Auditing of Documents- Information Technology Act 2000 Amendment
[P.S: Comments made here in are the first reactions based on the Bill.
Further developments in the form of rules and notifications are awaited..
Naavi ]
The amended Information Technology Act (ITA 2008) has brought a
significant change in the E-Governance related provisions in the Act.
The Government of India has taken several initiatives in e-Governance and
in the interest of the Citizens there is a need for legal enablement of
these services.
In ITA 2000, enablement of e-Governance had been provided through sections
6, 7 and 8. In ITAA 2006, a new section Section 6A had been proposed. Now
on the recommendations of the Standing committee, section 7A has also been
added.
Section 6A is meant to enable use of private sector service providers in
e-Governance and states as under:
6A: Delivery of Services by Service
Provider (Inserted vide ITAA-2000)
(1) The appropriate Government may, for the
purposes of this Chapter and for efficient delivery of services to the
public through electronic means authorise, by order, any service provider
to set up, maintain and upgrade the computerised facilities and perform
such other services as it may specify, by notification in the Official
Gazette.
Explanation:
For the purposes of this section, service provider so authorised
includes any individual, private agency, private company,
partnership firm, sole proprietor form or any such other body or
agency which has been granted permission by the appropriate
Government to offer services through electronic means in
accordance with the policy governing such service sector.
(2) The
appropriate Government may also authorise any service provider
authorised under sub-section (1) to collect, retain and appropriate
service charges, as may be prescribed by the appropriate Government
for the purpose of providing such services, from the person
availing such service.
(3) Subject to
the provisions of sub-section (2), the appropriate Government may
authorize the service providers to collect, retain and appropriate
service charges under this section notwithstanding the fact that
there is no express provision under the Act, rule, regulation or
notification under which the service is provided to collect, retain
and appropriate e-service charges by the service providers.
(4) The
appropriate Government shall, by notification in the Official
Gazette, specify the scale of service charges which may be charged
and collected by the service providers under this section:
Provided that
the appropriate Government may specify different scale of service
charges for different types of services.
This section is important for the legal
enablement of several services already introduced by different Governments
which were capable of being questioned for legal validity.
Perhaps an enablement for giving retrospective
effect to this section could have been in order.
Section 7A is of even greater significance and
states as under
7A Audit of
Documents etc in Electronic form
Where in any law for
the time being in force, there is a provision for audit of documents,
records or information, that provision shall also be applicable for audit
of documents, records or information processed and maintained in
electronic form
This section now makes it mandatory for the
Government to get all the electronic documents audited. While one can
appreciate the need for this provision felt by the standing committee, we
need to also understand the enormity of this responsibility. The huge
volumes of records held by the Government under e-Governance projects make
it near impossible for an audit to be conducted in the traditional fashion.
It is not possible for an auditor to look at a document and check if it is
the same which was there the previous year. There is a need for technical
enablement of such comparison through a recording of hash values of all
files stored as a part of the e-Governance process. These hash tables need
to be archived and digitally signed by the auditors as a part of their
audit process.
In some cases of e-Governance, it may not be
possible to comply with this provision fully in respect of legacy
documents. There would be a need therefore for giving a prospective effect
to this provision.
This is an interesting opportunity for the IT
industry which needs to come out with necessary solutions. Naavi would be
keen to work with an IT Company for the development of this CyLawCom
product and invite proposals from interested parties.
Naavi
December 28, 2008
Other Articles on ITA 2008
