Cyber law & Security Control Information Technology Act 2000

Chapter IV
Information Technology Act 2000
Information Technology
The term IT consist of two words information and technology. Information is essential in
our daily life for making decisions, communication, knowledge and productivity. Information
means a collection of facts gathered by various means or communication to draw a conclusion. It
is the representation of knowledge such as facts, data or opinions in any form i.e. textual,
numerical, graphic audio/video form.
However, for information to be useful it must be accurate timely, complete, precise and
relevant. However, technology is the study of science. It is the specific information and
knowledge required for the practical purposes like development in various fields. Therefore, the
term IT refers to scientific, technological and engineering disciplines as well as management
technologies used in information handling, communication, processing, their applications and
associated software, equipment and their interaction.
Hence, IT comprises hardware, software, people and data. According to another jurist,
ICT is defined as technology required for information processing. It involves the use of computer
and computer software to convert, store, process, transit, and retrieve information. In Information
Technology we primarily concentrate on the following technologies:
(i) Computer Hardware Technologies: These technologies microcomputer, midsize servers and
large mainframe systems, and the input, output and storage device that support them.
(ii) Compute, Software Technologies: These technologies includes operating system software,
web browsers, software productivity suits and software for business applications.
(iii)Telecommunication and network technologies: These technologies include
telecommunications media, processors and software needed to provide wife-based and wireless
access and support for internet and other networks.
(iv) Data Resource Management Technologies: These technologies include database
management system software for the development, access and maintenance of the databases of
an organization.
After the advent of Information and Communication Technologies (ICTs) There
are various new concepts such as E-commerce, E-governance, E-contract, E transaction & Cyber
crimes, IPRs ( Intellectual Property Rights) in digital medium and so on. Therefore laws dealing

New Satara College of BCA Pandharpur 1 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

with computer, internet and with these various new concepts would be covered under the
components of cyber law. Further, telecommunication is very important aspect of Information
and Communication Technologies affecting cyber space therefore telecommunication regulations
would also be covered under this net.
Apart from this, cyber space also has impact on various conventional areas of laws such
as Criminal Law, Evidence Law, Business Law, Taxation Law, Banking Law, Financial Law,
Consumer Protection Law, Contract Law, Tort Law, International Law, Health Care Law,
Security Law and so on .At international level there is two main laws dealing with these new
concepts i.e. the Model Law on E-commerce (1996) and the Model Law on Electronic signature
(2001).
The exact content of Cyber law is somewhat controversial (public disagreement.) .Most
observers agree that it includes many aspects of intellectual property (IP means intangible
property that is the result of creativity, such as patents, copyrights, etc.) and technology transfer
It also includes the impact of information technology on legal process (e.g., e Government),
electronic aspects of commercial transaction processing, and most aspects of traditional
computer law .Beyond this substantive core, cyberspace is also having significant impact on
many, if not most, traditional areas of law.
The list here is legion(a vast number of people or things), including Internet aspects of
employment contracting, antitrust and trade regulation, privacy law, telecommunications
regulation, international trade, consumer protection, healthcare, criminal law, taxation,
financial/banking regulation and securities law. Other areas of law are likely to be impacted by
the Internet as information systems become more broadly networked.
In India, most of the new concepts like E-commerce, E-governance, E-record, Digital
Signature and Electronic signature are covered under 'the Information Technology Act, 2000
which is in tuned with Model Law on E-commerce, 1996. Further it was amended by the
Information Technology (Amendment) Act, 2008 so as to make Indian Law in tune with the
Model Law on Electronic signature (2001) However, for proper implementation of the
Information Technology Act, 2000 either certain amendments were made in some conventional
laws such as Indian Penal Code, 1860, Indian Evidence Act, 1872, Reserve Bank of India, 1934,
Banker's Book Evidence Act, 1891, Negotiable Instrument Act, 1881 or wider interpretation is

New Satara College of BCA Pandharpur 2 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

given to others. Let’s briefly analyze the need for amendment of various conventional laws or
wider interpretation of others:

