some banks for mobilization of the deposits in foreign currency. However, the fraud came to light when a cheque discounted by him with the Andhra Bank for Rs 1.73 million bounced. Mohan had pledged with Andhra Bank the copy of a bond certificate purportedly issued by Midland Bank, Sheffields, London stating that a term deposit of 12.5 million was held in his name.

Intellectual Property Crimes:
These include software piracy, copyright infringement, trademarks violations, theft of computer source code etc. In other words this is also referred to as cybersquatting. Satyam Vs. Siffy is the most widely known case. Bharti Cellular Ltd. filed a case in the Delhi High Court that some cyber squatters had registered domain names such as barticellular.com and bhartimobile.com with Network solutions under different fictitious names. The court directed Network Solutions not to transfer the domain names in question to any third party and the matter is sub-judice. Similar issues had risen before various High Courts earlier. Yahoo had sued one Akash Arora for use of the domain name ‘Yahooindia. Com’ deceptively similar to its ‘Yahoo.com’. As this case was governed by the Trade Marks Act, 1958, the additional defence taken against Yahoo’s legal action for the interim order was that the Trade Marks Act was applicable only to goods.

Email Spoofing:
A spoofed email is one that appears to originate from one source but actually has been sent from another source. E.g. Gauri has an e-mail address gauri@indiaforensic.com. Her enemy, Prasad spoofs her e-mail and sends obscene messages to all her acquaintances. Since the e-mails appear to have originated from Gauri, her friends could take offence and relationships could be spoiled for life. Recently, a branch of the Global Trust Bank experienced a run on the bank. Numerous customers decided to withdraw all their money and close their accounts. It was revealed that someone had sent out spoofed emails to many of the bank’s customers stating that the bank was in very bad shape financially and could close operations at any time. Unfortunately this information proved to be true in the next few days.
But the best example of the email spoofing can be given by the Gujarat Ambuja Executive’s case. Where he pretended to be a girl and cheated the Abu dhabi based NRI for crores by blackmailing tactics.

Email bombing
Email bombing refers to sending a large number of emails to the victim resulting in the victim’s email account (in case of an individual) or mail servers (in case of a company or an email service provider) crashing.
In one case, a foreigner who had been residing in Simla, India for almost thirty years wanted to avail of a scheme introduced by the Simla Housing Board to buy land at lower rates. When he made an application it was rejected on the grounds that the scheme was available only for citizens of India. He decided to take his revenge. Consequently he sent thousands of mails to the Simla Housing Board and repeatedly kept sending e-mails till their servers crashed.

Cyber law is a generic term, which denotes all aspects, issues and the legal consequences on the Internet, the World Wide Web and cyber space. India is the 12th nation in the world that has cyber legislation apart from countries like the US, Singapore, France, Malaysia and Japan .
But can the cyber laws of the country be regarded as sufficient and secure enough to provide a strong platform to the country’s e-commerce industry for which they were meant?? India has failed to keep in pace with the world in this respect, and the consequence is not far enough from our sight; most of the big customers of India’s outsourcing company have started to re-think of carrying out their business in India .Bajaj’s case has given the strongest blow in this respect and have broken India’s share in outsourcing market as a leader.
If India doesn’t want to loose its position and wishes to stay as the world’s leader forever in outsourcing market, it needs to take fast but intelligent steps to cover the glaring loopholes of the Act, or else the day is not far when the scenario of India ruling the world’s outsourcing market will stay alive in the dreams only as it will be overtaken by its competitors.