CAclubIndia LogoBooks
Academy Books Coaching CCI PRO My Orders

Law Relating to Information Technology

Share this course:

Book Details

CONTENTS

Chapter 1—Information Technology-Electronic Commerce—An Introduction

1.1 Introduction 1
1.2 Information Technology Act based on UNCITRAL Model Law on Electronic Commerce 2
1.3 Electronic communication and storage of information 2
1.4 Internet as a technology 4
1.5 Computer communication-TCP/IP communication protocols 6
1.6 Internet operation 8
1.7 Internet Service Provider (ISP) 8
1.8 Client/server computing 9
1.9 Internet application service 10
  • 1.9.1 Electronic mail (E-mail)
 10
  • 1.9.2 File transfer
 10
  • 1.9.3 WWW or Web
 11
1.10 Internet-e-commerce 11
  • 1.10.1 Data protection in e-commerce
 12

Chapter 2—Electronic Data Exchange (EDI) and Electronic Commerce (E-Commerce)

2.1 Introduction 13
2.2 Electronic commerce 14
2.3 Electronic commerce-Application 15
2.4 Electronic commerce-Application-Aspects 16
  • 2.4.1 Electronic commerce-Application-Doing business
 16
2.5 Electronic data interchange (EDI) 17
2.6 Electronic payment 19
2.7 Confidentiality, integrity and authenticity of transactions 19
2.8 Electronic commerce Indian law 20

Chapter 3—Information Technology-UNCITRAL Model Law

3.1 Introduction 22
3.2 UNCITRAL Model Law Objective and scope 23
3.3 UNCITRAL Model Law-Scope 24
3.4 UNCITRAL Model Law-Structure 25
3.5 UNCITRAL Model Law-Approach (Functional equivalent) 25
3.6 UNCITRAL Model Law-Application of legal requirements of data message 26
3.7 UNCITRAL Model Law – Communication of data message,concept of agreement 27
3.8 UNCITRAL Model Law on Electronic Signatures (2001) 28

Chapter 4—Information Technology Act-an Overview

4.1 Introduction 30
4.2 Electronic Commerce-Better way of doing business 30
4.3 Information Technology Act-Key elements 31
4.4 Information Technology Act-Certification and monitoring 32
4.5 Information Technology Act-Filing of documents with Government agencies 33
4.6 Information Technology Act-Prevention of Crimes 33
4.7 Information Technology Act-Security of data 33
4.8 Information Technology Act Scheme 34

Chapter 5—Information Technology Act-Scope

5.1 Introduction 39
5.2 Object 39
5.3 Applicability 40
  • 5.3.1 Commercial – meaning
 40
5.4 Applicability-Exceptions 41
  • 5.4.1 Negotiable instrument
 42
  • 5.4.2 Will
 43
  • 5.4.3 Trust
 44
  • 5.4.4 Power of attorney
 44
5.5 Contract for the sale or conveyance of immovable property 44
  • 5.5.1 Immovable property-Sale
 45
  • 5.5.2 Immovable property Conveyance
 45
  • 5.5.3 Immovable property-Contract for sale or conveyance
 46

Chapter 6—Electronic Signature and Digital Signature

6.1 Introduction 47
6.2 Handwritten signatures-functions 47
  • 6.2.1 Digital signature Functions
 48
6.3 Authentication – meaning 49
6.4 Signature Meaning 50
  • 6.4.1 Variants of signature
 51
  • 6.4.2 Test for “signature� – intention to authenticate
 51
6.5 Signature-writing 52
6.6 Signature Functions and Legal significance 53
6.7 Signature-Non est factum 54
6.8 Signature Attributes 56
6.9 Signature-Affixing 56
6.10 Digital signature 57
6.11 Digital signature-cryptography 58
  • 6.11.1 Digital signature-“asymmetric cryptography� (Public Key Cryptography )
 59
  • 6.11.2 Hash Function
 61
6.12 Digital signature-creation 62
6.13 Digital signature-Verification 62
  • 6.13.1 Digital signature certificate to verify digital signature
 63
  • 6.13.2 Verification of digital signature certificate
 64
  • 6.13.3 Digital certificate-Public Key Infrastructure (PKI)
 64
6.14 Summary of the digital signature process 65
6.15 Digital signature-Legal purpose 67
6.16 Electronic Signature 68
6.17 Electronic signature and digital signature-distinction 70
6.18 Electronic signature as defined under Information Technology Act 71
  • 6.18.1 Reliability of authentication technique
 71
6.19 Authentication technique as specified in Second Schedule 72
  • 6.19.1 The procedure for e-authentication technique using Aadhaar or other e-KYC services is as follows:
 72
  • 6.19.2 Procedure for e-authentication technique and procedure for creating and accessing subscriber’s signature key facilitated by trusted third party
 73
6.20 Secure electronic signature and secure electronic record 74
  • 6.20.1 Evidentiary presumption
 74
  • 6.20.2 Secure electronic records
 74
  • 6.20.3 Secure digital signature
 75

Chapter 7—Electronic Governance

7.1 Introduction 77
7.2 Paperless trading conducted through computers 78
7.3 Electronic Governance rules as provided under Chapter III 79
7.4 Electronic records-Legal recognition 79
7.5 Electronic signature – legal recognition 80
7.6 Legal recognition of electronic form of dealing 81
7.7 Electronic record and electronic signature-Use in Government and its agencies 82
7.8 Delivery of services by service provider 83
  • 7.8.1 System and notification of Electronic Service Delivery
 83
  • 7.8.2 Responsibility of service provider for financial management and accounting
 84
  • 7.8.3 Audit of the Information System and Accounts
 85
7.9 Retention of electronic records 85
7.10 Publication of rules and regulations in Electronic Gazette 87
7.11 Electronic documents Acceptance-Restriction of rights 87
7.12 Rules in respect of electronic signature 87
7.13 Validity of contracts formed through electronic means 87
7.14 Digital Signature-Certifying Authorities Rules-Manner of creation and verification 88
7.15 EDI messages – “functional-equivalent� approach 91

Chapter 8—Contract Formation

8.1 Introduction 93
8.2 Indian Contract Act, 1872-Some features 94
  • 8.2.1 Contract-Valid agreement, ingredients
 94
  • 8.2.2 Contract ingredients-Free consent
 94
  • 8.2.2a Coercion
 94
  • 8.2.2b Undue influence
 95
  • 8.2.2c Fraud
 95
  • 8.2.2d Misrepresentation
 96
  • 8.2.2e Mistake
 96
  • 8.2.3 Lawful consideration and object
 96
  • 8.2.4 Void agreements
 97
  • 8.2.5 Contract –Legally enforceable
 97
  • 8.2.5a Capacity to contract
 97
  • 8.2.5b Intention to contract
 97
  • 8.2.5c Consensus ad idem
 97
  • 8.2.5d Valuable consideration
 97
  • 8.2.5e Legality of purpose
 98
  • 8.2.5f Certainty of purpose
 98
  • 8.2.6 Contract Place where concluded
 98
8.3 Electronic contract Formation and validity 98
8.4 Electronic contract formation-UNCITRAL Model Law 99
8.5 Information Technology Act—Formation of contract and communication of data message 100

