Cyberlaw has become a buzzword nowadays. In simple terms, cyberlaw is the law applicable on the activities of the cyberspace. It typically encompasses all the cases, statutes and constitutional provisions that impact persons and institutions who control the entry to cyber space, create the hardware and software which enable people to access cyber space or use their own computers to go online and enter cyber space.
In India the cyberlaws are contained in the Information Technology Act, 2000 which was notified on 17 October 2000. It is based on the United Nation’s Commission for International Trade related laws (UNCITRAL) model law.
The need for a new legislation became imminent because the existing laws did not recognise the validity of transactions carried through Internet. This absence of the legal framework became a barrier to the growth of e-commerce in India. There was an urgent need for an enabling and supportive legal infrastructure in the country that would facilitate e-commerce. The new law aims to provide the legal infrastructure for e-commerce in India by governing the transactions through the Internet and other electronic medium.
Internet and specially e-mail revolutionised the communication, so much so that the postal and courier industry faced a threat from this new medium. However, there was no law in the country which gave legal validity and sanction to this new mode of communication. As a consequence e-mail remained ‘illegal’. The Courts were reluctant to grant judicial recognition to the legality of e-mail in the absence of any specific law on the same.
Further with the increase in Internet proliferation, the crime in cyberspace also increased manifolds. There was a need to check this growing menace of cybercrime.
As a solution to the missing link in the legal infrastructure of the country and to check the increasing cybercrime, the Government of India enacted Information Technology Act.
However, in the last few years the circumstances and the technologies have changed tremendously and to keep pace with these changes it is now high time that we make changes in the Act in consultation with the Internet users, industry and other stakeholders. It is suggested that the following issues be considered by the stakeholders for the amendment of the IT Act:
Make the IT Act technology neutral
The IT Act in its current form is at some places biased towards one technology. As for example, the Act recognises digital signatures only as equivalent to the signatures in writing. It is biased towards a particular technology, the PKI (Public Key Infrastructure) which is based on the assymetric encryption system, thus limiting the scope of innovation in technology. There are also other available technologies and may be in future, we will see much better technologies which may offer the same functionalities. The solution to this problem could be to introduce the concept of electronic signatures and remove all reference to the digital signature and its operations. The specifics of the technology and its usage can be provided later under the Rules framed under the Act.
Separate judicial and investigating agencies for cybercrimes
During the last few years, it has been observed that it is difficult to train the existing judiciary and investigating agencies on the new technologies. The state of affairs would be much better if there is a separate specialised court to try the cybercrimes and separate investigating agency for investigation. It is pertinent to mention here that the IT Act does provide for a cyber appellate tribunal, however, it is not functional till date. Moreover, the cyber appellate tribunal shall try the contraventions (civil offences) and not the cybercrimes. It is recommended that the jurisdiction of the cyber appellate tribunal be also increased to try the cybercrimes.
Privacy of individuals and protection of personal data
Today the personal contact details of individuals are being sold by one organisation to another without the consent of the concerned individual. Industry associations are advocating for providing protection to the foreign personal data, which is imported or accessed by the Indian companies under the outsourcing contracts. However, no one is raising voice for the privacy of the Indian citizen.