The field of Cyber Laws in India is slowly coming of
age. Though many did not recognize, the Indian legislatory activity in Cyber
Laws started with the modifications to the Indian Copyright Act to include
computer generated documents.
The enactment of ITA-2000, was however the first conscious
effort to bring legislation for the activities in Cyber Space and recognize
Digital Contracts. Subsequently the Semi Conductor Act was passed but is yet to
be notified. Similarly the Communication Convergence Act was drafted,
re-drafted, presented in the Parliament and finally kept in abeyance.
The patent laws applicable to Cyber Space which should
include Software Patents may become a reality after 2005.
The two other pieces of legislation that are now
engaging the attention of the legislators are the legislation against "SPAM" and
"Data Protection Act".
There is a debate on whether these laws are to be passed as
separate Acts or as amendments to the ITA-2000 itself. Obviously, the
formalities in getting an amendment passed should be simpler and therefore it
may be a preferred option.
Since both the anti spam legislation and data protection
legislation can be classified as legislation that can promote "E-Commerce", they
technically fall well within the objectives for which ITA-2000 was enacted. In
fact, adding these two elements to the ITA-2000 may make it a more comprehensive
act than what it is today to regulate the Cyber Space.
Still there is a need to look into the need for domain name
and space regulation and some changes to offences, penalties and Cyber
Crimes sections of the Act. Also there is a need to prevent modifications to
Cyber regulations with too many other legislations including the Post Office
Amendment Act so that there will be clarity on the regulations. It would be
better if all regulations on Cyber Space are addressed by one legislation such
as the ITA-2000 and wherever necessary, the other legislations can make only a
cross reference to the Act rather than including clauses which may have some
conflicting interpretations.
The passing of anti spam acts in USA and other countries has
provided some guidelines to India and it is understood that an exercise to
modify ITA-2000 with some provisions that address the concerns presented by SPAM
as an offence is already in progress.
NASSCOM has for some time being engaged in the act of
drafting the "Data Protection Act" since this had a profound impact on the flow
of BPO business from the EU countries. The last information from Nasscom
is that it prefers an amendment to ITA-2000 and does not foresee the necessity
for any separate legislation.
Unlike Spam legislation, the data protection legislation is
likely to generate heat since there would be a direct clash between meeting the
requirements of law enforcement, curbing the operation of terrorist forces and
protecting the concerns of individual privacy.
In this context, there appears to be a need for us to debate
on the issues concerning Data Protection Act and Naavi.org would like to collect
views from the market in this regard.
The basic principle of the "Data Protection Act" is that an
"Individual's Right To Privacy" should be protected as provided for in "Human
Right Conventions".
This requires a consensus on what are "The Privacy Rights
that need to protected", "Where are the risks of privacy loss?", "Who should
take charge of sensitive information"?, "What should be the modalities of
collection, storage and retrieval of sensitive information"? etc.
I would welcome the views of the visitors on this subject for
collective publication at naavi.org. If there is sufficient participation from
the public for this debate, it is envisaged that a seminar would be organized in
Chennai to take the debate to the next level and formulate a recommendation that
can be placed to the Government for consideration.
Naavi
August 14 2004
Your Views can be submitted here
Related Articles:
EU Forum on Cyber Crimes..Discussion Paper
Privacy International Comments
