It Amendments Act

48
IT ACT AMENDMENTS 2008- WHAT THEY ENTAIL FOR CORPORATE INDIA?

Transcript of It Amendments Act

Page 1: It Amendments Act

IT ACT AMENDMENTS

2008-

WHAT THEY ENTAIL

FOR CORPORATE

INDIA?

Page 2: It Amendments Act

A PRESENTATION BY

PAVAN DUGGAL,

CHAIRMAN,

ASSOCHAM CYBERLAW

COMMITTEE

ADVOCATE,

SUPREME COURT OF INDIA

HEAD, PAVAN DUGGAL

ASSOCIATES

Page 3: It Amendments Act

22ND JANUARY, 2009

�SCAM EMAIL CIRCULATED

�EXTREMELY DEFAMATORY AND

DEROGATORY STATEMENTS

�EMAILS TRACED

�DELHI HIGH COURT RESTRAINT

ORDER

Page 4: It Amendments Act

CYBER LAW IN INDIA

�� In India the Information Technology Act,

2000 is the Mother Legislation that deals

with issues related to use of computers,

computer systems , computer networks and

the Internet.

Page 5: It Amendments Act

CYBER LAW IN INDIA

�� Information Technology Amendment Bill, 2006

� Referred to Parliamentary Standing Committee on

IT

� Standing Committee Report- 2007

� Information Technology Amendment Bill, 2006

Page 6: It Amendments Act

IT ACT AMENDMENTS

� INFORMATION TECHNOLOGY

AMENDMENT ACT, 2008

�PASSED BY BOTH THE HOUSES OF

PARLIAMENT IN END DECEMBER,

2008

�HISTORY REPEATS ITSELF.- 2000 /2008

Page 7: It Amendments Act

COMPLIMENTS

�GOVERNMENT OF INDIA AND PARLIAMENTARY STANDING COMMITTEE ON IT NEEDS TO BE COMPLIMENTED FOR ALL THEIR HARD WORK IN MAKING THE NEW AMENDMENTS A REALITY

�LOT OF MAJOR SIGNIFICANT ADVANCES MADE BY THE NEW AMENDMENTS

Page 8: It Amendments Act

TECHNOLOGY NEUTRAL LAW

� Amendments have made the Information

Technology Act, 2000 as a technology neutral

legislation

�� instead of, digital signatures, the law has come up instead of, digital signatures, the law has come up

with a more broad generic concept of electronic with a more broad generic concept of electronic

signatures signatures

�� paved the way for removing the implementation of paved the way for removing the implementation of

the IT Act by removing certain undesirable the IT Act by removing certain undesirable

wordings in some sections wordings in some sections

Page 9: It Amendments Act

CYBER TERRORISM

�� for the first time, defined the concept of cyber for the first time, defined the concept of cyber

terrorism and has made it a heinous crime. terrorism and has made it a heinous crime.

�� cyber terrorism as an offence that has been made cyber terrorism as an offence that has been made

punishable with life imprisonment and fine. punishable with life imprisonment and fine.

�� This move should do tremendous service to the This move should do tremendous service to the

cause of the Indian nation as also the sovereignty , cause of the Indian nation as also the sovereignty ,

integrity and security of India.integrity and security of India.

�� Highly commendable move after Mumbai 26/11/ Highly commendable move after Mumbai 26/11/

attacksattacks

Page 10: It Amendments Act

NEW CYBERCRIMES ADDED

��provide far more exhaustive coverage of provide far more exhaustive coverage of cybercrimes in the law. cybercrimes in the law.

��Various new cybercrimes have been added Various new cybercrimes have been added like the activities defined in Section 43 of the like the activities defined in Section 43 of the IT Act, 2000. IT Act, 2000.

��The new amendments have added identity The new amendments have added identity theft and phishing as cybercrimes . theft and phishing as cybercrimes .

��have also covered breach of privacy, child have also covered breach of privacy, child pornography as specific offences. pornography as specific offences.

Page 11: It Amendments Act

INTERCEPTION

��The new amendments have strengthened The new amendments have strengthened

the hands of the nation by increasing the the hands of the nation by increasing the

ambit of the powers of interception of the ambit of the powers of interception of the

Government, Government,

�� Interception, blocking and monitoring Interception, blocking and monitoring

powers have been more detailed and powers have been more detailed and

elaborately stated. elaborately stated.

Page 12: It Amendments Act

IT ACT AMENDMENTS &

CORPORATES

�HUGE RAMIFICATIONS OF THE NEW

AMENDMENTS ON CORPORATE

INDIA

�LAW HAS BEGUN TO FLEX ITS

MUSCLES

�THE CLOCK IS SLOWLY CHURNING

Page 13: It Amendments Act

SECTION 2

� (ha)“Communication Device” means cell phones, personal digital assistance or combination of both or any other device used to communicate, send or transmit any text, video, audio or image;’;

� (J)“computer network” means the inter-connection of one or more computers or computer systems or communication device through

Page 14: It Amendments Act

SECTION 2

� (i) the use of satellite, microwave, terrestrial

line, wire, wireless or other communication

media; and

� (ii) terminals or a complex consisting of two

or more inter-connected computers or

communication device whether or not the

inter-connection is continuously

maintained;’;

Page 15: It Amendments Act

HACKING NO LONGER AN OFFENCE

�HACKING AS AN OFFENCE HAS BEEN DELETED FROM THE LAW BOOK.