Chapter 9—Electronic Records-Attribution, Acknowledgement and Dispatch

9.1 Introduction 101
9.2 Attribution of electronic records 101
9.3 Acknowledgement of receipt 102
9.4 Time and place of despatch and receipt of electronic records 103
  • 9.4.1 Entry in the computer resource
 103
9.5 Place of business and not the location of computer resource,relevant 103

Chapter 10—Regulation of Certifying Authority

10.1 Introduction 104
10.2 Controller of Certifying Authorities – Appointment 105
10.3 Controller of Certifying Authorities-Functions 105
  • 10.3.1 Database of the disclosure record
 106
10.4 Licence to issue electronic signature certificate 107
  • 10.4.1 Application by any person
 107
  • 10.4.2 Performance bond-furnishing of
 108
  • 10.4.3 Application-submission
 109
  • 10.4.4 Application-manner of making
 110
10.5 Licence grant (or rejection)-procedure 111
10.6 Grant of licence, conditions 113
10.7 Licence-renewal 117
10.8 Licence-suspension or revocation 117
  • 10.8.1 Satisfaction of the Controller
 118
  • 10.8.2 Reasonable opportunity of showing cause
 118
  • 10.8.3 Incorrect or false statement
 120
  • 10.8.4 Failure to comply terms and maintain standards
 121
  • 10.8.5 Contravention of the provisions
 121
10.9 Licence suspension 121
10.10 Licence, revocation or suspension, notice of 122
10.11 Recognition of foreign certifying authorities 122
10.12 Controller of Certifying Authorities-Powers 122
10.13 Controller’s powers like the powers of the Income-tax authorities 122
10.14 Controller not a court 124
10.15 Access to computer data 126
  • 10.15.1 Reasonable cause to suspect contravention
 126
  • 10.15.2 Access for the purpose of search
 126
10.16 Cyber Regulation Advisory Committee-Constitution and functions 127
10.17 Fee 128
  • 10.17.1 Controller of Certifying Authorities-Grant of licence,form of application
 128
  • 10.17.1a Controller of Certifying Authorities-Grant of Licence-Criteria
 130
  • 10.17.1b Controller of Certifying Authorities-Grant of Licence-Issue
 130
  • 10.17.2 Controller of Certifying Authorities-Grant of licence,conditions
 132

Chapter 11—Certifying Authority-Role, Functions and Duties

11.1 Certifying Authority—Role and functions 153
11.2 Certifying Authority -Duties 155
11.3 Certifying authority to follow certain procedures [section 30] 156
11.4 Certifying authority providing reliability in its services [clause (b) of section 30] 156
11.5 Secrecy and privacy of the electronic signatures [clause (c) of section 30] 160
  • 11.5.1 Disclosure of digital certificate
 164
  • 11.5.2 Disclosure of certification practice statement
 164
  • 11.5.3 Disclosure of revocation and suspension of certificates
 164
  • 11.5.4 Disclosure of facts affecting -reliability
 165
11.6 Communication of compromise of Private Key 165
11.7 Notification to party affected by adverse event 165
11.8 Certifying authority–ceasing to act as such notification to Controller 166
11.9 Audit of operation 167

Chapter 12—Confidentiality of Information

12.1 Introduction 168
12.2 Confidential information 169
  • 12.2.1 Information having necessary quality of confidence about it
 170
  • 12.2.2 Information communicated in circumstances importing an obligation of confidence
 172
  • 12.2.3 unauthorized use to the detriment of the party communicating it
 174
12.3 Confidential information – Information Technology Act 174
12.4 Breach of confidence 175
  • 12.4.1 Breach of confidence even if no contract
 176
12.5 Confidential information—Obligation of employee 176
12.6 Confidentiality of trade secret 178
  • 12.6.1 Doctrine of “spring board�
 180
12.7 Confidentiality–Data protection and right to privacy(fundamental right) 182
  • 12.7.1 Data Protection right and right to privacy – distinction
 183

Chapter 13—Digital Signature Certificates

13.1 Introduction 185
13.2 Digital signature certificate 185
13.3 Digital signature certificate -Purpose 185
13.4 Digital signature certificate -Issue of 186
  • 13.4.1 Proforma for application
 187
  • 13.4.2 Requirement of rules
 187
13.5 Generation of digital signature certificate 189
13.6 Digital Signature Certificate -Fees for issue of 189
13.7 Digital signature certificate -Attributes 190
13.8 Digital certificate – Contents 190
13.9 Digital signature certificate -digitally signed 191
13.10 Digital signature certificate – representations 191
13.11 Digital signature certificate – lifetime 192
13.12 Digital signature certificate—archival of 193
13.13 Digital signature certificate -suspension 193
  • 13.13.1 Public interest-meaning
 193
13.14 Digital signature certificate -Revocation 194
  • 13.14.1 Compromise of digital signature certificate
 194
  • 13.14.2 Misuse of the digital signature certificate
 195
  • 13.14.3 Misrepresentation or errors in digital signature certificate
 195
13.15 Other grounds for revocation 195
  • 13.15.1 Opinion of the certifying authority
 196
  • 13.15.2 Material facts false
 196
  • 13.15.2a Material facts concealed
 197
  • 13.15.3 Non-satisfaction of requirement issuance of digital signature certificate
 198
  • 13.15.4 Compromise the security system or the private key
 198
  • 13.15.5 Revocation - Opportunity of being heard
 198
  • 13.15.6 Revocation Communication to subscriber
 198
  • 13.15.7 Revocation or suspension-Notice of
 199

Chapter 14—Subscriber Duties

14.1 Introduction 200
14.2 Subscriber duty 200
14.3 Digital certificate Subscriber representation 201
14.4 Communication of compromise of Private Key 201
14.5 Digital certificate Subscriber obligations 201

Chapter 15—Information Security

15.1 Introduction 203
15.2 Information security - Meaning 203
15.3 Information security-Risk elements 203
15.4 Unauthorised access 204
15.5 Unauthorised use of computer system - Hacking 205
  • 15.5.1 Network hackers
 205
  • 15.5.2 Crackers
 205
15.6 Virus incidents 206
  • 15.6.1 Viruses
 206
  • 15.6.2 Worms
 206
  • 15.6.3 Trojan horse
 207
  • 15.6.4 Logic bomb
 207
15.7 Unauthorised disclosure of information 207
15.8 Denial of service 208
15.9 Information security Measures 208
15.10 Secure Sockets Layer (SSL) 209
15.11 Security measures 210
  • 15.11.1 Security - Object-wise
 211
  • 15.11.2 Security - Risk management approach
 212
  • 15.11.3 Security – Identification and classification of risks
 212
  • 15.11.4 Security - Physical and operational security and information security
 212
  • 15.11.5 information management
 213
  • 15.11.6 System integrity
 213
  • 15.11.7 Security Audit
 215
  • 15.11.8 Security - Other measures
 215

