Flipkart.com Buy Buy Books Books Online, Online, Pay Pay on on Delivery! Delivery!

Search Books

[Yearbook] Information and Technology Act: Salient Features and Provisions

1. 2. 3. 4. 5. 6. 7. 8. Introduction Timeline of Events Why was IT Act 2000 amended in 2008? Data privacy Definitions What is the punishment for cyber crimes? Who can conduct RAIDS AND INVESTIGATION for Cybercrimes? About the Author This is a guest article written by Mr.Krapesh Bhatt, an IT Security professional from Surat.

Introduction
Dear All, Firstly, I would like to thank Mrunal for providing me with the opportunity to write and come up with the article which provides information on our IT ACT. I am motivated to write this article relating to Our Information Technology Act and its related amendments so as to spread the awareness of the Act. I have tried to make the IT Acts major sections which come in our daily lives simpler to understand. As India is one of few countries in the world which enacted the law specially to curb cyber crime a positive approach in this direction. The countries which have their own cyber laws are U.S, U.K, Japan, European Union, Australia, Germany, Singapore, Belgium, Brazil, Canada, Italy, and France. India has too joined the club and framed laws to curb cyber crime.

Timeline of Events
1. The ministry of commerce, Govt. of India drafted the guidelines as Ecommerce Act 1998, since the ministry of Information Technology was absent at that time. 2. Later on coming to existence, this was re-drafted as Information Technology bill 1999 3. This draft was placed in the parliament in Dec 1999 and passed in May 2000. 4. After the Assent of president, the bill finally came to effect from 17th Oct 2000. This came to be known as IT ACT 2000 5. It was amended in 2008.

Why was IT Act 2000 amended in 2008?

1. The main intent to pass the 2000s Act was to provide legal recognitions to transactions carried out by means of electronic data interchange and other means of electronic communications, commonly known as electronic commerce, which involved the use of alternatives to paper based methods of communication and storage of information and to facilitate the filing of documents of government agencies. 2. But Cyber crime was not looked upon in this act. Even after passing the Act, there was still need to address the specific cyber crimes that were taking place along with the technological advancement. 3. Since the Booming growth of BPO industry and increasing dependence on computers and networks, the incidents of leaking of private data from the BPOs, Banks, Healthcare sectors, telecommunication industry gave rise to provide for a strict legislation to protect the data privacy of all the customers and corporations. 4. Also, the crimes related to privacy breach were rising but as there was no legal framework, specific to the incidents, the IT ACT 2000 seemed ineffective. 5. With the developing demands, the amendments in the IT ACT 2000 were made and IT ACT 2008(amendment) was passed finally on 23rd December 2008.

Data privacy
As Data privacy remains prime importance to the topic of discussion, I will discuss the section related to Section 43A of the amended Act which covers all the sectors of Indian economy. Section 43A was inserted After Section 43 of the parent Act. As per the stated Act, in Section 43A of the amended act, stats as follows: 43A. Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected.

Definitions
Body Corporate reasonable security practices and procedures Means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities; Means security practices and procedures designed to protect such information from unauthorized access, damage, use, modification, disclosure or impairment. It means 1. Password; 2. Financial information such as Bank account or credit card or debit card or other payment instrument details; 3. Physical, physiological and mental health condition;

sensitive personal data or information

3. 4. 5. 6. 7. 8.

Physical, physiological and mental health condition; Sexual orientation; Medical records and history; Biometric information; any detail relating to the above clauses as provided to body corporate for providing service; and Any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.

(SOURCE: IT ACT 2008 Amendment, Sec 43A)

What are the responsibilities of a company handling personal data?

Now, we try to understand the procedures and practices needed to safeguard the sensitive personal data from being stolen, modified without consent of owner, misused or sold in underground markets. lets make it simple to understand this rule. Say for eg. 1. We have a bank, and as we all know, it deals with sensitive personal data of its customers in its computer networks/servers. Our names, account numbers, passwords, Date of birth, Sex, credit/Debit card details, etc. 2. Therefore, to make sure the bank complies with Mandate of IT ACT, it needs to either get certify with ISO 27001 (world renowned standard for data protection) or it may develop its own security manual which describes full indepth details of its IT assets, the Life cycle of assets, the physical security measures(viz. CCTVs, Locks, vaults, fire prevention/detection, temperature controls in server rooms, security guard details and so on). 3. It should also have a detailed Business Continuity plan (In case of any natural/manmade calamity the organization must have a detailed backup process so as to continue its business), 4. Other applicable procedures of separation of duties of key personals, background checks of employees before employing, etc. 5. Not only Banks, but the BPOs/KPOs, hospitals, and various other businesses which deals with sensitive personal data, need to comply with this act.

What is the punishment for cyber crimes?

SECTION OF THE ACT Section 65 Section 66 Section 66A Section 66B Section 66C & D Section 66E Section 66F Section 67, 67A & B Section 67C OFFENCE Tampering with computer source documents. Hacking & Breach of confidentiality of personal information as per sec.43 & 43A Sending offensive messages through communication service, etc. Dishonestly receiving stolen resource or communication device. Identity theft Violation of personal Privacy Cyber terrorism Publishing or transmitting obscene material in electronic form./pornography/child pornography Failure to preserve and retain information by intermediaries PENALTY Imprisonment up to 3 years or a fine of 2 lakh rupees, or both. Imprisonment up to 3 years or a fine up to 5 lakh rupees or both. (For Hacking, fine is 2 lakh rupees, imprisonment is 3 years) Imprisonment of 3 years & fine. Imprisonment of 3 years & fine. Imprisonment up to 3 years & fine up to 1 lakh rupees. Imprisonment up to 3 years or fine not exceeding 2 lakh rupees or with both. Imprisonment for life. Imprisonment term up to 5/7 years and fine up to 10 lakh rupees. Imprisonment for 3 years and fine.

