Reading Between the lines of The Indian IT Act, PART 1
This is first in a series of articles on the IT Act of India. I had this copy of the Indian IT Act for a while now & began going through it today. It doesn’t seem to be too exhaustive. I have read 9 pages from it. And I have the following for you:
Quick Facts about the Act:
- Actual name: The Information Technology Act, 2000
- Published as a part of ‘The Gazette of India, Extraordinary’ (Bharat Ka Rajpatr, Asadharan)
- Consent of the (then) President received for the IT Act : 9th June, 2000
- It is recommended in the Act that if any state government wishes to make any amendments/changes, they should first refer the Model Law
- Interestingly, India’s IT Act is a derivative of Model Law on Electronic Commerce adopted by the United Nations Commission on International Trade Law (dated 30th June 1997)
As you might be aware that all Laws/Acts have terms defined which are given a reference later. (& anything beyond the scope of the said terms becomes an exception!!). The definitions were a rerun of Basic Network Security class! It contains all the terms – digital signature, asymmetric keys, public/private keys, hashing et al!
Interestingly I came across some interesting definitions as well.
(Note: Below ‘ze’ is used in the Act as all the 26 alphabets were used and the list restarted from za, zb,…)
Section 2. Definitions
(ze) “secure system” means computer hardware, software, and procedure that—
(a) are reasonably secure from unauthorized access and misuse;
(b) provide a reasonable level of reliability and correct operation;
(c) are reasonably suited to performing the intended functions; and
(d) adhere to generally accepted security procedures;
Nowhere have they referred to what is reasonable!
(zh) “verify” in relation to a digital signature, electronic record or public key, with its grammatical variations and cognate expressions means to determine whether—
(a) the initial electronic record was affixed with the digital signature by the use of private key corresponding to the public key of the subscriber;
(b) the initial electronic record is retained intact or has been altered since such electronic record was so affixed with the digital signature.
Grammatical & Cognate Variations of a DS for verification? Interesting!
Section 9. Sections 6,7 and 8 not to confer right to insist document should be accepted in electronic form.
Nothing contained in sections 6, 7 and 8 shall confer a right upon any person to insist that any Ministry or Department of the Central Government or the State Government or any authority or body established by or under any law or controlled or funded by the Central or State Government should accept, issue, create, retain and preserve any document in the form of electronic records or effect any monetary transaction in the electronic form.
Section 6 is about Use of electronic records and digital signatures in Government and its agencies.
7. Retention of electronic records.
8. Publication of rule, regulation, etc., in Electronic Gazette.
I didn’t feel the need of quoting all these sections here as they are apt in the content. Point to see here is that the Govt. doesn’t take responsibility to retain & preserve any document any electronic form. There goes your Right to Information (RTI) Act for a toss!!
Calling all Lawyers and Cyber Crime Specialists!
(To be continued…)
