Naavi.org

In a clear admission of their concern of losing a business opportunity, rivals of Zoom like FaceBook, Google and CISCO have made statements about their latest attempts to improve their products and make it more user friendly.

See article here

If the competition improves the products in the interest of the consumers, it is fine. But the Supreme Court should realize that the case against Zoom in India is a motivated case which does not deserve to be admitted.

In the meantime, we are waiting for any Indian solutions to come up to match the requirement. Probably some solutions have been presented to the MeitY which has announced a prize of Rs 1 crore to the best indigenous video conferencing software.

It appears that those who have entered the competition might have been prevented from releasing the beta version to the market. But consumers cannot indefinitely wait for the MeitY to declare the winner. If the products are not made available, then consumers will continue to use Zoom or other available choices that suits them and the MeitY exercise may only be of academic interest.

Naavi’s article on the subject which appeared in India Legal is also reproduced below. It is also available here;

One business that has thrived during the lockdown in various parts of the world is video-conferencing, virtual meetings and virtual collaboration solutions. Many large corporations have already installed virtual meeting infrastructure across their branch offices and were quickly able to adapt to this form of doing business by adding more individual users logging in from different locations.

A large number of SMEs and individual businesses, however, had to search for affordable and easy-to-use solutions to establish face-to-face contact with their workers scattered in different locations. Educational institutions also had a requirement to conduct classes in the virtual environment to meet their teaching deadlines. Such users found that the Zoom communications platform was convenient and affordable. As a result, its business spurted from around 10 million users to 200 million.

Companies, which had competing products and were big names in the industry, felt their egos bruised by the phenomenal success of this relatively small company. They launched a well planned attack on Zoom and the fact that it was promoted by a Chinese entrepreneur. They tried to bring down its popularity partly to get some business themselves and partly to satisfy their hurt egos.

The campaign against Zoom revolves around security issues. One issue is that uninvited persons can log into running sessions where there is no password set for the meeting or where the password is weak and predictable. As the meeting password is not considered as important as bank account passwords or similar other access environments, users tended to set weak passwords. These intrusions were highlighted as “Zoom bombings” and the possibility of corporate espionage was stressed.

Secondly, data used during corporate meetings had to move between different users and to ensure that this moved without much latency, the company maintained servers in different countries, including China. Rivals highlighted this and showed the possibility of Chinese espionage.

A third complaint raised was that Zoom claimed to have “end-to-end encryption”, whereas it was theoretically only encryption from the sender’s computer to the receiver’s. It was quite like an “https” connection and did not extend to the processes within the sender’s and receiver’s systems at the application level. This was suggested as a deliberate misrepresentation. There was also an allegation that Zoom shared some data with Facebook without the knowledge of the user and that some log-in IDs and passwords were on sale on the dark web.

As a result of these allegations, a campaign was launched to show that Zoom video-conferencing solutions were unsafe. Media, which did not understand the depth of the problem, also painted a picture of Zoom being the only software where all security flaws were found and hence its use should be discontinued. Neither the media nor others presented any better alternative. Its Chinese ownership was also a reason for some to switch to other solutions.

It was unfortunate that the home ministry became a pawn in this game of one up-manship. As usual, a section of the media claimed that the home ministry had evaluated the Zoom application and was not in favour of its use from the security point of view. While the ministry’s concern about the use of Zoom for meetings of government officials was perhaps genuine, the unusual action of it coming up with a press release, including a set of “secure configuration guidelines” was strange. Though this notification was meant only for government departments, the media implied that it was a national security advisory. Normally, any such guidance should be the responsibility of the Ministry of Electronics and Information Technology (MeitY) and there was no need for the home ministry to step into its shoes and come up with operating guidelines on a subject in which it has no direct knowledge or expertise.

By the time this notification was released, Zoom had already attended to most of the concerns. It changed the default settings of the meetings to a higher security level and left it to the choice of the user to downgrade the security features. It also provided an option to the user to avoid servers in specific countries such as China.