Who can conduct RAIDS AND INVESTIGATION for Cybercrimes?

As per the act, previously, a police officer not less than a rank of DySP can investigate or conduct a raid at a public place without a warrant, but as per the amendment, the rank of Police Inspector can investigate the offences and conduct raids. (Section 78-amended) Also, As per the provisions in the act, and according to section 46(amended), adjudicating officer shall exercise jurisdiction to adjudicate matters in which claim for injury or damage does not exceed 5 crore. If this claim exceeds above 5 crore, then the matter is looked upon by the competent court.

NOTE:
This article is made to provide firsthand information to the readers regarding Information technology act, and spread awareness for IT ACT among masses. In case more detailed information is needed, then it is recommended to refer the gazette published by the ministry of information technology. Website: http://www.mit.gov.in/

ABOUT THE AUTHOR OF ARTICLE:

This article is prepared by EVOLUTION INFO SECURE SERVICES; we are Cyber Security Company which offers techno-legal consulting in the line of IT ACT. More information about the company can be found at our website: www.evolutioninfosecure.in you can contact us at 1. email: contact@evolutioninfosecure.in 2. twitter: @EVOLUTIONSEC Readers can post their feedback, comments, compliments, suggestions, doubts on the email address given. I will be more than happy to respond to them, as I firmly believe that knowledge increases by sharing rather than keeping stagnant in minds.

Previous Posts in the same Category

[Yearbook] Universal Service Obligation Fund (USOF)

[Yearbook] Universal Service Obligation Fund (USOF) A guest article by Mr.Manikandan What is it?What are the activities undertaken?Resources- where from? TimelineWhy is it ... [Yearbook] Traditional Knowledge Digital Library (TKDL) Guest article by Mr.Manikandan What is TKDL?Why is it done?What does TKDL intend to do?What is TKDL? Traditional ... [Yearbook] National Ganga River Basin Authority (NGRBA): members, functions A guest article by Mr. Manikandan SoundararajanGanga river: GeographyWhats the problem with Ganga? National Ganga ... [Yearbook] steps taken by Government to preserve handicrafts industry? Steps taken Problems Solutions Steps taken by Government Khadi and Village industries Commission (KVIC) ... [Yearbook] National Knowledge Network (NKN): Meaning, Significance, Utility and Criticism What is National Knowledge Network (NKN)?What are the uses of NKN?Criticism of NKNGK: What is Exaflop?What is ...

July 13th, 2012 | Category: Yearbook

15 comments to [Yearbook] Information and Technology Act: Salient Features and Provisions

mayur
July 13, 2012 at 12:20 PM Reply please give the study plan for gujrati literature for upsc it is very useful to us.

Mrunal
July 13, 2012 at 6:51 PM Reply Ill try to do it in upcoming weeks.

Sds
July 13, 2012 at 2:07 PM Reply thanx

shashwat
July 13, 2012 at 2:58 PM Reply hi mrunal. i have asked you already. have you compiled previous years PRELIMS gs papers. please say yes or no. i will look all 80 pages myself. please reply

Mrunal
July 13, 2012 at 6:48 PM Reply No I havent. But you can buy the topic-wise solved paperset of prelim exam of Disha Publication. Here is the link http://www.flipkart.com/search-book?&query=9789381250990

asheesh
July 14, 2012 at 4:20 AM Reply framework is very good. very useful for ias mains. such question often asked. i want advice to mrunal, please provide modal ans writing, pointwise. thanks.

princeaniket
July 14, 2012 at 5:41 AM Reply I have been following this blog for 10-12 days and found it very useful. The way Mrunal awakes us by his eye opening alarming articles about the level of preparation is quite interesting. Hats off to you dear. I have to inform/ask you.. today I used the PRINT button and took the printout. It was not ok. right hand portion of the article were missing (cut) by some 2-3 words. i just want to ask whether its the case for me or others too. Thank you and keep updating the post.

Mrunal
July 14, 2012 at 6:42 PM Reply Ill look into this issue.

sameer

sameer
July 14, 2012 at 2:39 PM Reply thank you both Mr Bhatt & Mrunal for such good explanation

Nima
July 16, 2012 at 7:20 AM Reply Hi Mrunal, Just want to request u to place all these yearbuk articles in the yearbuk stuff drop down box so that it will be easier for us to search and study quickly..

nilam
July 22, 2012 at 4:26 AM Reply i have economics a an optional for mains. any suggestions for better prep for paper 2

god
July 22, 2012 at 4:34 AM Reply hello Nilam, My mother in law, who is also an IAS named Nilam also gave it with economics as her primary optional back in the 70s(? i think), ill ask her the best way and let you know.

Nilam
July 22, 2012 at 4:39 AM Reply Oh thanks a lot.. Awaiting for suggestions

vipul
August 16, 2012 at 1:25 PM Reply it is nice article, i am not concerned to this field but it is really helpful to other

vipul
August 16, 2012 at 1:25 PM Reply it is nice article, i am not concerned to this field but it would be really helpful to other

[Download] General Studies and Pub Ad Theory Notes of Om Kasera (AIR 17/ CSE 2011)

No consolation prizes for participating in UPSC so Change the habits or Change the game