Beruflich Dokumente
Kultur Dokumente
• Grant legal recognition to all transactions done via an electronic exchange of data
or other electronic means of communication or e-commerce, in place of the earlier
paper-based method of communication.
• Give legal recognition to digital signatures for the authentication of any information
or matters requiring legal authentication
• To give more power to IPO, RBI and Indian Evidence act for restricting electronic
crime.
• Facilitate the electronic filing of documents with Government agencies and also
departments
• Facilitate the electronic storage of data
• Give legal sanction and also facilitate the electronic transfer of funds
between banks and financial institutions
• Grant legal recognition to bankers under the Evidence Act, 1891 and the
Reserve Bank of India Act, 1934, for keeping the books of accounts in
electronic form.
2. Scope of IT Act:
• According to Section 1 (2), the Act extends to the entire country, which also includes Jammu and Kashmir.
• Further, it does not take citizenship into account and provides extra-territorial jurisdiction.
• Section 1 (2) along with Section 75, specifies that the Act is applicable to any offense or contravention committed
outside India as well.
• If the conduct of person constituting the offense involves a computer or a computerized system or network located in
India, then irrespective of his/her nationality, the person is punishable under the Act.
• Lack of international cooperation is the only limitation of this provision.
• The act shall apply to
• a. Processing of personal data or partly by automatic means, and
• b. Other processing of personal data which form part of or are intended to form part of personal data filing system.
• This act shall not apply to the following:
• Information technology Act 2000 is not applicable on the attestation for creating trust via
electronic way. Physical attestation is must.
• Execution of Negotiable Instrument under Negotiable Instruments Act, 1881, except
cheques.
• Execution of a Power of Attorney under the Powers of Attorney Act, 1882.
• Creation of Trust under Indian Trust Act, 1882.
• Execution of a Will under the Indian Succession Act, 1925 including any other testamentary
disposition
by whatever name called.
• Entering into a contract for the sale of conveyance of immovable property or any interest in
such property.
• Any such class of documents or transactions as may be notified by the Central Government in
the Gazette.
3. Impact of IT Act
• From the perspective of ecommerce in India, the IT Act 2000 and its
provisions contain many positive aspects.
• a. Firstly, the implication of these provisions for the e-businesses is that
email is now a valid and legal form of communication in our country
that can be duly produced and approved in a court of law.
• b. Companies are now able to carry out electronic commerce using the legal
infrastructure provided by the Act.
• c. Digital signatures have been given legal validity and sanction in the Act.
• d. The Act opens the doors for the entry of corporate companies in the
business of being Certifying Authorities for issuing Digital Signature
Certificates.
• e. The Act now allows Government to issue notification on the web thus
heralding egovernance.
• f. The Act enables the companies to file any form, application or any other
document with any office, authority, body or agency owned or controlled by
the appropriate Government in electronic form by means of such electronic
form as may be prescribed by the appropriate Government.
• g. The IT Act also addresses the important issues of security, which are
critical to the success of electronic transactions.
• The Act has given a legal definition to the concept of secure digital
signatures that would be required to be passed through a system of a security
procedure, as stipulated by the Government at a later date.
• Under the IT Act, 2000, it is possible for corporate to have a statutory
remedy in case if anyone breaks into their computer systems or network and
causes damages or copies data.
• The remedy provided by the Act is in the form of monetary damages, not
exceeding Rs. 1 crore.
Characteristics of the Information
Technology Act, 2000
• India saw its 1st cybercrime conviction. This is the case where Sony India Private Limited filed a complaint
that runs a website referred to as www.sony-sambandh.com targeting the NRIs. The website allows NRIs to
send Sony products to their friends and relatives in India after they pay for it online. The company
undertakes to deliver the products to the involved recipients. In May 2002, somebody logged onto the web
site underneath the identity of Barbara Campa and ordered a Sony colour television set and a cordless head
phone. She requested to deliver the product to Arif Azim in Noida and gave the number of her credit card
for payment. The payment was accordingly cleared by the credit card agency and the transaction processed.