Zoom bombings were due to the user’s negligence. Instructions were released to set a strong password, use the waiting room facility and to lock the meeting if needed. This could avoid unauthorised entries into the meetings. Zoom also clarified that personal data sharing with Facebook occurred because its software development kit (SDK) for log-in authentication collected information beyond the permissions required and granted. It appears to be a deliberate violation of privacy by Facebook, though there could be some negligence on the part of Zoom too.

The controversy regarding end-to-end encryption was more of semantics than anything else. Security experts say that if the encryption is not done at the application level and decrypted only at the destination, it cannot be considered as “end-to-end”. It is possible that the marketing personnel at Zoom called their encryption “end-to-end encryption” without recognizing the difference.

However, most messaging services, including popular email ones, use only transport-level encryption and not the real end-to-end encryption. Even banks in India may not be using real end-to-end security. Hence, singling out Zoom for such a mistake is unfair.

Before the home ministry jumped into the fray, it should have realized that the problem with Zoom was both of technical interpretations and user awareness. It was not an issue of fraudulent intention. The ministry was not capable of understanding the nuances of technology and should have refrained from giving the impression that it was giving a technical advisory on Zoom.

Criticizing Zoom without criticizing Facebook for misusing the consent shows prejudice. Perhaps this should be investigated as the Facebook log-in SDK of the type used by Zoom may also be in wide use in India by others. In all such cases, there could be a siphoning off of personal data beyond what has been consented to by the user. The home ministry has not revealed that email providers also use only VPN security and not end-to-end security. If so, it would have placed the issues observed in Zoom usage in the right perspective.

If Zoom had installed any malware like some Chinese applications do, then the home ministry would have had a reason to issue such advisories. But it did not consider TikTok and UC Browser type applications for a ban. This could be due to their ignorance or pressure from certain business lobbies. It is also to be recognised that Zoom has been promoted by a person of Chinese origin but is not a Chinese company. It is a US company and the promoter is perhaps now a US citizen settled there.

The ministry should also have realised that Zoom as a company is not like telecom equipment suppliers like Huawei or Chinese mobile companies. Some of these companies have allegedly preinstalled malicious applications to bring users under surveillance of the Chinese government. Even point of sale systems used for card authentication at shops and biometric devices used for Aadhaar authentication are being imported from China and the ministry should worry if these have any hidden backdoors.

The ministry appears not to have heard about Deepfake and Deepnude applications which threaten society and could create huge problems. If it was watching the web world, it would have moved to block such apps along with voice-changing apps, Blue Whale or other gaming apps which require urgent attention. It has also remained silent when larger security issues arose when Bitcoin exchanges were allowed to resume their operations, unmindful of their use in possible terror funding.

By not coming out with advisories in such cases and over-reacting to the Zoom controversy, the ministry appears to have been used by industry in a commercial war between companies. In comparison, MeitY has responded positively to the incident by trying to encou­rage an indigenous replacement for the Zoom software. It has announced a prize of Rs 1 crore for this.

—The writer is a cyber law and techno-legal information security consultant based in Bengaluru

Naavi

In a Public Interest Litigation, an advocate has filed a petition in the Supreme Court seeking ban on Zoom . The petition seeks a direction that the Government has to ban the use not only for the use of the Government but also for the public.

It is unfortunate that the Supreme Court has admitted the petition and sent  notices to the Government and Zoom.

So far, whenever the Supreme Court has been notified about the adverse impact of apps like TikTok or the Anti Society systems like the Bitcoin, the Supreme Court did not consider it necessary to respond in public interest. On the other hand it gave a completely anti establishment judgement in the case of Bitcoin and the CJI did not think of reviewing the decision.

However, it has now acted with alacrity to respond to the Zoom petition as if it is a great natural emergency during Covid lock down.

I wish the Judges consult some independent technology specialists who are not in the pay rolls of companies adversely affected by the popularity of Zoom.  Otherwise the credibility of the Court is likely to be severely dented.

This petition was not worth the paper on which it was printed. It ought to have been rejected even for admission with a fine. The Court however has given undue respect to the PIL and issued notices.

At the same time, the Court has failed to issue notices to all stake holders and therefore if it proceeds with the hearing of the petition, the current users of Zoom will be adversely affected. The current users of Zoom in India are also citizens of India and have their own rights to use the software of their choice.