Chapter 16—Penalties, Compensation and Adjudication

16.1 Introduction 216
16.2 Offence - Civil and criminal action 216
16.3 Penalty – General concepts 217
  • 16.3.1 Penalty is quasi-criminal
 219
  • 16.3.2 Penalty - Quantum depends on gravity of offence
 220
16.4 Penalty and compensation for the damage caused to computer,computer system, or computer network 220
  • 16.4.1 Any person
 223
16.5 Offences committed if the access or modification is unauthorised 223
  • 16.5.1 Computer
 224
  • 16.5.1a Computer - data processing device
 224
  • 16.5.1b Data includes information which is stored or processed in a computer
 224
  • 16.5.1c Information is processed data
 225
  • 16.5.2 Computer system
 226
  • 16.5.3 Computer network
 226
16.6 Penalty - Damages by way of compensation 227
  • 16.6a Person’s liability to pay damages
 228
16.7 Penalty - Unauthorised access 228
  • 16.7.1 Unauthorised excess would simply mean hacking
 229
  • 16.7.2 Unauthorised access by employees
 230
16.8 Penalty - Unauthorised downloading, copying, etc. 231
  • 16.8.1 Data
 231
  • 16.8.2 Database
 232
  • 16.8.3 Information
 232
16.9 Penalty for disruption of computer functionality (other offences than unauthorised access) 232
16.10 Penalty—Introduction of computer contaminant or virus 233
16.11 Penalty for damage, disruption computer or denial of service 234
16.12 Penalty Denial of access (denial of service) 235
16.13 Penalty Facilitating access in contravention of the Act 236
16.14 Penalty for destruction computer resource 236
16.15 Penalty for stealing computer source code 236
16.16 Penalty for failure to furnish information and return 236
  • 16.16.1 Failure should be deliberate
 237
16.17 Penalty - Contravention of rules and regulations 237
  • 16.17.1 Whoever contravenes
 237
16.18 Compensation for failure to protect data 238
16.19 Penalty – Adjudication 239
  • 16.19.1 Reasonable opportunity for making representation
 240
  • 16.19.2 Satisfaction of the adjudicating officer
 240
  • 16.19.3 As the adjudicating officer thinks fit
 241
16.20 Factors taken into account for determining quantum 241
  • 16.20.1 Shall have due regard
 241
  • 16.20.2 Factor - Unfair advantage quantification
 242
  • 16.20.3 Factors - Loss caused
 242
  • 16.20.4 Factor Repetitive nature of default
 242
16.21 Adjudicating officer - Powers 242

Chapter 17—Appellate Tribunal

17.1 Introduction 244
17.2 Appeal to Appellate Tribunal 244
17.3 Appeal- Meaning 245
17.3.1 Appeal in the nature of rehearing 245
17.4 Preferring Appeal 246
  • 17.4.1 Appeal preferring - Time limit
 246
  • 17.4.2 Sufficient cause
 246
17.5 Any person aggrieved 248
  • 17.5.1 Interim order not appealable, though party “aggrieved�
 249
17.6 Appellate Tribunal- Order 249
  • 17.6.1 Order- Meaning
 249
  • 17.6.2 Pass order thereon
 250
  • 17.6.3 Subject-matter of appeal
 251
  • 17.6.4 Order as Appellate Tribunal thinks fit
 251
  • 17.6.5 Opportunity of being heard
 252
  • 17.6.6 Appellate Tribunal Order within six months
 252
17.7 Appellate Tribunal- Procedure and Power 253
17.8 Appellate Tribunal guided by “Natural justice� 253
17.9 Appellate Tribunal’s Powers 255
  • 17.9.1 Summoning and enforcing attendance
 256
  • 17.9.2 Discovery and production of documents
 256
  • 17.9.3 Receiving evidence on affidavit
 256
  • 17.9.4 Issuing commissions
 257
  • 17.9.5 Dismissal of appeal for default or deciding it ex parte
 258
  • 17.9.5a Deciding ex parte
 258
  • 17.9.6 Power to review own decision
 258
  • 17.9.6a Review-meaning
 259
  • 17.9.6b Procedural review - ex debito justitiae
 259
  • 17.9.6c Review on merit
 259
  • 17.9.6d Review is not appeal
 259
17.10 Proceeding judicial for certain purposes 260
17.11 Law of limitation applicable 260
17.12 Power to exercise discretion 261
17.13 Appeal to High Court 262
  • 17.13.1 Question of law and of fact
 263
  • 17.13.2 High Court jurisdiction confined only to question raised
 264
17.14 Recovery of penalty and compensation 264
17.15 Appellate Tribunal - Establishment and composition 265
17.16 Cyber Appellate Tribunal Appeal 265
17.17 Appellate Tribunal Power to make order as it thinks fit 266
17.18 Appellate Tribunal Order within six months 266
17.19 Appellate Tribunal Law of limitation - 267
17.20 Appellate Tribunal Proceeding judicial 268
17.21 Appellate Tribunal and adjudicating officer - Injunction on any action 268

