In a first occurrence of its kind, a person was convicted by the Mumbai sessions court for life under Section 66F of ITA 2000/8.
The accused, one Anees Ansari had been arrested in October 2014 and was planning to attack an American school in Bandra with a thermite bomb.
Naavi
At a time there are discussions about ITA 2000 being revamped and replaced with a new version of a Digital India Act, a major amendment has been made to the ITA 2000 through a Gazette Notification
Though this appears to be a small notification, it significantly expands the applicability of the ITA 2000.
Presently Schedule I of ITA 2000 lists the following 5 types of documents to which the act does not apply:
The Modified Schedule I states as follows:
Implications
The type of documents mentioned in this schedule are excluded from the applicability of the Act. Since the Act includes section 4 on “Recognition ” of documents as equivalent to paper documents, those documents omitted from the Act through this schedule have no legal recognition in electronic form.
The documents which are “Excluded” from Schedule I are within the provisions of the Act and will carry legal recognition.
Hence when Schedule I stated “Negotiable Instrument” as an excluded item in the original ITA 2000, it meant that Cheque, Bill of Exchange and Promissory Note in electronic form were not recognised in law. In February 2003, Negotiable Instruments Act 1881 was amended to introduce Truncated Cheques and Cheques in Electronic form. Simultaneously the Schedule I of ITA 2000 had been amended to include the words (Other than the cheque) in item 1. Hence Cheques in electronic form and Truncated cheques (scanned form of written cheques) were considered legally equivalent to the corresponding physical instruments.
With this amendment, a class of one class of Demand Promissory Notes and Bill of Exchange namely those
” Issued in favour of ” or “Endorsed by”
“an entity regulated by” RBI, NHB, SEBI, IRDAI, Pension Fund Regulatory and Development Authority (PFRDA)
have been brought into the category of legally valid electronic documents.
However, Demand Promissory Notes and Bills of Exchange issued or endorsed by other entities still remain outside the Act. Similarly a Promissory Note which is not a “Demand Promissory Note” (Payable after a date of maturity) could be considered as not a “Demand Promissory Note under this schedule” (Subject to interpretation).
If an instrument (Bill of Exchange or Promissory Note has been issued by an entity other than the privileged entities mentioned in the schedule, if “Endorsed” by a privileged entity (RBI, SEBI, NHB, IRDAI, PFRDA etc) becomes legally recognized.
This part of the impact of this amendment (A Midas touch !) appears to be legally debatable and provides an authority to these agencies to give a “recognition as a negotiable instrument” to an instrument which was earlier not a negotiable instrument (A document which by wording was a promissory note or bill of exchange but expressed as an electronic document).
This notification requires an amendment of NI Act to introduce a new category of instruments as Negotiable Instruments under Section 13 of NI Act.
We must remember that the Negotiable Instruments Act does not end with the definition of Promissory Note, Bill of Exchange and Cheque under Sections 4, 5 and 6 read with Section 13.
A Negotiable Instrument is characterised by the property of being able to create a “Holder in Due Course” which incorporates the principles of “Indorsement” and “Delivery”. It involves “Possession” of the instrument, and transfer of possession with an intention to make the transferee, owner there of. The definition of an “Indorsement” under Section 15 of NI act itself is dependent on “Signing on the back of the cheque or on a piece attached thereto (allonge)”.
Concept of “Endorsement” of an Electronic Promissory Note or Bill of Exchange (as per the schedule I) is therefore inconsistent with NI Act.
Further Bills of Exchange are documents which are compulsorily required to be stamped and an instrument in electronic form but considered as Bill of Exchange needs further changes in other laws.
A Bill of exchange is also associated with concepts of “Presentment” and “Acceptance” to determine the due date and “Presentment” involves “Delivery” and hence in an electronic form, there are several other issues which need to be taken together to interpret an electronic negotiable instrument and how it can be used.
“Holder’s Right to a duplicate Bill” also may create a conflict when electronic copies may be available of the Bill.