The Supreme Court has failed to realize that there is no compulsion for any individual to use Zoom and it is the choice of the public to use Zoom or chose any other equivalent software.

Intervention of Supreme Court is therefore only serving the business interests of the competitors of Zoom which include big names like Microsoft and CISCO. It has very little public interest objective.

It is possible that the Court might have been wrongly informed  that this is a “Chinese Software” which is spying on India and this could have influenced the decision to admit the petition. This may not be the correct view since Zoom is an US Company and there is no indication that it works under the directions of the Chinese Government, as of now.

The Court might have also been given to understand that Zoom is the only software that has the vulnerabilities  and every other video conference software of Microsoft or Adobe or CISCO are security wise impregnable. This is also not correct.

The Court needs to check with security professionals how often Microsoft or Adobe products are found to have vulnerabilities, whether CISCO has been every accused of providing a backdoor to FBI etc.

Supreme Court may not be aware that Zoom provides recording of meetings as an option either on the cloud or in local computers as do others. It is a choice of the users to store it on the cloud if they want.

I would be pleasantly surprised if the advocate Wajeeh Shafiq or Harsh Chugh or their associates Nimish Chib and Divye Chugh can explain the concept of “End to End Security” and why they think Zoom’s  transmission security is inferior to other similar systems including G mail and Facebook.

The petitioner advocates need to also ki clarify whether they are talking of “Privacy Protection” or “Information Security” and how they distinguish “Personal Data Protection” and “Corporate Information Security”. They seem to be confused.

The Supreme Court should understand that vulnerabilities are part of the software development process and the only way the consumer interest is served is to make all software developers liable for zero day vulnerabilities if any consumer suffers a loss on account of such vulnerabilities. This is feasible even under our consumer protection laws .

Zoom is an intermediary under ITA 2000 and if its platform is used for commission of any offence, it can be tried under any of the provisions of ITA 2000 including hacking, denial of access etc., and Zoom will have to prove “Due Diligence”. ITA 2000 has extra territorial jurisdiction as well as a possibility of extending the liabilities to the Zoom CEO under Section 85 of ITA 2000. Zoom CEO is in USA and the Company is a US Company and hence it should not be difficult to invoke extra territorial jurisdiction if the petitioners want.

Instead of using such provisions that are already available under the ITA 2000, the petitioners are launching a speculative attack to serve the business interests of the competitors.

The petition is therefore ill conceived and it indicates that business rivals of Zoom must have encouraged this litigation or the petitioners are doing it for publicity purpose.

Supreme Court has to show maturity and maintain distance from such business related issues.

Naavi

After teaching Cyber Laws and ITA 2000 for a long long time, Naavi had moved his attention to teaching “Privacy and Data Protection” because that was the need of the hour.

The market has however come around to realize while studying the upcoming Personal Data Protection Act that it is afterall an extension of ITA 2000/8 and replacement of one aspect of our current Information Technology Act.

Simultaneously the market is realizing that even if the passage of the Personal Data Protection Bill 2019 can be held up, the Section 43A of ITA 2000/8 or the Section 72A or Section 67C or Sections 69,69A,69B, 70 B or Sections 85 and 79 all remain effective today and most of them will continue to remain effective even after PDPA 2020 comes into existence.

Hence the need to know Cyber Law and IT Act has got rejuvenated.

To satisfy this demand, Naavi is conducting two 12 hour courses in the next 10 days. One course will be over the week ends and will be for the members of a CISO/CTO group. The second would be a week day course for more law oriented persons.

The Core coverage would be ITA 2008 but the emphasis could be different. While the CTO’s/CISOs will receive the information security perspective of ITA 2000/8, the other group will receive a little more legal perspective.

I hope both segments will be satisfied with what is on offer.

Ofcourse the Course has to refer to some Case studies, Cyber Crimes, Adjudication,  the Digital and Electronic Signatures, Section 43A obligations of Reasonable Security or Due diligence concept under Section 79 and the Evidentiary aspects of Section 65B.

After the lock down is lifted fully, neither the participants nor me may have the same time to conduct such programs and therefore these could be unique occasions to revisit ITA 2000/8 at a time when the PDPA 2020 is likely to occupy our mind space for the immediate future.