�EXISTING SECTION 66 OF THE IT ACT, 2000

�THE SAID SECTION HAS BEEN SUBSTITUTED BY NEW LANGUAGE

�EXISTING LANGUAGE OF THE OFFENCE OF HACKING DOES NOT FIND MENTION IN THE CURRENT MANNER

Page 16: It Amendments Act

YOUR FRIENDLY

CYBERCRIME LEGISLATION

AMENDMENTS SEEK TO MAKE INDIAN

CYBERLAW FRIENDLY CYBER CRIME

LEGISLATION:

- A LEGISLATION THAT GOES

EXTREMELY SOFT ON CYBER

CRIMINALS, WITH A SOFT HEART

Page 17: It Amendments Act

CYBERCRIME FRIENDLY

�A LEGISLATION THAT CHOOSES TO

ENCOURAGE CYBER CRIMINALS BY

LESSENING THE QUANTUM OF

PUNISHMENT ACCORDED TO THEM

IN THE EXISTING LAWS

Page 18: It Amendments Act

CYBERCRIMES BALIABLE

�DISTINCT ABSENCE OF LOGIC AND

RATIONALE IN REDUCING OF THE

QUANTUM OF PUNISHMENTS FOR

VARIOUS OFFENCES

�NOW CYBERCRIMES TO BE

INVESTIGATED NOT BY A DSP BUT BY

AN INSPECTOR

Page 19: It Amendments Act

SECTION 6 ASECTION 6 A

�Delivery of Services by Service Provider

(Inserted vide ITAA-2008)

�The appropriate Government may, for the

purposes of this Chapter and for efficient

delivery of services to the public through

electronic means authorize, by order, any

service provider to set up, maintain and

upgrade the computerized facilities and

perform such other services as it may

specify, by notification in the Official

Gazette.

Page 20: It Amendments Act

SECTION 6 A (Contd.)

�Explanation: For the purposes of this

section, service provider so authorized

includes any individual, private agency,

private company, partnership firm, sole

proprietor form or any such other body or

agency which has been granted

permission by the appropriate

Government to offer services through

electronic means in accordance with the

policy governing such service sector.

Page 21: It Amendments Act

SECTION 6 A (Contd.)

�The appropriate Government may also

authorize any service provider authorized

under sub-section (1) to collect, retain and

appropriate service charges, as may be

prescribed by the appropriate Government

for the purpose of providing such services,

from the person availing such service.

Page 22: It Amendments Act

SECTION 6 A (Contd.)

�Subject to the provisions of sub-section (2),

the appropriate Government may authorize

the service providers to collect, retain and

appropriate service charges under this

section notwithstanding the fact that there is

no express provision under the Act, rule,

regulation or notification under which the

service is provided to collect, retain and

appropriate e-service charges by the service

providers.

Page 23: It Amendments Act

SECTION 6 A (Contd.)

�The appropriate Government shall, by

notification in the Official Gazette, specify

the scale of service charges which may be

charged and collected by the service

providers under this section: Provided that

the appropriate Government may specify

different scale of service charges for different

types of services.

Page 24: It Amendments Act

SECTION 43 A

�Where a body corporate, possessing, dealing

or handling any sensitive personal data or

information in a computer resource which it

owns, controls or operates, is negligent in

implementing and maintaining reasonable

security practices and procedures and

thereby causes wrongful loss or wrongful

gain to any person, such body corporate

shall be liable to pay damages by way of

compensation, to the person so affected.

Page 25: It Amendments Act

SECTION 43 A (contd.)

�Explanation: For the purposes of this

section

�"body corporate" means any company and

includes a firm, sole proprietorship or other

association of individuals engaged in

commercial or professional activities

Page 26: It Amendments Act

SECTION 43 A (contd.)

� "reasonable security practices and procedures"

means security practices and procedures designed to

protect such information from unauthorised access,

damage, use, modification, disclosure or

impairment, as may be specified in an agreement

between the parties or as may be specified in any law

for the time being in force and in the absence of such

agreement or any law, such reasonable security

practices and procedures, as may be prescribed by

the Central Government in consultation with such

professional bodies or associations as it may deem

fit.

Page 27: It Amendments Act

SECTION 43 A (contd.)

�"Sensitive personal data or information"

means such personal information as may be

prescribed by the Central Government in

consultation with such professional bodies

or associations as it may deem fit.

Page 28: It Amendments Act

SECTION 79

�Exemption from liability of intermediary in

certain cases . Notwithstanding anything

contained in any law for the time being in

force but subject to the provisions of sub-

sections (2) and (3), an intermediary shall

not be liable for any third party information,

data, or communication link made hosted by

him.