Chapter 18—Offences - Cyber Crimes

18.1 Introduction 269
18.2 Object and purpose 270
18.3 Computer related offences and offences related to computer 270
18.4 Computer related offences - Civil or Criminal - “punishment� and “penalty� 273
18.5 Offence - Meaning 275
  • 18.5.1 Offence Ingredients, basic
 276
  • 18.5.2 Offence - Failure to do certain Acts
 278
  • 18.5.3 Persons guilty of computer offences dealt with severely
 278
  • 18.5.4 Offence - Contravention committed outside India
 280
18.6 Computer a target or a tool for criminal purposes 281
18.7 Tampering computer source document 282
  • 18.7.1 Person shall be punishable
 283
  • 18.7.2 Person- Whoever
 283
  • 18.7.3 Computer source code
 283
  • 18.7.3a Computer source code required to be kept or when required to be maintained
 285
  • 18.7.4 Ingredients of offence
 285
  • 18.7.5 Concealing, destroying or altering the computer source code
 285
  • 18.7.6 Tampering intentionally or knowingly
 286
  • 18.7.6a Intentionally
 286
  • 18.7.6b Knowingly
 286
18.8 Hacking of computer system 286
  • 18.8.1 Offence under section 43 is civil wrong, while under section 66 criminal
 288
  • 18.8.1a Dishonestly
 288
  • 18.8.1b Fraudulently
 288
  • 18.8.2 Computer related fraud
 289
18.9 Information theft 290
18.10 Cheating by personation 291
  • 18.10.1 Cheating
 291
  • 18.10.2 Cheating by personation - Phishing
 291
18.11 Violation of Privacy 293
18.12 Cyber Terrorism 293
18.13 Publishing or transmitting obscene material in electronic form 294
  • 18.13.1 Ingredients of section 67
 295
  • 18.13.2 Obscene information - Tests
 296
  • 18.13.3 Lascivious
 297
  • 18.13.4 Prurient interest
 297
  • 18.13.5 Tending to deprave and corrupt
 297
  • 18.13.6 Cases
 298
18.14 Publishing or transmitting of material containing or depicting children in sexually explicit act 299
  • 18.14.1 Sexually explicit act or conduct- meaning
 299
18.15 Offence - Failure to comply with the order of the Controller 301
18.16 Interception or monitor or decryption of information - Compliance of Government directions 301
  • 18.16.1 Interception, monitoring and decryption – defined
 302
  • 18.16.1a Intercept; Interception device
 302
  • 18.16.1b Monitor; Monitoring device
 302
  • 18.16.1c Decryption; Decryption assistance; Decryption direction
 303
  • 18.16.2 Section 69 consists of three parts
 303
  • 18.16.3 Government power to direct interception etc. not absolute
 303
  • 18.16.4 Government satisfaction
 304
  • 18.16.5 Existence of reasons- Check on power of Government
 304
  • 18.16.6 Recording of reasons
 304
  • 18.16.7 Recording reasons in writing
 305
18.17 Interception, monitoring or decryption - Government powerto issue directions 305
  • 18.17.1 Sovereignty
 306
  • 18.17.2 Security of State
 306
  • 18.17.3 Public order
 307
  • 18.17.4 Preventing incitement to the commission of any cognizable offence
 308
  • 18.17.5 Interception, monitoring and decryption - Procedure and safeguards
 308
18.18 Blocking of information - Compliance of Government directions (section 69A) 310
  • 18.18.1 Blocking for public access - Procedure and safeguards
 310
18.19 Monitoring and collection of traffic data – Power of Central Government to authorise for 312
  • 18.19.1 Monitoring and collection of traffic data - Procedure and safeguards
 312
18.20 Protected System 313
  • 18.20.1 Securing access or attempt to secure access
 314
18.21 Information security practices and procedures 315
18.22 National nodal agency 316
18.23 Indian Computer Emergency Response Team 316
  • 18.23.1 Response team - Two main functions
 316
  • 18.23.2 Cyber incident
 317
  • 18.23.3 Cyber security incident
 317
18.24 Response Team - Functions and responsibility as defined under the Rules 317
  • 18.24.1 Services provided
 317
  • 18.24.2 Interaction with stakeholder
 318
  • 18.24.3 Policies and procedure
 318
  • 18.24.4 Operations
 318
  • 18.24.5 Disclosure of Information
 318
  • 18.24.6 Calling for information for carrying out provisions of section
 319
  • 18.24.7 Directions for compliance
 319
18.25 Penalty for misrepresentation or suppression of facts 319
  • 18.25.1 Misrepresentation
 320
  • 18.25.2 Suppression
 320
18.26 Penalty for Breach of confidentiality and privacy 321
  • 18.26.1 Right to privacy
 321
  • 18.26.2 Privacy kind of interests
 322
  • 18.26.3 Privacy under Digital Personal Data Protection Act, 2023
 323
18.27 Punishment for disclosure of information in breach of lawful contract 325
18.28 Penalty for publishing false electronic signature Certificate 325
18.29 Creating for fraudulent purpose 326
18.30 Offence or contravention committed outside India 326
18.31 Confiscation 327
18.32 Intermediary - Exemption from liability 328
18.33 Punishment for abetment of offences 329
  • 18.33.1 Abetment – meaning
 330
  • 18.33.2 Instigation
 331
  • 18.33.3 Conspiracy
 331
  • 18.33.4 Intentional aid
 332
18.34 Punishment for attempt to commit offences 333
  • 18.34.1 Attempt- meaning
 333
18.35 Examiner of Electronic Evidence notification 334
18.36 Indian Cybercrime Coordination Centre (I4C) 334
18.37 National Cybercrime Reporting Portal [NCRP] 335

Chapter 19 Compounding of Contravention and Offences

19.1 Introduction 336
19.2 Contravention- meaning 336
19.3 Ingredients of section 63 336
  • 19.3.1 Any contravention under the Act
 337
19.4 Compounding under section 77A—ingredients 337
19.5 Compounding of offence- meaning and effect 338
19.6 Compounding - Guidelines 339
19.7 Compounding - Discretionary power 339
19.8 Compounding-No further proceeding 339
19.9 Compounding-Not to extort money 340

Chapter 20—Cognizable Offence, Investigation, Search, and Arrest

20.1 Introduction 341
20.1 Investigation – meaning and concept 341
20.2 Offence – cognizable 342
20.3 Bailable offence 342
20.4 Search-Power of Police Officer 344
  • 20.4.1 CrPC applies, so far as may be
 344
20.5 Search - person is reasonably suspected of committing offence 345
  • 20.5.1 Reason to suspect
 345
20.6 Search - Person having committed or committing or about to commit 346
20.7 Arrest- meaning and purpose 348
  • 20.7.1 Protection against arrest - Fundamental rights
 349
  • 20.7.2 Arrest and Criminal Procedure Code
 350
  • 20.7.3 Arrest- Directives by Supreme Court
 351

Chapter 21—Burden of Proof, Presumptions, Evidence

21.1 Introduction 353
21.2 Burden of proof meaning and scope 353
21.3 Proof 354
  • 21.3.1 Conclusive proof, presumptive or conditional proof
 355
21.4 Evidence, meaning and scope 355
21.5 Presumptions of law or of facts 355
  • 21.5.1 Presumption of Facts
 356
  • 21.5.2 Presumptions of Law
 357
  • 21.5.3 Rebuttable presumptions
 357
  • 21.5.4 Irrebuttable presumptions (conclusive proof)
 357
21.6 Standard of proof 358
  • 21.6.1 Burden of establishing guilt on-prosecution
 359
  • 21.6.2 Accused presumed to be innocent unless proved guilty
 359
  • 21.6.3 Reasonable doubt, meaning of
 360
  • 21.6.4 Proof or reasonable doubt need not be a perfect proof
 361
21.7 Rules of proof and onus under the Information Technology Act 361

Chapter 22—Penalty and Prosecution (mens rea)

22.1 Introduction 362
22.2 Penalty and prosecution 363
22.3 Penal law under the Act departure from the traditional criminal law 364
22.4 Doctrine of mens rea 364
  • 22.4.1 Mens rea culpable negligence, recklessness
 365
  • 22.4.2 Culpable negligence does not merely mean mere carelessness
 366
  • 22.4.3 Mens rea is not of general application in modern statutes
 366
  • 22.4.4 No mens rea, no crime is not applicable to economic crimes
 367
  • 22.4.5 Mens rea social welfare legislation or economic laws
 368
22.5 Offence-Trial of an offence, cognizance and procedure of trial 369
  • 22.5.1 Cognizance of offence
 370
  • 22.5.1a Prima facie case for commencement of proceeding
 370
  • 22.5.1b Sufficiency of ground for proceeding is not the test
 371
  • 22.5.1c Dismissal of a complaint is no bar to entertain the subsequent one
 371
  • 22.5.1d Cognizance of the offender and not of the offence.
 371
  • 22.6 Rule of proof
 372