The details of the week day batch  is available below.

Yes… It is a paid course and the payment link is here

The participants of this Course will get copies of three e-Books, one on Cyber Crimes, one on Electronic Signatures and one on Section 65B.

I invite all interested Advocates and IT personnel to take advantage of this knowledge boosting sessions.

The focus of this program is different from the Classical approach and adopt a Cyber Jurisprudent’s approach…

We will focus on this is what the law says…This was the legislative intent… Perhaps this is the best interpretation…

Even when there is a judicial verdict, we shall analyze it rather than accepting it in blind faith.

I believe that this approach will help us improve our collective understanding of the law and we all will be contributing to the development of Cyber Jurisprudence.

Naavi

P.S.: Participants would receive participation certificate from Cyber law college.

Naavi was the pioneer in Cyber Law Education in India. Cyber Law College itself was a concept ahead of its times and when it started its activities in July 2000 and launched first course in Cyber Laws in October 2000, the concept of “Virtual” was alien to most. It was however necessary in the context of economy.

The first version of the program was as a “Distance Learning Course”. Then several years later the concept of video classes developed after 2005. During that time classes were conducted online on the platform of gatherplace.com and later gotomeeting and Webex with a batch of students at the other end seeing a common projected screen. Then came the individual across the screen training in Digital Signatures and HIPAA where the student/s or trainees connected either individually or collectively on their own computers. One of the successful use of this virtual meeting was for HIPAA training for a group of medical transcriptionists in Phillipines.

With the success of these experiments, Naavi also launched the Arbitration.com (now odrglobal.in) as a video conference based online dispute resolution mechanism.

However, none of these were fully accepted by the market and they remained as experiments. While the teaching and training continued, it often involved travelling and wasteful expenditure. However, 20 years later, the Corona Virus has changed the perspective of “Virtual Meetings”. Now it is not only acceptable but also the preferred norm.

Now towards the end of the lock down period, we are observing that there are innumerable number of online meetings and webinars both by individuals and organizations.  Naavi’s dream of carrying the College in his laptop bag has now been realized and even got further miniaturized into the mobile.

Cyber Law College moved from other video conference tools to Zoom and now more options are becoming available. We may even see some Indian version “fokuz.online” coming up with an indigenous version of a class room.  Many other platforms including Tata VSNL have woken up from their slumber and trying to enter the market without much success.

The Apnacourse.com, and the like which enabled recorded versions of the training programs to be hosted were useful but with the entry of Zoom like tools, may find it difficult to grow.

However Online Examination tools with proctoring and without proctoring are still in the nascent stages and will get integrated with the Zoom like platforms to provide a complete transformation of the education system in India.

The training material of Cyber Law College also went through the transition from the following bulky but attractive books to the current form of PDF files or Kindle books.

The books shown above which were training materials used for two of the courses reflect the relics of those days.

Subsequently CD Books were also used by Naavi both in 1999 when the printed book “Cyber Laws for Every Netizen in India” had to be supplemented with the copy of the Bill as presented in the Parliament.  Subsequently, several CD Books were released on Cyber Crimes.

Presently E Books, Kindle format have become the norm though the physical books still have retained the charm except for the difficulty in distribution.

During this fascinating journey of 20 years, Naavi also promoted the concept of “Cyber Vidya” with the vision of upgrading the teaching in Government schools with virtual teaching. The project which was discussed with the Karnataka Government at one point of time would have been a great development had it been taken up. But as usual it was ahead of its time. But its time has now come and I see some thoughts about this are floating in the market . Perhaps this dream of “Cyber Vidya” will also be realized one day.

This journey down the memory lane was triggered because Naavi/Cyber Law College is starting online courses on Cyber Law and IT Act in the next week after a gap of several years.

One of the courses will be for CISOs and CTOs and the other for Cyber Law students.

I will share more details of what is envisaged in these courses so that interested persons can take advantage of the same.

