A.P.LEGAL SERVICES PVT. LTD.                LEGAL EMPOWERMENT THROUGH PROFESSIONAL EXCELLENCE                 SEND YOUR OPINIONS AND VIEWS AT let@aplegalservices.com.

INFORMATION TECHNOLOGY BILL, 1999

By Dr.T.H.Chowdary

Information Technology Advisor: Government of Andhra Pradesh.

Information Technology is the rage of the age. India has missed the industrial revolution and therefore a respectable share in the World’s trade in goods (down from 1.5% in 1947 to 0.6% in 1999). India is becoming confident of doing extremely well in the emerging trade in services for which information technology is the most indispensable facilitating tool. The existence of an ubiquitous broadband, digital, high- speed telecom transport network is essential for information and knowledge-based society and business and economic activity. Fortunately, such an electronic photonic telecom transport is emerging due to de-monopolisation of telecommunications and competitive provision of information services especially, the Internet. India is having about four million PCs growing at about more than a million per year currently. Countrywide multi-site company networks are emerging.

The National Telecom Policy, 1999 (NTP-99) permits interconnection of the individual private networks with one another as well as with the public switched telecom network (PSTN). Banks arc computerising in a very big way and now electronic governance, as being implemented in Andhra Pradesh, is set to spread throughout the country. International trade is becoming global, fast and fiercely competitive and therefore depends upon telecommunications anti computers. Several hundred Indian software companies have emerged as creditable suppliers of software, programming, solutions and applications to a variety of businesses allover the world. We have held a large cake of the world’s Y2K business which is now winding down. Our software companies are now all concentrating to get a slice of the “World’s Electronic or E-Commerce".

The electronification of government, of commerce, of banking, of learning and teaching and all transactions requires a new legal framework. When information was in material form on papers, it could be controlled by the nation State and each State has got a plethora of laws and procedures for the purpose. But when once information is dematerialized and all records and transactions are in electronic form in computer memories and are accessed, updated, downloaded and modified on telecom networks, it is possible that all banking records for example of a foreign bank operating in India are not in India but anywhere else in the world. So many inquiries, offers, tenders and orders and agreements will all be transacted over the telecom network through use of computers. But what is the record and evidence of these transactions and who have entered into these transactions and what is the evidence and enforceability for - them? What is the authenticity of these transactions? So far, paper records were the basis of all evidence. The signature of a person to any document or communication makes it a legally enforceable document: They are registered in Registrar’s offices. Signatures and documents and agreements could be got authenticated from Notaries authorized for this purpose. In the era of all-electronic transactions, paperless offices, transnational, computer networks, it is becoming necessary to redefine what is a signature’ and what is a document” how they are to be preserved, presented and authenticated and what are the mechanisms for the new system of recording and storing signatures and documents. Of course, the security of something which we cannot see and which is no physical dimension and which could be faked, does cause serious concern.

Now that if almost all the hundreds of software companies in India will be pushing for electronic commerce, electronic government and for myriad applications for computers within India and on a networked basis allover the world, there is great need for a new law to cover the new form of records, transactions, signatures, storage, carriage and the litigations that can arise. It is to address these that the Government of India has produced the Information Technology Bill, 1999 (ITB-99). This is to be debated in the Winter Session of the Parliament to pass it into law and then Gazetted for implementation. 1 2. The ITB legislates that records and signatures need not be in physical form but that they can be electronic and digitalised and stored and transmitted / submitted in electronic form over computer networks. Such a legislation has been enacted in all the developed countries as well as in Malaysia, Singapore, Korea and Taiwan. 3. The Indian IT Bill sets up a system for companies, enterprises, individuals and offices to have their digital signatures certified.- Certifying Authorities (C.As) are to be licensed by the Controller of Certifying Authorities (CCA) appointed by the Government of India. The Controller will also be the Repository of all the digital signatures certified by the C.As. The Bill specifies qualifications for C.As and the requirements of computer equipments and expertise they should possess to be licensed certifying authorities, Essential and crucial to the digital signature (which we almost see), is that the subscriber’s (company or an individual or any other institution wishing to have electronic