Chapter 23—Companies-Offences and Prosecution

23.1 Introduction 374
23.2 Offences Committed by Company – General Concepts 374
  • 23.2.1 Offence by company-meaning
 375
23.3 Offences by and punishment of company 376
23.4 Section 85—Deeming provision 376
  • 23.4.1 Vicarious liability and identification theory
 377
23.5 Persons liable to be punished 378
23.6 Company itself liable to be punished 380
23.7 Vicarious liability – meaning and concept 382
23.8 Rules relating to vicarious prosecution 383
  • 23.8.1 Vicarious liability—strict liability
 383
  • 23.8.2 No vicarious liability unless the statute specifically provides
 384
  • 23.8.3 Specific averments
 385
23.9 Person-In-charge of, meaning 385
  • 23.9.1 In-charge of-Managing Director is presumed
 386
  • 23.9.2 Person-Responsible to the company
 386
23.10 Vicarious liability-Defence 387
  • 23.10.1 Due diligence – meaning
 388
23.11 Specific averments that accused person was in charge and responsible 388
23.12 Conniving persons liable to be punished 391
  • 23.12.1 First view–sub-section (2) is a rule of evidence
 392
  • 23.12.2 Second view—Sub-section (2) is a substantive offence
 394

Chapter 24—Quashing Criminal Proceedings

24.1 Introduction 395
24.2 High Court Inherent Power-ex debito justitiae 395
24.3 High Court jurisdiction under section 482 397
  • 24.3.1 Jurisdiction to quash proceedings is not to be exercised arbitrarily or capriciously
 398
24.4 Factors considered for quashing 398
24.5 Situations for Court interference 403
  • 24.5.1 Complaint does not disclose offence
 404
  • 24.5.2 Complaint frivolous, vexatious or oppressive
 404
  • 24.5.3 Interest of justice demands prosecution not to continue
 405
  • 24.5.4 Chances of success bleak
 405
  • 24.5.5 Complaint suffers from fundamental defects
 406
  • 24.5.6 Allegations patently absurd and inherently improbable
 406

Chapter 25—Bar of Jurisdiction of Civil Court

25.1 Introduction 407
25.2 Ouster of jurisdiction of civil court-limitations 407
25.3 Court’s jurisdiction cannot be entirely excluded 409

Chapter 26—Information Technology Act-Overriding Effect

26.1 Introduction 412
26.2 Overriding provision-ingredients 412
26.3 Act shall have effect 412
26.4 Law for the time being in force 412
26.5 Notwithstanding 413
26.6 Information Technology Act being a special provision prevails over other provisions 415
  • 26.6.1 Special law v. Special law
 415
26.7 Non-obstante clauses in two statutes-generalia specialibus non derogant 417
  • 26.7.1 Repugnancy-situations
 418

Chapter 27—Information Technology-Protection of Actions

27.1 Introduction 419
27.2 Protection facilitates effective performance of duty 419
27.3 Protection of actions-Within the scope of official duty 419
27.4 Scope of official duty Tests 420
27.5 Sanction of the Government 421

Chapter 28—Rules, Regulations and Removal of Difficulties

28.1 Introduction 423
28.2 Rules and Regulations– Publication 423
28.3 Delegated legislation-Classification 424
28.4 Removal of difficulties 424
  • 28.4.1 Removal of difficulties-Residuary power
 425
  • 28.4.2 Difficulties aliunde or extraneous difficulties not covered
 425
  • 28.4.3 Not a power to frame rules
 426
  • 28.4.4 Publication in the official Gazette
 426
28.5 Rules—Power of the Central Government 426
28.6 Rules-Power of the State Government 428
28.7 Regulations-Powers of Controller 428
28.8 Rules and Regulations-Subordinate legislation 429
28.9 Justification 429
28.10 Rules and regulations-Scope 431
28.11 Rules and regulations-Legislative in character 432
28.12 Rules and regulations-Part of the Act 433
28.13 Rules and regulations-Subordinate to the Act 433
28.14 Rules and regulations-Conflict between statute and Rules 434
28.15 Rules, Regulations and Removal of difficulties-Laying before Parliament 434

Chapter 29—Glossary

29.1 Introduction 436
29.2 Terms and expression-meaning 436

Chapter 30—Interpretative Principles

30.1 Interpretation of statute, meaning of 461
30.2 Interpretation-General principles 461
30.3 Intention of Legislature 462
30.4 Rules of interpretation 463
30.5 Purposive Interpretation 466
30.6 Rules of interpretation – summing up 468
30.7 Casus omissus and ex visceribus actus 470
30.8 Strict interpretation 471
  • 30.8.1 Penal provisions
 472
  • 30.8.2 Provision relating to Limitation
 473
  • 30.8.3 Exception
 473
  • 30.8.4 Legal fictions
 474
  • 30.8.5 Deeming provision
 474
30.9 Interpretation-Internal aids 475
  • 30.9.1A Preamble
 475
  • 30.9.2 Definition
 476
  • 30.9.2a Functions of a definition
 476
  • 30.9-2b Definition not meant to be exhaustive
 476
30.10 Means 477
30.11 Includes 477
  • 30.11.1 “Includes � may also have exhaustive meaning
 478
30.12 “Means and includes � 478
  • 30.12.1 “Means � and �includes �-Distinguishing features
 478
30.13 Unless the context otherwise requires 479
30.14 Proviso 479
  • 30.14.1 Interpretation of a proviso
 480
  • 30.14.2 Provided further
 481
  • 30.14.3 Proviso,whether refers to the last or all paras in a series of paragraphs
 481
30.15 Explanation 482
  • 30.15.1 Explanation, interpretation
 483
30.16 Exception 483
30.17 Legal fiction and deeming provisions 484
30.18 Marginal notes and headings 484
30.19 Other expressions 485
  • 30.19.1 Notwithstanding
 485
  • 30.19.2 Subject to
 485
  • 30.19.3 In accordance with
 486
  • 30.19.4 In addition to
 486
  • 30.19.5 In connection with
 486
  • 30.19.6 In (by) writing
 486
  • 30.19.7 In relation to
 486
  • 30.19.8 Pertaining to
 487
  • 30.19.9 In respect of –With respect to
 487
  • 30.19.10 Within
 487
  • 30.19.10A In and within
 487
  • 30.19.11 Namely, or that is to say
 488
  • 30.19.12 Under the Act
 488
  • 30.19.13 Otherwise
 488
  • 30.19.14 Without prejudice
 488
  • 30.19.15 As the case may be
 489
  • 30.19.16 So far as may be
 489
  • 30.19.17 Having regard to
 489
  • 30.19.18 “A �, �An �,�The �. �Any�
 489
  • 30.19.19 Where, when if
 490
30.20 Mandatory or directory/Meaning 490
  • 30.20.1 Whether a provision is mandatory or directory
 490
  • 30.20.2 Link between the broad principle of the statute and object of the particular provision is important
 491
  • 30.20.3 Consequences of non-compliance of mandatory and directory provisions
 491
  • 30.20.4 “May�, “Shall�
 492
  • 30.20.5 Negative or prohibitive word mandatory
 492
  • 30.20.6 Time limit for performance of a duty rarely mandatory
 493
  • 30.20.7 Provisions relating to avoidance of public mischief not mandatory
 493
  • 30.20.8 Procedural Rule not mandatory
 493
  • 30.20.9 Mode of performing a duty has to be mandatorily followed
 494
  • 30.20.10 Conditions of a provision should be mandatorily followed
 494
30.21 External aids 494
  • 30.21.1 Dictionary
 495
  • 30.21.2 Subject and object rules
 495
  • 30.21.3 Reference to other Acts
 496
  • 30.21.4 Words in popular sense
 496
  • 30.21.5 Words – General public
 497