IT Act and Amendment of conventional laws

(Explain the changes in conventional laws with respect to the provisions of I.T.Act 2000 )
Or
(What are the components of Cyber Law )
(i) Amendment of The Indian Evidence Act, 1872:
Before amendment, there were only two evidences legally recognized under Indian
Evidence Act, 1872 i.e. oral evidence; and Documentary evidence. Electronic record was not
legally recognized and was not accepted as evidence .Therefore amendment was made in Indian
Evidence Act, 1872 to grant legal recognition to electronic record so that it can be accepted as
evidence.
(ii) Amendment of The Indian Penal Code, 1860:
Under conventional law, offences could be committed against the documents. However,
electronic record was not within the purview of Indian Penal Code and hence no offence against
electronic record was recognized. However, after the amendment when legal recognition was
granted to electronic record new offences against electronic record were also brought within the
purview of Indian Penal Code. .
(iii) Amendment of The Reserve Bank of India Act, 1934:
Before the amendment, electronic fund transfer between the financial institutions was not
legally recognized. Therefore, the Reserve Bank of India Act, 1934 was amended so as to grant
legal recogniti9" and to facilitate electronic fund transfer between the financial institutions; and,
(iv) Amendment of The Bankers Books Evidence Act, 1891:
Under the conventional law E-books of accounts were not legally recognized, therefore,
the Bankers' Books Evidence Act, 1891 was amended so as to give legal sanctity for books of
accounts maintained in the electronic form by the banks
Wider interpretation of other Conventional laws.
Apart from amending various conventional laws, some statutes were given wider
interpretation so as to properly implement Information Technology Act, 2000.

New Satara College of BCA Pandharpur 3 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

(i) The Consumer Protection Act:

A root question here 'is whether a cyber consumer in law is different from ordinary
consumer or whether he is covered under the consumer Protection Act, (The CPA) 1986.A cyber
consumer purchases goods' or hire services using the internet whereas ordinary consumer uses
traditional methods of going to the market physically etc. Both are consumers under The CPA,
1986 provided they fall within the ambit of the definition of" consumer".

(ii) The Indian Contract Act, 1872

There are several kinds of legal problems or disputes in E-Commerce especially in B2C
Model covered under Law of Contract such as:
· The e-merchant delivers goods, but the customer does not admit that he, or she ever received
the goods.
· The e-merchant delivers goods, but the customer refuses to pay as his minor kid ordered· the
product using a parent's VISA card without authorization.
· The customer pays for the goods and the e-merchant fails to deliver them.
· The customer pays in full, but receives either the wrong goods or a partial order.
· The customer does not like the goods, but the e-merchant has no procedure for accepting
returned goods.
· The customer does not like the goods but the e-merchant refuses to accept returned goods or
give credit to settle the dispute.
· The customer receives the goods, but it arrives damaged.
· The carrier denies responsibility, the e-merchant claims it is the carrier's responsibility, and
the seller is located overseas.
· The customer receives the goods but it does not operate properly.
· The merchant asks the customer to ship the product to the manufacturer at the customer's
expense.
· The manufacturer has no in-house service center.
It is significant to mention here that as such no amendment has been made in the Indian
Contract Act, 1872 but recently the Information technology Act, 2000 has been amended by the
Information technology (Amendment) Act, 2008 by which Section 10A was introduced so as to
confer confers validity On e-contract which reads as under:

New Satara College of BCA Pandharpur 4 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

