Recommendations made by the Group of Professionals attending the Computer
Society of India, Chennai Chapter’s “Discussion on Proposed Amendments to
ITA-2000”, held on 13th September 2005 at Chennai.
- The CSI Group welcomed
that five years after the passage of the Information Technology Act 2000
(ITA-2000), an attempt has been made for a comprehensive review of the
Act based on the experiences of the Community over this period. The
Group also acknowledged that ITA-2000 was an attempt to provide legal
framework for E-Commerce which also recognized that E-Commerce growth
required a Trusted business environment which in turn depended on an
effective mechanism to fight Cyber Crimes. The group therefore welcomed
that the attempt made while drafting ITA-2000 to define offences and
contraventions, prescribe penalties and punishments and also introduce a
speedy grievance redressal system through adjudicators. The Group
expressed its view that the amendments should continue to reflect this
basic spirit of the Act to establish a Trusted Cyber Society in which
E-Commerce can flourish.
- The Group welcomed
the proposed attempt to introduce flexibility to the system of
authentication of Electronic Documents by defining the concept of
“Electronic Signatures” within which the existing “Digital Signature”
system would be one of the kind. The group expressed its view that a
proper evaluation system should be established to consider and approve
any new technologies that may become available in this respect and
professional bodies such as Computer Society of India and others should
be involved in such evaluation.
- The Group felt
strongly that the time available for submission of comments is grossly
inadequate for a larger participation of the stake holders in the
debate. It was felt that Computer Society of India would like to conduct
discussion meets of the type held in Chennai at least in Delhi, Kolkata,
Bangalore, Hyderabad and Mumbai. It was therefore decided to request
that the time for submission of the public comments should be suitably
extended by at least one more month.
- The Group noted that
the deletion of Section 80 redrafting of Section 66 and reduction of the
term of imprisonment under Section 66 had made Police irrelevant for
Cyber Crime prevention. Since it was felt that a strong set of laws with
adequate deterrence was a prerequisite for E-Business growth, the Group
requests that it is necessary to review some of these provisions.
In particular, it is suggested that
a) Since
the earlier draft of Section 66 recognized “ injury to information
residing inside a computer by any means as a cognizable offence and was
able to cover most of the Computer related crimes”, the present version of
the section has a much narrower coverage and this needs to be set right.
b)
Section 80 of the Act before amendment gave only limited powers to the
Police for Search and Arrest without warrant only in public places and the
need for this provision is greater in the context of most of the offences
being considered as non cognizable in the proposed amendment.
- The Group noted that
through several amendments under Sections 79, 67 and 72,
“Intermediaries” have been provided protection from vicarious
liabilities for Cyber Crimes and responsibility to protect privacy of
individuals. In the light of the need for promoting better security
practices by intermediaries and ensure their support to the law
enforcement for fighting cyber crimes, the Group requests that the
proposed amendments concerning grant of protection to intermediaries is
reviewed.
- The Group expressed
reservations on the amendments made to Section 67 diluting the
punishments as well as the provisions of Section 72 which placed hurdles
in the procedures for lodging of complaints by women and requests that
the provisions are made more sensitive to the needs of women to be
protected from abuse through Internet.
- The Group felt that
several important concerns of the society such as Spam, Cyber Terrorism,
Cyber Squatting, Cyber Stalking cannot be ignored at a time when a major
revision of the Act has been undertaken and without addressing these
requirements, the exercise of reviewing the Act would not be meaningful.
- In order to achieve
the above objectives and also respect the current mandatory provision in
the Act under Section 88, the Group expressed the need for the “Expert
Committee’s report” to be sent to the Cyber Advisory Regulation
Committee for its views and recommendations.
- The Group discussed
the pros and cons of detailed specifications as against flexible broad
definitions in respect of algorithms, security practices, terms such as
“private area of an individual” etc. Though the Group could not come to
a decisive suggestion in this regard, it was felt that efforts are to be
made to maintain a fine balance in this regard between the Act and the
Rules.
- The Group recognized
the difficulties posed by technology in the adjudication process and
expressed its strong view that the Adjudicators should be mandated to
incorporate an Expert Consultancy system similar to the Jury system
while conducting enquiries and such experts should be drawn from the
public – Academic Experts and Professional Society members.
- The Group recognizes
the critical role played by the IT Industry in the National Economy and
its role is projecting India in to the category of “Developed Nations”
in the Global scenario and suggests that the sector could be well
recognized as an Essential Service driven one at all levels.
- Consequently, the
Group takes note that the information Sector is vulnerable to errors by
default due to complexity of operations both in its software and
hardware constituents and also in the human-machine interfaces
essential for the applications of varied complexity. The curiosity of
the human operator and even the criminal intentions aroused by virtue of
the value of the commodity that flows through “Information” are
factors that need to be held at bay by self driven and even externally
imposed vigilance and punitive measures.
- The Group also
recommends that there must be a system of Registration of
INTERMEDIARIES who allow access to the Internet and also other networks
for the public at large .They should be responsible for complying with
the IT Regulations through a system of providing audit trail or logging
of all customers to be accountable even for their non involvement in a
crime reported.
- Privacy Violations
brought about by Voluntary or forced means resulting in Obscenity or
exhibitionism may be defined by a term other than as Privacy which has
all along meant Privacy of Information of a personal nature with
provisions of Rights and privileges. Such Violations are to be made
gender neutral.
|