APPENDICES

THE INFORMATION TECHNOLOGY ACT, 2000

Chapter I : Preliminary

1. Short title, extent, commencement and application 501
2. Definitions 502

Chapter II: Digital Signature and Electronic Signature

3. Authentication of electronic records 505
  • 3A. Electronic signature
 505

Chapter III : Electronic Governance

4. Legal recognition of electronic records 506
5. Legal recognition of electronic signatures 506
6. Use of electronic records and electronic signatures in government and its agencies 506
  • 6A. Delivery of service by service provider
 507
7. Retention of electronic records 507
  • 7A. Audit of documents, etc., maintained in electronic form
 508
8. Publication of rule, regulation, etc., in Electronic Gazette 508
9. Sections 6, 7 and 8 not to confer right to insist document should be accepted in electronic form 508
10. Power to make rules by Central Government in respect of electronic signature 508
  • 10A. Validity of contracts formed through electronic means
 508

Chapter IV: Attribution, acknowledgement and despatch of electronic records

11. Attribution of electronic records 509
12. Acknowledgement of receipt 509
13. Time and place of despatch and receipt of electronic record 509

Chapter V: Secure Electronic Records and Secure Electronic Signatures

14. Secure electronic record 510
15. Secure electronic signature 510
16. Security procedures and practices 510

Chapter VI : Regulation of Certifying Authorities

17. Appointment of Controller and other officers 510
18. Functions of Controller 511
19. Recognition of Foreign Certifying Authorities 511
20. Omitted 512
21. Licence to issue electronic signature certificates 512
22. Application for licence 512
23. Renewal of licence 512
24. Procedure for grant or rejection of licence 513
25. Suspension of licence 513
26. Notice of suspension or revocation of licence 513
27. Power to delegate 514
28. Power to investigate contraventions 514
29. Access to computers and data 514
30. Certifying Authority to follow certain procedures 514
31. Certifying Authority to ensure compliance of the Act, etc. 514
32. Display of licence 514
33. Surrender of licence 515
34. Disclosure 515

Chapter VII : Electronic Signature Certificates

35. Certifying authority to issue Electronic Signature Certificate 515
36. Representations upon issuance of Digital Signature Certificate 516
37. Suspension of Digital Signature Certificate 516
38. Revocation of Digital Signature Certificate 516
39. Notice of suspension or revocation 517

Chapter VIII : Duties of Subscribers

40. Generating key pair 517
  • 40A. Duties of subscriber of Electronic Signature Certificate
 517
41. Acceptance of Digital Signature Certificate 517
42. Control of private key 518

Chapter IX : Penalties, Compensation and Adjudication

43. Penalty and compensation for damage to computer,computer system, etc. 518
  • 43A. Compensation for failure to protect data
 519
44. Penalty for failure to furnish information, return, etc. 520
45. Residuary penalty 520
46. Power to adjudicate 520
47. Factors to be taken into account by the adjudicating officer 521

Chapter X: Appellate Tribunal

48. Establishment of Appellate Tribunal 521
49. Omitted 522
50. Omitted 522
51. Omitted 522
52. Omitted 522
  • 52A. Omitted
 523
  • 52B. Omitted
 523
  • 52C. Omitted
 523
  • 52D. Decision by majority
 523
53. Omitted 523
54. Omitted 523
55. Orders constituting Appellate Tribunal to be final and not to invalidate its proceedings 523
56. Omitted 524
57. Appeal to Appellate Tribunal 524
58. Procedure and powers of the Appellate Tribunal 524
59. Right to legal representation 525
60. Limitation 525
61. Civil court not to have jurisdiction 525
62. Appeal to High Court 525
63. Compounding of contraventions 525
64. Recovery of penalty or compensation 526

Chapter XI: Offences

65. Tampering with computer source documents 526
66. Computer related offences 526
  • 66A. Omitted
 527
  • 66B. Punishment for dishonestly receiving stolen computer resource or communication device
 527
  • 66C. Punishment for identity theft
 527
  • 66D. Punishment for cheating by personation by using computer resource
 527
  • 66E. Punishment for violation of privacy
 527
  • 66F. Punishment for cyber terrorism
 528
67. Punishment for publishing or transmitting obscene material in electronic form 528
  • 67A. Punishment for publishing or transmitting of material containing sexually explicit act, etc., in electroni form
 528
  • 67B. Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc.,in electronicform
 529
  • 67C. Preservation and retention of information by intermediaries
 529
68. Power of the Controller to give directions 529
69. Power to issue directions for interception or monitoring or decryption of any information through any computer resource 530
  • 69A. Power to issue directions for blocking for public access of any information through any computer resource
 530
  • 69B. Power to authorise to monitor and collect traffic data or information through any computer resource for cyber security
 531
70. Protected system 531
  • 70A. National nodal agency
 532
  • 70B. Indian Computer Emergency Response Team to serve as national agency for incident response
 532
71. Penalty for misrepresentation 533
72. Penalty for breach of confidentiality and privacy 533
  • 72A. Penalty for disclosure of information in breach of lawful contract
 533
73. Penalty for publishing Electronic Signature Certificate false in certain particulars 533
74. Publication for fraudulent purpose 533
75. Act to apply for offences or contravention committed outside India 534
76. Confiscation 534
77. Compensation, penalties or confiscation not to interfere with other punishment 534
  • 77A. Compounding of offences
 534
  • 77B. Offences with three years imprisonment to be bailable
 534
78. Power to investigate offences 534

Chapter XII: Intermediaries not to be Liable in Certain Cases

79. Exemption from liability of intermediary in certain cases 535

Chapter XIIa: Examiner of Electronic Evidence

79A. Central Government to notify Examiner of Electronic Evidence 535

Chapter XIII: Miscellaneous

80. Power of police officer and other officers to enter, search, etc. 536
81. Act to have overriding effect 536
  • 81A. Application of the Act to electronic cheque and truncated cheque
 536
82. Controller, Deputy Controller and Assistant Controller to be public servants 537
83. Power to give directions 537
84. Protection of action taken in good faith 537
  • 84A. Modes or methods of encryption
 537
  • 84B. Punishment for abetment of offences
 537
  • 84C. Punishment for attempt to commit offences
 537
85. Offences by companies 537
86. Removal of difficulties 538
87. Power of Central Government to make rules 538
88. Constitution of Advisory Committee 540
89. Power of Controller to make regulations 541
90. Power of State Government to make rules 542
FIRST SCHEDULE 543
SECOND SCHEDULE 543
THIRD SCHEDULE 545
FOURTH SCHEDULE 545