Validity of contracts formed through e-form [Section 10A of the IT act 2000]
Where in a contract formation, the communication of proposals, the acceptance of
proposals, the revocation of proposals and acceptances, as the case may be, are expressed in
electronic form or by means of an electronic record; then such contract shall not be deemed to be
unenforceable solely on the ground that such electronic form or means was used for that purpose.
Therefore, Section 10A confers validity on e-contract .Hence, where of the proposals, the
acceptance of proposals and the revocation of proposals or acceptances are made in e-form then
such contracts shall be valid under the Indian Contract Act 1872 and shall not be unenforceable
solely on the ground that such electronic form or means was used for that purpose.
Law of Tort
Basically tort is a civil wrong which involves civil liability and civil action. Most of the
cases relating to fraud, negligence, misrepresentation, false advertisement, and IPRs
infringement are covered under it.
Strict liability: A product that produce the wrong solution, causing injury to others, fall
under laws of strict liability or negligence. The basis of liability involves product liability and is
covered under tort law. Therefore the root question is that if such product is purchased online
causing injury to another person whether rule of liability would be applicable?
Fraud: If an e-merchant gives false advertisement on the website or sells wrong products
or a customer gives an unauthorized credit card over the Internet, whether he or she will be liable
for fraud? Suppose a product is bought online but consumer finds it defective. Again here
question is of liability. Here depending upon how liability is worded liability is of the
manufacturer. Generally in such situation every person involved in transaction (manufacturer, e-
merchant and seller) would be liable.
As the Information Technology Act, 2000 is silent about the liability under law of tort, if
arises in cyber space, therefore, wider interpretation should be given to the existing law of tort to
answer such questions.
E-Commerce and taxation
Like other areas there are various taxation difficulties in E-Commerce which still remained
unanswered.
However, by giving wider interpretation to the existing Taxation Laws such problems could be
solved.

New Satara College of BCA Pandharpur 5 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

Copyright and patent infringement

The copyright and patent violations that come under intellectual property law are also big
issues especially when infringement occurs in cyber space. Copyright law gives the author of a
tangible product the right to exclude others from using the finished work. Similarly patent law
gives the inventor of a product or process the right to exclude others from using such
invention .A root question is if there is infringement of IPRs (copyright and patent) online
whether it is covered under IPRs laws?
However, under Indian law proviso to Section 81 was incorporated by Information
Technology (Amendment) Act, 2008 which provides that nothing contained in Information
Technology Act, 2000 shall restrict any person from exercising any right conferred under the
Copyright Act, 1957 or the Patent Act, 1970.This shows that where there is a violation of
copyright or patent right in digital medium then author or inventor shall have all those rights
which are conferred under these Acts.
Privacy issue
Privacy issue in cyber space is another area of concern. It is significant to mention here
that regarding privacy issues under Indian law Section 72 was there under Information
Technology Act, 2000 which provided penalty for breach of confidentiality and privacy and
reads as follows: any person who, in pursuance of any of the powers conferred under this Act,
rules or regulations made thereunder, has secured access to any electronic record, book, register,
correspondence, information, document or other material without the consent of the person
concerned: and discloses such electronic record, book register, correspondence, information,
document or other material to any other person; shall be punished with imprisonment for a term
which may extend to two years, or with fine which may extend to one lakh rupees, or with both.
However if anything is contrary to section 72 and which is provided in this Act or any
other law for the time being in force, then section 72 will not be applicable. Further, two more
sections were incorporated by Information Technology (Amendment) Act, 2008 i.e. sections 43A
and 72A.section 43A provides compensation for failure to protect sensitive personal data i.e.
Where a body corporate, possessing, dealing or handling any sensitive personal data or
information in a computer resource which it owns, controls or operates, is negligent in
implementing and maintaining reasonable security practices and procedures and thereby causes

New Satara College of BCA Pandharpur 6 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

