Let's Build a Responsible Cyber Society

Proposed Amendments to the Information Technology Act

Comments from Mr Kamal Dave, Advocate


The government of India has proposed many amendments by the Information Technology (Amendment) Act, 2005. The government of India, owing to the recent spurt of cyber crimes & exposures, has proposed amendments to the Information Technology Act 2000. Amongst the proposed amendments, major are :

1. Provision for technology neutral authentication mechanism : The amendment Act provides for Electronic Signature (however it includes digital signature) instead of Digital Signature as a move towards for providing technology neutral authentication mechanism for authentication of electronic records.

2. Generalising/ Broadening the definition of Cyber offences to include more computer related offences viz. Cyber Crimes : Provision for including cyber crimes under the head computer related offences with penal punishment instead of hacking of the computer by broadening the definition of cyber crimes.

3. Reduced Punishment : Reduction of punishment for Cyber offences viz. punishment for computer related offences to imprisonment for one year or two years respectively and for publishing the pornography/ obscene matter on the electronic media to three years. Specific enhanced punishment for child pornography.

4. Provision for compounding of offences : Provision for compounding of offences even for matters pending prosecution/ adjudication before the court.

5. Exclusion of liability : Specific provision explicitly reducing the liability for offence committed by the intermediaries.

6. Introduced provision for punishment for Invading Privacy : Punishment for offence of unauthorizedly recording pictures/ photographs of persons thereby invading their privacy.

7. Provision for a authority/ body of expert of examiner of Electronic Evidence : Provision for a authority/ body of examiner of Electronic Evidence.

8. Reducing the burden on CCA : Reducing the burden on CCA (Controller of Certifying Authorities) by excluding it from being a repository for Digital Signatures issued by the CAs (Certifying Authorities).

Analysis of the proposed amendments : The analysis to amendments as proposed by the Act are as follows :

Analysis of Amendment 1 : Provision for technology neutral authentication mechanism

The step to have a technology neutral mechanism as valid electronic signatures is a welcome step. However, the step is wanting in practical perspective as the Amendment Act itself mentions that the technology is yet to be developed and that rules can not be formed in absence of fully developed technology. Furthermore the technology is required to meet three primary/ elementary criteria/ condition viz. firstly, the technology should be able to detect any alteration in the electronic document; secondly the electronic documents should have provision for distinct & unalterable date & time stamp on them; And thirdly it should be able to provide for signature & counter signatures (without limitations of levels) and entire contents should be capable of being distinctly identified and separately authenticated and counter authenticated with specific electronic signatures of individual & authorities.

Amendment 2 : Generalising/ Broadening the definition of Cyber offences to include more computer related offences viz. Cyber Crimes

The broadening of definition of the Computer related offence attempts to define the situations and circumstances that makes the act an offence. However, an attempt is made by the amendment to include any act out that may fall in the category of offence. However, the two terms viz. "Fraudulently" & "Dishonestly" tend have subjective interpretations.

The main fallback of the proposed amendment is the generic definition of the act forming offence leads to discretionary/ skewed interpretation due to absence of specific definition/ terminology to the offence leading thereby the to chances of biased decisions. This may lead to complete disruption in delivering impartial justice and putting off the lid from the discretionary powers to authorities giving rise to multiple interpretation of the proposed provision and variation in decision could be attributed to probability or discretion. The matter sub-judice i.e. the act should withstand the scrutiny of law, but with such provision, the veracity of decision gets shaken.

Furthermore the amendment has twin effect, firstly adjudication gets adversely impacted due to the inclusion of two subjective clauses, which tends to have discretionary interpretation to the matters sub-judice; secondly, in cases where the act is not done "Fraudulently" & "Dishonestly", however causes substantial loss remain unpunished and offenders remain undeterred. This will lead to adventurism and increase in cyber crimes and would tend to lower the confidence on the entire process of electronic commerce and electronic governance and the government/ corporate houses/ individual would suffer due to the voyeurism of the youthful offenders.

The lowering of the punishment for the offence, reduces the fear of law thereby creating a perception of non-existence of effective law and order machinery in the state leads to increase in offences & contravention of law. This overall effect of it would be chaos/ jeopardy in the state administration & collapse of system.

Amendment 3 : Reduced Punishment

The reduction of punishment is a regressive step. By this proposed amendment, the offences gets loose string of being categorized into bailable category meaning thereby accused/ offender on his/ her arrest, as a matter of right, can claim to be released on bail despite having committed offence grave enough to jeopardize/ collapse the system itself. With disproportional punishment, i.e. lower punishment the deterrence of law & administration reduces. The law would loose its due respect and result in increase in crimes, leading to diminution of faith & confidence in administration of justice. Thus with reduction of punishment for the offence will encourage offenders to commit cyber crimes more freely. Thus to control these offences appropriate check & balance and controls on electronic transactions is necessary.

Amendment 4 : Provision for compounding of offences

The introduction for a clause for compounding of offences is a regressive act. The amendment makes the provision allowing/ enabling the authorities to compound the offences and it even allows the authorities to compound the offences pending trial before the court. This may send wrong signals that any such illegal act/ offence/ contravention can be done away with by paying a paltry sum and it will further lead to diminution of faith & confidence in law and collapse of system of administration of justice and lead to chaos in the society.

Amendment 5 : Exclusion of liability

The proposed amendment to exclude the liability of Intermediary in fact exists in the existing act also but the amended provision, explicit provision to exclude the liability of intermediary, however, it is with two riders i.e. preconditions viz. "conspiracy" or "abetment" in commission of offence. However the amendments, imposes no direction/ condition on authorities concerned to take necessary preventive/ remedial steps to avoid any such disorderly situation. It also does not impose any liabilities on authorities to have recourse to remedial measure to prevent any such illegal/ prohibitive action or its recurrence in any such circumstances.

Amendment 6 : Punishment for Invading Privacy

The proposed amendment is a welcome step as right to have privacy & confidentiality gets protected. The amendment, however, is difficult to be implemented in case the offender remains elusive due to the technology itself.

Amendment 7 : Provision for a authority/ body of expert of examiner of Electronic Evidence

The proposed amendment for establishing a separate authority a creation of separate body of Expert for examining Electronic Evidence is like creating another authority parallel to the Centre for Forensic Science Laboratory (CFSL). The composition and place of offices too are not mentioned. Further the amendment makes no option for parties in dispute or any interested person to approach the authority for redressal of their private grievance and the fee thereof need also to be decided keeping into mind the liability of it on the end user.

Amendment 8 : Reducing the burden on CCA

The proposed amendment of reducing the liability of CCA by discharging it from maintaining the database of private keys of the certificate holder (Digital Signature Certificate), inline with practice in other countries, will although reduce the burden on CCA. However, this will, in case of any question arising out of authenticity/ veracity of electronic transaction based on the digital signature would not be able to withstand test legal scrutiny and would tend to become a matter of discretion and likelihood of unfair play.

Conclusion :

These proposed amendments although are patchwork sort of amendments and are outcome of recent cases of cyber crimes cases exposed by the media and not a result of serious analysis of all the problems. These are piece meal arrangements to the problems. The proposed amendments should incorporate not only specific act or omission forming offences but also include provision relating to cyber terrorism in the present act to prevent commission of any cyber crime including heinous cyber crime i.e. cyber terrorism.


Related Material

 Naavi's Comments Praveen Dalal's Comments : Sarbajit Roy's Comments