Today I came across an interesting observation related to Government Gazette Notifications issued in electronic form.
The notifications are signed by different officials of a department authorized to issue a direction. The PDF files issued as Gazette Notifications are however signed by an official such as “SURENDER MAHADASAM”.
The digital certificate is issued by (n)code Solutions CA 2014 valid at the time of signing and notes that Mr Surender Mahadasam is carrying an email surender.mahadasam@gov.in, Directorate of Printing, Government of India Press.
This practice of digitally signing the Gazette Notification by the publication department and not the original signatory of the electronic record raises an important legal issue of how the content of the electronic record may be considered authenticated.
It is my suggestion that the Publication department must add a certificate of assurance that
” I Certify that this is a faithful reproduction of a signed paper document with the authenticated signature of the relevant authorized person authorised to issue this notification and has been produced using the SOP…….. of the Department of Publications and may be considered as a True Copy”.
Though this certification may not exactly meet the Section 63 of BSA 2023, the SOP referred to which needs to be developed can contain narration that meets the requirements of Section 65B of IEA upto 30th June 2024 and Section 63 of BSA2023 there afterwards.
This procedure is directly related to Naavi63 certification suggested by the undersigned for validation of Consents under DPDPA 2023. (Refer Rule 2(1) (f) of the draft).
P.S: Naavi63 is a system where the online privacy notice confirmed by a data principal is authenticated by a repository owner (eg: CEAC Dropbox), though this is a private offering and not a Government function.
Comments invited from Cyber Law Specialists.
Naavi