Cyber Laws

Click to edit Master subtitle style

Monish R Chhabria Naveen Prabhu Prabhu V R Prateek Kedia 3/25/12

0911151 0911152 0911153 0911154

History of IT Act:

The Dept of Electronics (DoE) drafted the Bill in July 1998. It was then introduced in the House on December 16, 1999 when the IT Ministry was formed. The bill then went through substantial changes due to the WTO obligations Both houses then approved the bill 3/25/12 by May 17, 2000 and received

IT Act, 2000

It is the Act that provides recognition for transactions carried out by the means of electronic data interchange and other means of electronic communication, commonly referred to as electronic commerce, which involve the use of alternatives to paper based methods of communication and storage of information to facilitate electronic filing of documents with the Government agencies. It is also called Cyber Law.
3/25/12

Objectives of IT Act

To provide legal recognition for transactions:Carried out by means of electronic data interchange,

Other means of electronic communication, commonly referred to as "electronic commerce", involving the use of alternatives to paper-based methods of 3/25/12 communication and storage of

Objectives: (Cont.d)

To facilitate electronic filing of documents with the Government agencies To amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934

3/25/12

Extent of application

Extends to whole of India and also applies to any offence or contravention there under committed outside India by any person {section 1 (2)} read with Section 75- Act applies to offence or contravention committed outside India by any person irrespective of his nationality, if such act involves a computer, computer system or network located in India Section 2 (1) (a) Access means gaining entry into ,instructing or communicating with the logical, arithmetic or memory function resources of a computer, computer resource or network
3/25/12

Act is in applicable to (Scope)

(a) a negotiable instrument (Other than a cheque) as defined in section 13 of the Negotiable Instruments Act, 1881;

(b) a power-of-attorney as defined in section 1A of the Powers-of-Attorney

3/25/12

Scope (Cont.d)

(d) a will as defined in clause (h) of section 2 of the Indian Succession Act, 1925 including any other testamentary disposition

(e) any contract for the sale or conveyance of immovable property or any interest in such property;

(f) any such class of documents or

3/25/12

transactions as may be notified by the Central

Salient Features of the Act:

The Act extends to the whole of India and also applies to any offences or contraventions there under committed outside India. The Act provides to the Corporate sector by making e-mails will valid and legal form of communication that can be duly presented and approved in court of law
3/25/12

Salient Features of the Act: (Cont.d)

The Act aids the companies to carry out e-commerce Corporate will not be able to use digital signatures to carry out their transactions The Act allows the entry of Corporate sector in the by certifying Authorities for issuing Digital Signature Certificates
3/25/12

The Act enables companies legally to

Salient Features of the Act: (Cont.d)

The Act addresses the important issues of security which are so critical to the success of electronic transactions etc. The Act has defined various cyber crimes and has declared them penal offences punishable with imprisonment and fine, which is a big relief for corporates.
3/25/12

Advantages of Cyber Laws

E-mails are now valid and legal form of communication in our country that can be duly produced and approved by the court Companies can carry out ecommerce by using the legal infrastructure provided by the Act. Digital Signatures have been given legal validity and sanction in the Act.
3/25/12

IT Act also addresses the security

Advantages of Cyber Laws: (Cont.d)

Allows the Govt. to issue notifications on the web thus heralding egovernance Under the IT Act, it is now possible for corporate sector to have statutory remedy in case if anyone breaks into their computer systems or network and causes damges or copies of Data. The remedy provided under the cat in the form of Monetary 3/25/12

Digital Signatures

Means authentication of any electronic record by subscriber by means of an electronic method of procedure in accordance to provisions of Section 3 of IT Act, 2000. The authentication to be affected by use of asymmetric crypto system and hash function The private key and the public key

3/25/12

Essential steps of the digital signature process

STEP 1 The signatory is the authorized holder a unique cryptographic key pair; STEP 2 The signatory prepares a data message (for example, in the form of an electronic mail message) on a computer; STEP 3 The signatory prepares a message digest, using a secure hash algorithm. Digital signature creation uses a hash result derived from and unique to the signed message; STEP 4 The signatory encrypts the message digest with the private key. The private key is applied to the message digest text using a mathematical algorithm. The digital signature consists of the encrypted message digest, STEP 5 The signatory typically attaches or appends its digital signature to the message; STEP 6 The signatory sends the digital signature and the (unencrypted or encrypted) message to the relying party electronically; 3/25/12

Essential steps of the digital signature process

STEP 7 The relying party uses the signatorys public key to verify the signatorys digital signature. Verification using the signatorys public key provides a level of technical assurance that the message came exclusively from the signatory; STEP 8 The relying party also creates a message digest of the message, using the same secure hash algorithm; STEP 9 The relying party compares the two message digests. If they are the same, then the relying party knows that the message has not been altered after it was signed. Even if one bit in the message has been altered after the message has been digitally signed, the message digest created by the relying party will be different from the message digest created by the signatory; STEP 10 Where the certification process is resorted to, the relying party obtains a certificate from the certification service provider (including through the signatory or otherwise), which confirms the digital signature on the signatorys message. The certificate contains the public key and name of the signatory (and possibly additional information), digitally signed by the certification service provider.

3/25/12

Digital Signature Certificate:

Any person may make an application to the Certifying Authority for issue of Digital Signature Certificate. The Certifying Authority while issuing such certificate shall certify that it has complied with the provisions of the Act. The Certifying Authority has to ensure that the subscriber (i.e., a person in whose name the Digital 3/25/12

Acknowledgement of Receipt

If Originator has not specified particular methodAny communication automated or otherwise or conduct to indicate the receipt If specified that the receipt is necessary Then unless acknowledgement has been received Electronic Record shall be deemed to have been never sent
3/25/12

Where acknowledgement is not

Dispatch of Electronic record

Unless otherwise agreed dispatch occurs when ER enters resource outside the control of originator If addressee has a designated computer resource , receipt occurs at time ER enters the designated computer, if electronic record is sent to a computer resource of addressee that is not designated , receipt occurs when ER is retrieved by 3/25/12

Authentication of Records

Any subscriber may authenticate an electronic record Authentication by affixing his digital signature. Any person by the use of a public key of the subscriber can verify the electronic record.

3/25/12

Section 4- Legal recognition of Electronic Records

If any information is required in printed or written form under any law the Information provided in electronic form, which is accessible so as to be usable for subsequent use, shall be deemed to satisfy the requirement of presenting the document in writing or printed form.
3/25/12

Sections 5, 6 & 7

Legal recognition of Digital Signatures Use of Electronic Records in Government & Its Agencies Publications of rules and regulations in the

Electronic Gazette.

Retention of Electronic Records Accessibility of information, same format, particulars of dispatch, origin, destination, time stamp ,etc

3/25/12