Chapter XIII: Miscellaneous

THE INFORMATION TECHNOLOGY (CERTIFYING AUTHORITIES) RULES, 2000

1. Short title and commencement 546
2. Definitions 546
3. The manner in which information be authenticated by means of Digital Signature 547
4. Creation of Digital Signature 547
5. Verification of Digital Signature 547
  • 5A. Verification of Digital Signature Certificate
 548
6. Standards 548
7. Digital Signature Certificate Standard 549
8. Licensing of Certifying Authorities 549
9. Location of the Facilities 551
10. Submission of Application 551
11. Fee 552
12. Cross Certification 552
13. Validity of licence 552
14. Suspension of licence 553
15. Renewal of licence 553
16. Issuance of licence 553
17. Refusal of Licence 553
18. Governing Laws 554
19. Security Guidelines for Certifying Authorities 554
20. Commencement of Operation by Licenced Certifying Authorities 554
21. Requirements Prior to Cessation as Certifying Authority 554
22. Database of Certifying Authorities 555
23. Digital Signature Certificate 556
24. Generation of Digital Signature Certificate 557
25. Issue of Digital Signature Certificate 557
26. Certificate Lifetime 557
27. Archival of Digital Signature Certificate 558
28. Compromise of Digital Signature Certificate 558
29. Revocation of Digital Signature Certificate 558
30. Fees for issue of Digital Signature Certificate 559
31. Audit 559
32. Auditors relationship with Certifying Authority 560
33. Confidential Information 560
34. Access to Confidential Information 560
Schedule I: Form for Application for Grant of Licence to be a Certifying Authority 560
Schedule II: Information Technology (IT) Security Guidelines 563
Schedule III: Security Guidelines for Certifying Authorities 580
Schedule IV: 589
Form A: Application Form for Issue of Digital Certificate for Subscriber of Government and Banking Sector 589
Form B: Application Form for Issue of Digital Signature Certificate for Subscribers Other than Government and Banking Sector 590
Form C: Application Form for Issue of Digital Signature Certificate Through EkYC Based Identity Verification of Digital Signature Certificate Applicant 591
Schedule V: Glossary 591

THE INFORMATION TECHNOLOGY (OTHER POWERS OF CIVIL COURT VESTED IN CYBER APPELLATE TRIBUNAL) RULES, 2003

1. Short title and commencement 609
2.Definitions 609
3. Powers of Cyber Appellate Tribunal 609

THE INFORMATION TECHNOLOGY (USE OF ELECTRONIC RECORDS AND DIGITAL SIGNATURES) RULES, 2004

1. Short title and commencement 610
2. Definitions 610
3. Filing of form, application or any other document 610
4. Issue or grant of any licence, permit, sanction or approval 611
5. Payment and receipt of fee or charges 611

THE INFORMATION TECHNOLOGY (SECURITY PROCEDURE) RULES, 2004

1. Short title and commencement 612
2. Definitions 612
3. Secure electronic record 612
4. Secure digital signature 612

THE INFORMATION TECHNOLOGY (PROCEDURE AND SAFEGUARDS FOR INTERCEPTION, MONITORING AND DECRYPTION OF INFORMATION) RULES, 2009

1. Short title and commencement 614
2. Definitions 614
3. Directions for interception or monitoring or decryption of any information 616
4. Authorization of agency of Government 616
5. Issue of decryption direction by competent authority 616
6. Interception or monitoring or decryption of information by a State beyond its jurisdiction 617
7. Contents of direction 617
8. Competent authority to consider alternative means in acquiring information 617
9. Direction of interception or monitoring or decryption of any specific information 617
10. Direction to specify the name and designation of the officer to whom information to be disclosed 617
11. Period within which direction shall remain in force 617
12. Authorized agency to designate nodal officer 617
13. Intermediary to provide facilities, etc. 618
14. Intermediary to designate officers to receive and handle requisition 618
15. Acknowledgement of instruction 618
16. Maintenance of records by designated officer 618
17. Decryption key holder to disclose decryption key or provide decryption assistance 618
18. Submission of list of interception or monitoring or decryption of information 619
19. Intermediary to ensure effective check in handling matter of interception or monitoring or decryption of information 619
20. Intermediary to ensure effective check in handling matter of interception or monitoring or decryption of information 619
21. Responsibility of intermediary 619
22. Review of directions of competent authority 619
23. Destruction of records of interception or monitoring or decryption of information 620
24. Prohibition of interception or monitoring or decryption of information without authorization 620
25. Prohibition of disclosure of intercepted or monitored or decrypted information 621

THE INFORMATION TECHNOLOGY (PROCEDURE AND SAFEGUARDS FOR BLOCKING FOR ACCESS OF INFORMATION BY PUBLIC) RULES, 2009

1. Short title and commencement 622
2. Definitions 622
3. Designated Officer 623
4. Nodal officer of organization 623
5. Direction by Designated Officer 623
6. Forwarding of request by organization 623
7. Committee for examination of request 624
8. Examination of request 624
9. Blocking of information in cases of emergency 625
10. Process of order of court for blocking of information 625
11. Expeditious disposal of request 625
12. Action for non-compliance of direction by intermediary 625
13. Intermediary to designate one person to receive and handle directions 625
14. Meeting of Review Committee 625
15. Maintenance of records by Designated Officer 625
16. Requests and complaints to be confidential 625
FORM 626

THE INFORMATION TECHNOLOGY (PROCEDURE AND SAFEGUARD FOR MONITORING AND COLLECTING TRAFFIC DATA OR INFORMATION) RULES, 2009

1. Short title and commencement 628
2. Definitions 628
3. Directions for monitoring 629
4. Authorised agency of Government for monitoring and collection of traffic data or information 630
5. Intermediary to ensure effective check in handling,monitoring or collection of traffic data or information 631
6. Responsibility of intermediary 631
7. Review of directions of competent authority 631
8. Destruction of records 631
9. Prohibition of monitoring or collection of traffic data or information without authorisation 632
10. Prohibition of disclosure of traffic data or information by authorised agency 633
11. Maintenance of confidentiality 633

THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011

1. Short title and commencement 634
2. Definitions 634
3. Sensitive personal data or information 635
4. Body corporate to provide policy for privacy and disclosure of information 635
5. Collection of information 635
6. Disclosure of information 637
7. Transfer of information 637
8. Reasonable security practices and procedures 637

THE INFORMATION TECHNOLOGY(INTERMEDIARIES GUIDELINES) RULES, 2011

1. Short title and commencement 639
2. Definitions 639
3. Due diligence to be observed by intermediary 640

THE INFORMATION TECHNOLOGY(GUIDELINES FOR CYBER CAFE) RULES, 2011

1. Short title and commencement 642
2. Definitions 642
3. Agency for registration of cyber cafe 643
4. Identification of user 643
5. Log register 644
6. Management of physical layout and computer resource 644
7. Inspection of cyber cafe 645
SCHEDULE-I: CYBER CAFE REGISTRATION FORM 646
SCHEDULE-II: STATE AND UT CODES 647

THE INFORMATION TECHNOLOGY(ELECTRONIC SERVICE DELIVERY) RULES, 2011

1. Short title and commencement 649
2. Definitions 649
3. System of electronic service delivery 650
4. Notification of electronic service delivery 650
5. Creation of repository of electronically signed electronic records by Government Authorities 651
6. Procedure for making changes in a repository of electronically signed electronic records 651
7. Responsibility of service provider and authorised agents for financial management and accounting 651
8. Audit of the information system and accounts of service provider and authorised agents 652
9. Use of special stationery in electronic service delivery 652