The Government appears to have not considered the impact of this notification on Negotiable Instruments Act and whether a new class of negotiable instruments can be created through a notification under ITA 2000 instead of an amendment to NI Act.
In other words, it can be argued that this notification is ultra vires the NI Act
Again, the amendment to the notification regarding Power of Attorney creates a category of Powers of Attorney that empower the privileged entities namely the RBI, NHB, SEBI ,IRDAI and PFRDA.
This could have been better addressed through an amendment of the Power of Attorney Act.
It is also surprising that TRAI (which may be replaced by a new Telecom Regulator) is missing from the list of privileged institutions.
The removal of serial item number 5 opens up the use of electronic documents in transactions involving immovable properties and transfer of interest there-in. This introduces a serious element of Fraud risks in registration of property documents since many of the practices used by the Registration department donot meet the security and legal requirements of authentication and evidentiary recording of the transactions.
In summary it appears that the Notification has not taken into consideration the legal validity of the notification and the new risks that will introduce on the community.
Criminals will now focus on how to get properties transferred in the Registrar’s office without a genuine authentication from the erstwhile owners and there will be a chaos in the real estate market bigger than the Telgi Scam.
I wish the Government re-thinks on this notification to avoid the complications.
Naavi
FDPPI and Naavi.org successfully celebrated the virtual event to celebrate the Digital Society Day 2022, on October 17, 2022. A Brief report of the event is presented below.
The event started with a brief welcome from T C Manju, Consultant Operations, FDPPI. This was followed by Naavi introducing the importance of the day and also introducing the FDPPI and its activities briefly.
This was followed by a talk from Mr Rakesh Maheshwari, Senior Director, MeitY on his experiences regarding ITA 2000 particularly in the implementation of the Intermediary guidelines.
This was followed by Dr (Advocate) Pavan Duggal who shared his reminiscences on ITA 2000. Dr (Advocate) Prashant Mali followed with his views and suggestions on ITA 2000.
This was followed by a brief presentation by Naavi on the concept of Compliance Management Rating (CMR) for CERT-IN and ITA 2000 compliance.
There after a panel consisting of Commander Mukesh Saini, Dr A Nagarathana, Dr Mahendra Limaye and Advocate M G Kodandaram discussed the relevance of ITA 2000 in the current regulatory scenario.
In the valedictory session, Commander Rajeev Seoni, presented a summary and his views on the proceedings. A Lucky draw was held for the participants who attended the program and three persons were chosen by a spinning wheel draw and they will be sent FDPPI T-Shirts.
Vote of Thanks was provided by Ashok Kini, Co-Founder Klickstart.
Some of the pictures captured during the event are provided below.
 |
 |
 |
 |
 |
 |
 |
 |
 |
We thank all those who made the event a success.
A link to the recording is available here.
Naavi
We in India remember August 15 as our Independence day. We also remember January 26 as our Republic Day. Similarly October 17 is a day to remember as the day when a legally recognized Digital Society was born in India.
On October 17, 2000, the Information Technology Act 2000 (ITA 2000) was notified and legal recognition was provided to electronic document, digital signature, electronic contracts. With this and other provisions of ITA 2000, a new society which uses electronic documents for communication became legally acceptable to the judicial system in India.
Without ITA 2000, an e-mail or a website or an SMS or a WhatsApp message would not be considered as a document equivalent to a document. An offer and an acceptance in electronic document would not constitute a valid contract. We were virtually living in a “Digital Jungle Raj” before October 17, 2000.
Today, we have our Supreme Court and Parliament streaming its proceedings in Court, Parliament , Companies conducting Board Meetings and AGM on line, Digital Contracts being matters of routine, Virtual surgeries tackling matters of life and death all with an assurance of legal recognition. WhatsApp have been accepted as valid method of sending Court notices and digital money has become the order of the day. We could now move to another world of Meta Verse and humanoid robots in the coming days. Internet has become more a serious world of business and Governance and not remained only a world of fun.