transactions) signature cannot ~e duplicated by anybody and that it is taken care of by him (like blank papers and cheques signed and not secure left insecurely everywhere’). Technically, this means he is to have a personal key (software) which is in his possession and the certifying authority. The subscriber must give a public key (software) with which his personal lock can be opened an~ his signature seen, i.e., electronically verified by the certifying authority. The development of these personal and public keys is a sophisticated exercise requiring great ingenuity, in cryptography. After obtaining a certificate for digital signature, the subscriber can keep all the records of transactions and documents and any information in -an electronic form and those electronified records will be recognised by courts and government. So are the digital signatures. For eg., if somebody is to file an Income Tax. Return, he need not have to do it on paper but on the electronic format prescribed by the income tax department, that can be seen on one’s PC and filled up. He can then append his digital signature to it. Government undertakes to recognise electronic records and electronic signatures of all subscribers whose E.Ss are certified and lodged with the repository after this Bill is enacted and notified. It may be recalled that about two decades ago while telegrams ‘were valid evidential documents, telex messages were not. The relevant acts had been amended. Then came the Fax. Even today they (and also photo copies) are not valid documents in courts which require the originals with the signatures on the originals only, as evidence. When once this Bill is passed, then electronic documents, i.e., whatever are recorded in computer memories ; i as well as electronic signatures will be legal and have to be accepted in all government ! and other offices equipped for the purpose. All the electronic digital signatures are kept with the Controller of Certifying Authorities. In other words, he is the repository of all i .: the digital signatures. 4. Of great concern to people is the security of the electronic records and signatures. This is a matter for the subscribers themselves to ensure and there are ~great technological advances continuously coming in this regard and yet there are crackers (those within the company) and hackers, (those outside the company) who can tamper with the records and the signatures and destroy or distort them. Similarly, there could be fraud committed by say, getting at the personal key of an electronic signatory and using it for example, withdrawal or transfer of money or getting the classified information of a government office or a company. The Bill has provisions in regard to electronic fraud and crime as well as pornography on the network. Computer crimes like illegally security~ access to computer network systems, downloading or copying or extracting of any data from computer data bases etc., are defined and punishment for such crimes are prescribed for the offenders. Besides, they will have to pay compensation to the aggrieved to an extent of Rs. l0 lakhs. The criminals can also be sent to jail. The Bill proposes creation of a one-man Cyber Regulation Appellate Tribunal whereat, the convicted computer criminals could appeal. Interestingly, they are all one-person tribunals. They are not bound by the procedures laid down by the Code of Civil Procedure but are to be guided by principles of natural justice. It is hoped that this provision will conduce to swift award of justice. No civil court has jurisdiction in a matter under adjudication but the adjudication award can be appealed in High Courts. Computer criminals, i.e., those who intentionally! conceal, destroy or alter any computer source document for a computer programme or system or network or source-code can be fined upto Rs.2 lakhs and also imprisoned for upto three years. Those who electronically publish or circulate information which is lascivious or appeals to the prurient- interest can be fined upto Rs.25,000 and also .imprisoned for two years. Persons unauthorisedly or illegally disclosing the contents of electronic records can be fined, Rs.1 lakh and imprisoned for two years. 5. Very rightly, the network service providers, i.e., those who simply provide storage and transmission for those who are transacting business or exchanging information, are not liable to be punished because of the falseness or criminality of the contents and the transactions, if they are not a party and have no prior knowledge of such contents and transactions. One very interesting feature of the Bill is that government can intercept any electronic record or its transmission in the interest of the security of the State. This is just like the similar provision in the Indian Telegraph Act, 1885 which authorizes the State to intercept any telecommunication messages (commonly called, telephone-tapping) by government. 6. The Bill also amends Sections in the Indian Penal Code, 1860; the Indian Evidence Act, 1862; the Bankers Book Evidence, Act, 1891 and the Reserve Bank of India Act, 1934 so that electronic records and electronic signatures become legal in addition to paper records and physical signatures. 7. One welcome provision of the Bill is the constitution by Central government of a .committee called “The Cyber Regulations Advisory Committee” consisting of a chair- person and a number of official and nonofficial members representing the interests, principally affected or having special knowledge of the subject matter. The committee would advise the Central government regarding the rules to be made under this Act and the Controller in framing the regulations under this Act. What is most important is that the members of this committee are not retired government servants wanting rehabilitation here and there but that they are young, dynamic, informed, enterprising IT and software professionals who have built up successful businesses of global competence. It should have the least number of generalist bureaucrats. .8. The Bill by and large tallows the Digital Signature Act, 1997 of Malaysia except that Malaysia has got a separate repository for signatures whereas the Indian bill envisages the Controller himself to be the repository .It is to be hoped that under the rule-making powers, the Controller who may be in Delhi will issue licenses to a large number of Certifying Authorities spread throughout the country.

TOP
Back to the Material