Naavi

Program conducted over interactive online session. Covers entire Information Technology Act along with the Cyber Jurisprudential analysis of the law, including Digital Signatures, Section 65B of Indian Evidence Act and Legal aspects of Information Security, Cyber Crimes in E Banking, E Commerce scenario etc

Payment for registration can be made here:

All participants would be issued participation certificate from Cyber Law College

Naavi

It is close to 20 years since India passed the Information Technology Act and notified it with effect from 17th October 2000. It enabled digital contracts to be recognized in law and established a “Judicially recognized Digital Society”. (For this reason, Naavi has been calling for celebration of 17th October as the Digital Society Day of India).

When the IT Act was passed, the legal recognition to electronic documents under Section 4 extended all current laws to the domain of Cyber Laws by replacing the “Written” document with an “Electronic Document”. Hence under the Indian Contract Act, offers and acceptances in writing could be replaced with offers and acceptances with the use of Electronic documents. “Signing” was also extended to electronic documents by introducing the system of “Digital Signature”.

In 2008 version, provision was made for other forms of electronic signature and in 2015 we came across the notification of e-sign as one of the other forms of authentication of an electronic document along with the digital signature.

With these, an electronic document with digital signature or e-sign could be considered as equivalent to a written and signed document. Hence if such documents are used for communication of proposals or acceptances, it would form a valid digital contract.

Section 10A also provided the clarity that communication of proposals and acceptances through electronic document can lead to valid contract formation.

Exclusion of Documents from ITA 2000

The excluded documents under the then Section 1(4) which is now listed under Schedule-I,  exempted Negotiable Instruments, Trust deed, Will, Power of Attorney and a contract of sale or transfer of any interest in immovable property from the legal recognition under the Act. Hence all other documents which were in electronic form could be considered as “Included” in ITA 2000.

The exclusions of these types of documents were also adopted in other countries which at that time had adopted similar laws. At the time when Draft  E Commerce Act 1998, the Information Technology Bill 1999 and then the Information Technology Act 2000 was under discussion in professional circles, we had observed that the Indian law did not within the Act provided a justification for the inclusion of these documents under the “Excluded Category”. However the law had adopted the provisions from the then Malaysian law, Singapore law, Utah law etc. Unless we go through the minutes of the meeting at that time in the Drafting Committee or unless Mr T. K Vishwanathan the person who was responsible for the actual drafting of the act comes up with his memories on the issue, we will have to do with my memories in this regard.

According to my memory, some of the Countries including Pakistan (It had an ordinance similar to our bill), had specified the reasons why they kept out the immovable property transactions from the recognition. (See my comments on this bill on January 17, 2002) The ordinance had clearly said as follows:

Section 9: Stamp Duty. — (1) Notwithstanding anything contained in the Stamp Act, 1899 (II of 1899), for a period of two years from the date of commencement of this Ordinance, stamp duty shall not be payable in respect of any instrument executed in electronic form.

(2) The Provincial Governments shall, within the period specified in sub-section (1), devise and implement appropriate measures for payment of stamp duty through electronic means before or at the time of execution of the instrument in electronic form.

It was clear that the exemption was considered because of lack of proper method for collection of stamp duty. I am sure that the reasoning here as well as in other laws of that time was that stamp duty is not payable on electronic documents for reasons that were relevant at that point of time.

It was also considered (my interpretation), that India wanted to disallow property documents  because electronic documents were not considered stable enough to be retained for more than 5 years and the requirement of property documents extended to retention for hundreds of years. A similar 5 year upper limit can be observed with respect to retention of certain aspects of digital signature records.

Finally, ITA 2000 did not specify the reasons for exemption of some documents and whether one of the reasons was to do with the Stamp duty issue. Hence today we are confused whether Stamp Duty is payable on electronic contracts or not.

Readers may refer to some of the articles I have provided in the “Reference Articles”  at the end of this article, written by many expert advocates and my own earlier articles. Some of them try to take the Maharashtra State Government amendment of the State Stamp Act to say that since a procedure for payment of stamp duty is now available, we should consider that Electronic contracts are also to be considered as coming under the Stamp duty.

The article of Uthara Priyadarshini in Bar and Bench appears to hold out the most acceptable analysis.