THE INFORMATION TECHNOLOGY (THE INDIAN COMPUTER EMERGENCY RESPONSE TEAM AND MANNER OF PERFORMING FUNCTIONS AND DUTIES) RULES, 2013

1. Short title and commencement 653
2. Definitions 653
3. Location 654
4. Authority 654
5. Functioning on 24-hour basis 654
6. Advisory Committee 654
7. Constituency 655
8. Functions and responsibilities of CERT-In 655
9. Services 655
10. Stakeholders 655
11. Policies and procedures 656
12. CERT-In operations 657
13. Disclosure of information 657
14. Seeking information, carrying out functions and for compliance in terms of sub-section (6) of section 70B of the Act 658
15. Directions for compliance 658
16. Report of non-compliance 658
17. Point of Contact 658
18. Dealing with non-compliance 659
19. Review Committee 659
20. Action for non-compliance of direction 659

THE INFORMATION TECHNOLOGY (NATIONAL CRITICAL INFORMATION INFRASTRUCTURE PROTECTION CENTRE AND MANNER OF PERFORMING FUNCTIONS AND DUTIES) RULES, 2013

1. Short title and commencement 660
2.Definitions 660
4. Functions and duties of the National Critical Information Infrastructure Protection Centre 661
5. Manner of performing functions and duties 662
6. Advisory Committee 663
7. Research and Development 664

THE DIGITAL SIGNATURE (END ENTITY) RULES, 2015

1. Short title and commencement 665
2. Definitions 665
3. Manner of authentication of information by means of digital signature 667
4. Creation of digital signature 668
5. Verification of digital signature 668
6. Verification of Digital Signature Certificate 669
7. Digital signature standards 669
8. Manner of authentication of information by means of xml digital signature 670
9. Creation of xml digital signature 670
10. Verification of xml digital signature 671
11. The xml digital signature standards 672
12. The basic Syntax of xml digital signature and terms used in the rule shall be as follows, namely 673
13. Digital Signature functions Standard 674

THE INFORMATION TECHNOLOGY (INTERMEDIARY GUIDELINES AND DIGITAL MEDIA ETHICS CODE) RULES, 2021

Part I: Preliminary

1. Short Title and Commencement 675
2. Definitions 675

Part II : Due Diligence By Intermediaries And Grievance Redressal Mechanism

3. Due diligence by an intermediary 678
  • 3A. Appeal to Grievance Appellate Committee(s)
 683
4. Additional due diligence to be observed by significant social media intermediary and online gaming intermediary 684
  • 4A. Verification of online real money game
 688
  • 4B. Applicability of certain obligations after an initial period
 691
  • 4C. Obligations in relation to online game other than online real money game
 691
5. Additional due diligence to be observed by an intermediary in relation to news and current affairs content 691
6. Notification of other intermediary 691
7. Non-observance of Rules 692

Part III : Code of Ethics and Procedure and Safeguards in Relation to Digitalmedia

8. Application of this Part 692
9. Observance and adherence to the Code 692

Chapter I: Grievance Redressal Mechanism

10. Furnishing and processing of grievance 693

Chapter II: Self-Regulating Mechanism - Level I

11. Self-Regulating mechanism at Level I 693

Chapter III: Self-Regulating Mechanism - Level II

12. Self-regulating body 694

Chapter IV: Oversight Mechanism - Level III

13. Oversight mechanism 695
14. Inter-Departmental Committee 695
15. Procedure for issuing of direction 696
16. Blocking of information in case of emergency 697
17. Review of directions issued 697

Chapter V: Furnishing of Information

18. Furnishing of information 698

Chapter VI: Miscellaneous

19. Disclosure of Information 698
APPENDIX 698
CODE OF ETHICS 698
SCHEDULE 700
PART I 700
PART II 701

THE INFORMATION TECHNOLOGY (CERTIFYING AUTHORITY) REGULATIONS, 2001

1. Short title and commencement 703
2. Definitions 703
3. Terms and conditions of licence to issue Digital Signature Certificate 703
4. The standards followed by the Certifying Authority for carrying out its functions 706
5.Every Certifying Authority shall disclose 718
6. Communication of compromise or Private Key 719
FORM : COMMUNICATION OF COMPROMISE OF PRIVATE KEY 719

THE INFORMATION TECHNOLOGY (RECOGNITION OF FOREIGN CERTIFYING AUTHORITIES OPERATING UNDER A REGULATORY AUTHORITY) REGULATIONS, 2013

1. Short title and Commencement 720
2. Definitions 720
3. Recognition of Foreign Certifying Authorities which operate under a regulatory authority in that country 721

THE INFORMATION TECHNOLOGY (RECOGNITION OF FOREIGN CERTIFYING AUTHORITIES NOT OPERATING UNDER ANY REGULATORY AUTHORITY) REGULATIONS, 2013

1. Short title and commencement 724
2. Definitions 724
3. Criteria for recognition of foreign certifying authorities which does not operate under any regulatory authority 725

About the Author

D.P. Mittal

D.P. Mittal

D.P. Mittal-D.P. Mittal is an advocate, tax and business law consultant. He has authored about two hundred articles in Indian and foreign magazines and journals and also books on various law subjects; some of them are as follows: Interpretation of Taxing Statutes, Wills, Deeds and Documents; Laws relating to Copyrights, Patents, Trade Marks and GATT; Business and Commercial Laws; Law of Arbitration, ADR and Contract in India; Indian Patents Law; Natural Justice, Judicial Review & Administrative Law; Law of Trade Marks; Law of Information Technology (Cyber Law); Law of Arbitration (2002); Indian Patents Law and Procedure (2002); Trade Marks Passing off and Geographical Indications of Goods - Law and Procedure (2002); Competition Law; Law relating to Sick Industries; Interpretation of Statutes; Law Dictionary

View other books from Accounts
Law Relating to Information Technology
Publisher: Commercial Law Publishers
Pages: 816
Language: English
ISBN: 9789356036178
705 Price : ₹ 895
Save ₹190 (21% OFF)
Add to Cart

Have Questions About This Book?

Our course advisors are here to help you make the right decision for your career growth.

Schedule a Call
Live Chat
Other books
Formation, Management & Taxation of Charitable & Religious Trusts & Institutions
Formation, Management & Taxation of Charitable & Religious Trusts & Institutions
Ram Dutt Sharma
CA/CMA INTER COMBO - COLOURED EASY NOTES + QUESTION BANK
CA/CMA INTER COMBO - COLOURED EASY NOTES + QUESTION BANK
CA Aarish Khan
CA/CMA INTER EASY NOTES COLOURED
CA/CMA INTER EASY NOTES COLOURED
CA Aarish Khan
CA/CMA INTER INCOME TAX QUESTION BANK
CA/CMA INTER INCOME TAX QUESTION BANK
CA Aarish Khan
Goods & Service Tax (IDT) BOOK - May 2026, September 2026 & January 2027 Exams
Goods & Service Tax (IDT) BOOK - May 2026, September 2026 & January 2027 Exams
CA Arpita S.Tulsyan
View All Books
Join Us !!

List your Books

Share your knowledge and help shape the next generation of tech-savvy CA & Tax professionals while building a rewarding career in education.

Get Started
WhatsApp
Call Back
Phone
Search