Today’s Digital India therefore owes its existence to the fundamental legal changes that ITA 2000 brought to our society. Irrespective of the amendments made or to be made October 17 will for ever remain as the day to remember because of the tectonic shift that occurred this day in the year 2000.
Naavi has been therefore conducting events on October 17 trying to focus on the importance of the day. This year India is getting ready for an overhaul of Digital India regulations. The new Telecom Bill has already been up for discussion. The new Personal Data Protection Bill could be open for public comments soon and discussions on substantial amendment of ITA 2000 could follow.
To remember the day, Naavi.org and FDPPI have organized a webinar and brought together Veterans of ITA 2000 to share their thoughts on how ITA 2000 has evolved over the last 22 years and how it is likely to move further.
The webinar would start at 4.00 pm today (October 17, 2022) on the virtual place, here
You can all participate in this celebration courtesy FDPPI and its supporting members Klickstart Business Solutions & Services LLP and Maruti Quality Management Services.
Look forward to meeting you to celebrate the Digital Society Day of India 2022.
Naavi
In the Privacy domain, the “Employee Privacy” is one aspect of Privacy Management that often has a direct conflict with the Data Protection Compliance regime.
Under GDPR we have seen that Courts and Supervisory authorities have ruled that even an employee who uses “Customercare@company.com” email for personal communication is entitled to privacy rights.
Recently a case has also been reported from Illinois, the freight comapny BNSF Railway Co has been ordered to pay a compensation of $228 million in a class suit on behalf of its employees.
The decision handed Wednesday evening in Chicago federal court, came after the first trial under the Illinois Biometric Information Privacy Act (BIPA), a state law which restricts collection of biometric data like fingerprints or retinal scans.
The plaintiff, on behalf of himself and a class of other truck drivers, claimed he was fingerprinted when he entered BNSF’s railyards to make pickups and deliveries and that BNSF violated Section 15(b) of the BIPA by collecting his biometric data without first giving him written notice and obtaining his informed consent.
This decision could mean that the employees of an organization may enforce Privacy rights on par with the public.
A majority of Data Protection Professionals are themselves employees of an organization and hence they would welcome this development. So would be the Privacy Activists.
However, to be fair to all stake holders we need to question this decision of the Illinois Court (as reported in the media).
Employees are privileged persons within an organization. Law recognizes that any errors and omissions of an employee may create a vicarious liability on the organization. Employees work under a long term contract built on trust. They create the security systems within an organization and can collaborate with criminals to harm the organization and its third party customers.
Hence there is a need to enforce from security perspective of the company and its customers a strict regime of surveillance on the activities of the employees.
Hence having CCTVs inside an organization, monitoring the computer activity as well as collecting and using biometrics should be considered as “Legitimate Interest of an Organization” and should not be considered as “Privacy Violation”.
What may be required is an assurance based on a higher level of information security so that the employee information collected for a specific purpose of employment is not misused. Using the information to monitor employee behaviour from the perspective of security is however an exception.
Some Data Protection laws like the PDPB 2019 did provide “Exemptions” from Consent for employee monitoring activities required for performance assessment and fraud prevention.
The Illinois case could be one coming under such a requirement where the company wanted only authorized persons to enter the goods yard. Similarly the GDPR case in which an employee misusing the corporate email account for personal use had specifically violated the terms of contract. In such cases there should be no enforceable right to privacy.
It is for this reason that we advocate that “Employee Privacy” should not be equated to “Privacy of Non Employees”. Employees should be informed enough to provide their consent and understand the need for security to give up the special privileges that comes with the Privacy.
If this right of the employer is not recognized, then employees may tomorrow claim that they will work under pseudonymous ID or even anonymous ID and receive their salaries through Bitcoins and in principle they will have a case to justify.
We must therefore consider that “Employees of an organization are privileged persons and in respect of the personal data shared by them with the company in their capacity as employees should be exempt from provisions of prior Consent (except at the time of onboarding), Rights of Portability, Right to forget. They may continue to enjoy Right to access and Right to Correction.
Comments and views are welcome.
Naavi