Types of E Contracts

Not all contracts which we call as “E-Contracts” are formed with a specific offer and acceptance or a common agreement so that they can be printed out or Stamp duty paid at the time of signing. Incidentally I disagree with one of the authors in the articles below who considers typing the name or placing a picture of signature etc as electronic signatures under Section 3A of ITA 2000.

The only valid Section 3A electronic signature is the e-Sign. There are other forms of e-contracts such as Click Wrap, Browse Wrap or Shrink Wrap which experts often refer to.

As regards the “Click Wrap” contracts, since a “Click” cannot be considered as a “Digital Signature”, the document cannot be considered as a “Signed document”. However, the “Click-Wrap” can still be considered for formation of an “Implied Contract” since ITA 2000 did not bar the formation of contract as provided under Indian Contract Act which included both Oral and Implied contracts.

The “Click-Wrap” contract comes under the category of “Un-Negotiated”, “Dotted Line or Standard form” Contract and the principles of “Unconscionable contracts” as laid out in the CERC Vs LIC Of India Supreme Court case apply. Accordingly the “Dominant party” has to ensure that onerous clauses are sufficiently highlighted and  there is a “Meeting of Minds” between the two parties to agree on the terms of the clause which may otherwise be considered as “One Sided”.

The “Browse-Wrap” contract where there is a contract some where hidden on a website which says, if you continue browsing, you are deemed to have accepted the terms of this contract is also a “Deemed or Implied Contract”. Similarly the “Shrink-Wrap” contract also tries to bind a person to the contract even before he has the full information of the terms in that part, an implied, standard form contract only.

Hence the “Click-Wrap”, “Shrink-Wrap” or “Browse-Wrap” types of electronic contracts donot fall into the category of “Written Contracts” under Indian law.

If however the offer and acceptance documents are digitally signed with a digital certificate issued by the Indian certifying authority and was valid at the time of signing, then the document can be considered as a valid contractual documents and subject to the exemptions that it is not a Bill of Exchange or Promissory Note (Cheques are included after the 5th February 2003 amendment), or a Trust deed or a Will or a Power of Attorney or a document that transfers title in an immovable property.

Now the question comes about the lack of Stamping of the document at the time of execution.

We must appreciate that “Stamping” of a document to make it valid or to make it invalid if not stamped is a requirement of revenue generation for the Government. If the Government wants to continue generating revenue on online contracts, they need to institute a proper methodology for payment of stamp duty, generating an acknowledgement and noting that on the document.

Also, if the Indian Stamp Act has defined that the Stamp Act is applicable for only paper documents then the State Governments cannot make their own amendments contrary to the Central law by introducing new instruments under the Act.

If “Electronic Documents” are recognized as an Exclusive category of documents which are neither “Oral” not “Documentary”, then the powers under Section 90 of ITA 2000 to the States should not be extended to create a new kind of “Instrument” under the State Stamp Acts which is inclusive of “Electronic Documents”. The Indian Evidence Act under Section 17 clearly identifies three kinds of statements for admission where there is a distinction between “Oral”, “Documentary” and “Contained in electronic form”, which substantiates this view. Hence “Electronic Records” are a new kind of documents other than “Oral” and “written” and Stamp act cannot create a new instrument for the purpose of collecting revenue.

The amendments of the State Governments of Maharashtra and other Governments such as Delhi, Gujarat, Rajasthan and Karnataka mentioned in the article in Lex Counsel by Seema Jhingan and others appear ultra-vires the powers of the State.

Legislative Intent

The legislative intent of introducing ITA 2000 to facilitate E Commerce was to ensure that commercial contracts could be carried on with the use of Electronic Documents exchanged over the network as “Offer E Mail” and a “Acceptance E Mail” leading to formation of contracts since there was a way of signing the offer and acceptance, there was determination of attribution, time and place of message etc.

Under “Section 4 of the Draft E Commerce Act 1998” it was stated as under:

c) In relation to this Act, electronic records shall not be liable to stamp duty under the Stamp Act, 1899.

It also added as comments:

Comments: It is not feasible to give broad legal recognition to all documents that are signed with an electronic signature because, under Indian Law, hand written signatures are more appropriate for certain categories of agreements. Therefore, the purpose of limiting application of this Act is to acknowledge the intent of relevant laws that mandate the use of pen and ink for some documents.