After the related procedures of dues diligence and checking, the items were delivered to Arif Azim by the
company. When the product was delivered, the company took digital pictures so as to indicate the delivery
being accepted by Arif Azim. The transaction closed at that, but after one and a half months the credit card
agency informed the company that this was an unauthorized transaction as the real owner had denied having
made the purchase.
• The company had filed a complaint for online cheating at the CBI that registered a case under the
Section 418, Section 419 and Section 420 of the IPC (Indian Penal Code). Arif Azim was
arrested after the matter was investigated. Investigations discovered that Arif Azim, whereas
acting at a call centre in Noida did gain access to the number of the credit card of an American
national which he misused on the company’s site. The CBI recovered the color television along
with the cordless head phone. In this matter, the CBI had proof to prove their case so the
accused admitted his guilt. The court had convicted Arif Azim under the Section 418, Section
419 and Section 420 of the IPC, this being the first time that a cybercrime has been convicted.
The court, felt that since the defendant was a boy of 24 years and a first-time convict, a
compassionate view needed to be taken. Thus, the court discharged the defendant on the
probation for one year.
• Some , Section 67 and Section 70 of the IT Act are also applied. In this case the hackers hacks
ones webpage and replace the homepage with pornographic or defamatory page
Digital signature
• A digital signature is a mathematical scheme that validates the integrity or
authenticity of a given digital document or digital message. Digital signature
certificates are the electronic or digital equivalent of paper certificates. Digital
signature certificates validate your digital signature and for affixing digital signatures
to e-documents digital signature certificates are required. Generally certificates are
used to prove the identity of a person for particular purpose like driving license or
passport or pan card or others. Similarly digital signature certificates are used to
prove the identity of the person digitally to avail information or services on the
internet and to sign certain documents digitally.
• Class I DSC – Individuals get it for validating the email identification of the users and in
situations where risk is minimal and here the signature is stored in software.
• Class II DSC – Business organizations or individuals use this digital signature certificate to
validate the information given by the subscriber in the application against the information
available in a trusted consumer database and in other such situations where security risk is
moderate. In this case a hardware cryptographic device is used for storing the signature.
• Class III DSC – This digital certificate is directly issued by the certifying authority and it is
required that the person applying for DSC must be present at the certifying authority’s
premises and prove his/her identity in front of the authority and the security risk involved
in this case is very high. In this case also a hardware cryptographic device is used for
storing the signature.
The Necessity of Digital Signature
Certificates
• For e-filing of the income tax returns by any individual, the Government of India has made it
mandatory to affix digital signatures to the income tax returns documents.
• For affixing the digital signature one must have digital signature certificates issued by licensed
certification authority.
• In addition, Ministry of Corporate Affairs has set the mandatory guidelines for the
companies directing them to file all reports, applications and forms using a digital signature
only and this again requires a digital signature certificate.
• For GST also a company must verify its GST application by affixing a digital signature using
digital signature certificate in order to get registered for GST.
• These days many Government procedures, filling different applications, amendments and forms
require digital signatures made by using digital signature certificates.
• Applying the Signature
• 1. When you click "sign", a unique digital fingerprint (called a hash) of the
document is created using a mathematical algorithm. This hash is specific to this
particular document; even the slightest change would result in a different hash.
• 2. The hash is encrypted using the signer's private key. The encrypted hash and the
signer's public key are combined into a digital signature, which is appended to the
document.
• 3. The digitally signed document is ready for distribution.
• Verifying the Signature
• 1. When you open the document in a digital signature-capable program (e.g., Adobe Reader,
Microsoft Office), the program automatically uses the signer's public key (which was
included in the digital signature with the document) to decrypt the document hash.
• 2. The program calculates a new hash for the document. If this new hash matches the
decrypted hash from Step 1, the program knows the document has not been altered and
displays messaging alone the lines of, "The document has not been modified since this
signature was applied."
• The program also validates that the public key used in the signature belongs to the signer
and displays the signer's name.