wrongful loss or wrongful gain to any person; then such body corporate shall be liable to pay
damages by way of compensation to the person so affected .
Section 72A provides penalty for disclosure of information in breach of lawful contract
i.e. Any person including an intermediary who, while providing services under the terms of
lawful contract, has secured access to any material containing personal information about
another person, with the intent to cause or knowing that he is likely to cause wrongful loss or
wrongful gain discloses without the consent of the person concerned, or in breach of a lawful
contract, such material to any other person; shall be punished with imprisonment for a term
which may extend to three years, or with fine which may extend to five lakh rupees, or with both
Basically there are two main components of cyber law:
(i) Modem Component; and
(ii) Conventional Component
Modem component consist of new law dealing with computer and internet and various
new concepts such as E-commerce, E-governance, E-record, Digital Signature and Electronic
Signature etc. i.e., the information Technology Act, 2000 in India, enacted to create order in
cyber space. However,
Conventional component consists of various conventional laws amended or interpreted
broadly for proper implementation of newly enacted law i.e. The Indian Penal Code, 1860, The
Indian Evidence Act, 1872, The Reserve Bank of India, The Telecommunications regulations,
The Law of Torts, The Law of contract, Taxation Laws, Cyber Jurisdiction, IPRs in Digital
Medium etc.
Information Technology Act· Key Elements
The Information technology Act, 2000, allows enactment of cyber laws to regulate
electronic communications, trade and commerce and prevent computer crimes. Based on the
Model Law on Electronic Commerce adopted by the UN in January, 1997, the Act has three key
elements; replacement of those geriatric legislations that continue, by default, to govern the IT
sector; to enable e-commerce to commence in India; and, to control fast-expanding cyber crimes.
It envisages legalizing electronic signatures on the Net, sanctify credit card transactions and
boost e-commerce. It will also amend the Banking Regulation Act, the Indian Evidence Act and
the Indian Penal Code to bring in line with the new law and recognize the existence of e-
commerce. Such a change is necessary so that contracts can be enforced. With the company’s

New Satara College of BCA Pandharpur 7 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

increasingly using internet to link with their vendors and with other businesses, a proper legal
framework is essential.
Information Technology Act• Certification and monitoring
For the purpose of overseeing the implementation of its various provisions, the Act
proposes to set up an elaborate machinery. Various certification authorities are proposed to be set
up in order to oversee licensing, certification and monitoring, for licensing, monitoring.
A regulator is to be appointed to oversee these certification authorities. The authorities
will monitor and oversee issues like jurisdiction, origin, authentication, privacy protection and
intellectual property, computer crimes via information highway.
A controller will be appointed to enable the Government to monitor and regulate
activities like creating web pages, advertisements, bulletin board and most importantly, e-
commerce originating from the country. A cyber regulations appellate tribunal is also proposed
to be set up which will hear appeals from the decisions of the Controller and the adjudicating
officers on alleged crimes. Contravention of cyber regulations will be adjudicated by officers
who impose penalty in the nature of compensation to those who are affected by such crimes.
Information Technology Act • Filling of documents with Government agencies
The IT Act proposes to enable Government departments and ministries to accept filing,
creating and retention of documents in the form of electronic record. The Government
department will be free to specify the format under which these documents will be stored.
Information Technology Act • Prevention of Crimes
The Act provides for liability to pay compensation for unauthorized access to computer,
its network and database. It seeks to punish a person who makes misrepresentation or suppresses
any material fact to the controller of the IT activities or indulges in hacking. The IT Act will
facilitate simple things like filing FIR with the police through e-mail and several such simple but
different transactions.
Information Technology Act • Security of data.
Recognition of digital signature will authenticate, and ensure security and privacy of,
e-mail transactions. Business-to-consumer transactions will get a boost. E-mail transactions
having legal sanction will demand consequential changes in the law of evidence. At present,
many legal rules assume existence of paper records and documents, signed records, original

New Satara College of BCA Pandharpur 8 Prof. Kirpekar R.R.

 Cyber law & Security Control Information Technology Act 2000

records etc. The law of evidence traditionally recognizes paper records as well as oral testimony
and all kinds of physical objects.
These conventional means of evidence may not be relevant on the internet. The IT Act,
therefore, envisages to establish a legal regime. In simple words, the Act would help facilitate
revolution of e-commerce, provide a legal framework to digital documents and help prevent
cyber crimes.
In nut shell, the Act provides:
• Legal recognition of electronic records;
• Admissibility of electronic data evidence in courts;
• Legal acceptance of the digital signature;
• Punishment for cyber obscenity & crimes;
• Establishment of a Cyber Regulation Advisory Committee, and a Cyber Regulations Appellate
Tribunal.

New Satara College of BCA Pandharpur 9 Prof. Kirpekar R.R.