For example, in the case of negotiable instruments, the current state of technology does not adequately provide a reliable mechanism for the transfer or negotiation of electronic records to holders in due course beyond an originator and an initial recipient of the electronic record.

Additionally, this section provides authority to the Central Government to amend, as appropriate, the limitations set forth in this section.

Further, the application of the Stamp Act has been limited to recognize the intangible nature of electronic records, based upon precedent set in the Depositories Act, 1996.

It can therefore be construed that the Legislative intent behind ITA 2000 was clearly to exempt the Electronic Contracts from the Indian Stamp Act.

Cancellation of Stamps

Beyond all the above arguments there is also a need to look at how “Cancellation” of a stamp in the electronic scenario has to be recorded. For Stamping to be valid, the document has to be stamped at the time of its execution and has to be cancelled in an appropriate form. Does the procedure of making a payment to the treasury and noting the payment transaction number in the document constitute a valid cancellation in the absence of a specific mention in the procedures lead down by the State Governments will be a moot point.

The mother of all ITA 2000 like laws was the UNCITRAL Model law on E Commerce adopted as a resolution in UN.  The UNCITRAL model law confined itself to the commercial contracts but did make mention about “Stamping” in a different context where “Stamping” is considered as a “Signature”. It noted that “alongside the traditional handwritten signature, there exist various types of procedures (e.g., stamping, perforation), sometimes also referred to as “signatures”, which provide various levels of certainty.” It also said “the concept of a signature adopted in that context is such that a stamp, perforation or even a typewritten signature or a printed letterhead might be regarded as sufficient to fulfill the signature requirement. “

These description of “Signature” were in a different context but has a connotation in the “Cancellation of Stamps” since one of the methods of cancellation is to write the date of the instrument or sign across the adhesive stamp.

Desirability of Stamping E Contracts

Not withstanding the right of the State Government to impose Stamp Act on E Contracts, and their ability to introduce the required procedures, the desirability of such a measure needs to be examined from the point of view of commercial feasibility and ease of doing business.

This is a call that the Central Government and the State Governments should take together. If the challenges are too harrowing, companies could shift the contract execution to a “Stamp Tax Haven” (virtually) using the available provisions of ITA 2000 and avoid the stamp duty.

We are presently on the threshold of a “Personal Data Protection Act” (PDPA) and this act will impose huge penalties for non compliance that cannot be ignored by E-Business organizations. In determining the obligations under the Act, the “Consent” is a critical element. The PDPA expects that the “Consent” passes the test of the Indian Contract Act. If read along with the validity of contracts under the Indian Stamp act, then all the “Consents” will fail to be valid contracts both because they may not be digitally signed or they may not be stamped under the Indian Stamp Act.

The only option for such digitally signed, un-stamped memorandum of understanding is to use the “CEAC-DROP BOX” concept which creates the witnesses to establish the evidentiary value of the memorandum of understanding without a “Documentary Contract”.

For the sake of ease of business however, this issue needs to be clarified in law so that the business entities are not kept in the dark. One option available now is through the PDPA which is still in the Bill stage, which can clarify that “Consent” can be provided without a digitally signed or Stamped document provided there is a necessary collateral evidence confirming the intention of the parties.

The above are my personal views and readers may also read the articles referred to below to get a comprehensive view of the issue.

I invite the views of others so that we can collate the views of the fraternity both from the field of Advocates, Technology professionals and the Data Protection professionals.

Naavi

Reference Articles:

1.Electronic Contracts-Applicability of Stamp Duty: Seema Jhingan, Neha Yadav and Saniya Kothari published at Mondaq.com

2. Stamp duty implications on E-Agreements: Ishika Agarwal, Vinod Kothari Consultants

3. E Contracts in India: Commercial law Blog

4. Are E Contracts amenable to Stamp Duty ?: Anuj Agarwal/Uttara Priyadarshini:  Bar and Bench:

5. Redefining the scope of ITA 2008.. in the amendments..

6. Stamp Duty on Electronic Records