Page 29: It Amendments Act

SECTION 79 (contd.)

�The provisions of sub-section (1) shall apply

if-

� (a) the function of the intermediary is

limited to providing access to a

communication system over which

information made available by third

parties is transmitted or temporarily stored;

or

Page 30: It Amendments Act

SECTION 79 (contd.)

� (b) the intermediary does not-

� (i) initiate the transmission,

� (ii) select the receiver of the transmission,

and

� (iii) select or modify the information

contained in the transmission

Page 31: It Amendments Act

SECTION 79 (contd.)

� (c) The intermediary observes due diligence

while discharging his duties under this Act

and also observes such other guidelines as

the Central Government may prescribe in

this behalf

Page 32: It Amendments Act

SECTION 79 (contd.)

�The provisions of sub-section (1) shall not

apply if- (a) the intermediary has conspired

or abetted or aided or induced whether by

threats or promise or otherwise in the

commission of the unlawful act.

Page 33: It Amendments Act

SECTION 79 (contd.)

� (b) upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.

Page 34: It Amendments Act

SECTION 79 (contd.)

�Explanation:- For the purpose of this

section, the expression "third party

information" means any information dealt

with by an intermediary in his capacity as an

intermediary.

Page 35: It Amendments Act

E-HAFTA AND CORPORATE INDIA

�INSPECTOR RAJ IN CYBERCRIME

SCENARIO

�CONCEPT OF E-HAFTA WILL TAKE

CONCRETE FEET

�CONCERNS OF CORPORATE INDIA

REGARDING THEIR CONFIDENTIAL

DATA AND INFORMATION NOT

ADDRESSED

Page 36: It Amendments Act

NEED OF THE HOUR

�NEED TO PROTECT YOURSELF

�TRY TO ADOPT CYBER SECURITY

PRACTICES

�PREVENTION IS BETTER THAN CURE

�FOCUS ON PROACTIVE ACTION

Page 37: It Amendments Act

NEW CHALLENGES

�SOCIAL NETWORKING

�P2P

�USER GENERATED CONTENT

�SPYWARE AND MALWARE

�E-DISCOVERY

Page 38: It Amendments Act

INTERMEDIARIES & DUE DILIGENCE

�ALL COMPANIES COMING WITHIN THE DEFINITION OF INTERMEDIARIES NEED TO DO DUE DILIGENCE

�DUE DILIGENCE CRITICAL FOR LIMITATION OF LIABILITY

�DUE DILIGENCE NEEDS TO BE DOCUMENTED AND BE READILY AVAILABLE

Page 39: It Amendments Act

PAVAN DUGGAL DUE DILIGENCE

PROGRAMME, 2009

�PAVAN DUGGAL DUE DILIGENCE PROGRAMME VERSION 2009

�CONDUCTED BY PAVAN DUGGAL ASSOCIATES, INDIA’S NICHE TECHNOLOGY LAW FIRM

�AN ASBOLUTE MUST FOR ALL INTERMEDIARIES AND COMPANIES

Page 40: It Amendments Act

PAVAN DUGGAL DUE DILIGENCE

PROGRAMME, 2009

�EXHAUSTIVE DUE DILIGENCE DONE

FOR ALL STAKEHOLDERS

�NO REINEVENTION OF THE WHEEL

�PROACTIVE PROTECTION KEEING IN

THE MIND THE CUSTOMIZED

REQUIREMENTS OF THE RELEVANT

LEGAL ENTITY

Page 41: It Amendments Act

PAVAN DUGGAL DUE DILIGENCE

PROGRAMME, 2009

��CRITICAL FOR COMPANIES AND CRITICAL FOR COMPANIES AND

THEIR TOP MANAGEMENT TO GET THEIR TOP MANAGEMENT TO GET

THE SAID DUE DILGENCE DONETHE SAID DUE DILGENCE DONE

��NEED TO LIMIT POTENTIAL LEGAL NEED TO LIMIT POTENTIAL LEGAL

EXPOSURE , BOTH CIVIL AND EXPOSURE , BOTH CIVIL AND

CRIMINAL, FOR THE COMPANIES CRIMINAL, FOR THE COMPANIES

AND THEIR TOP MANAGEMENTSAND THEIR TOP MANAGEMENTS

Page 42: It Amendments Act

CYBERLAWS.NET SURVEY ON ECYBERLAWS.NET SURVEY ON E--

COMPLIANCECOMPLIANCE

�Generate awareness & orientation about the compliance requirements of Indian Cyber Law

Sensitize people about :

� The level of compliances of their respective organizations pertaining to Indian Cyber Law.

�Possibility of exposures to potential risks.

Page 43: It Amendments Act

CYBERLAWS.NET SURVEY ON CYBERLAWS.NET SURVEY ON

EE--COMPLIANCECOMPLIANCE

Page 44: It Amendments Act

CYBERLAWS.NET SURVEY ON CYBERLAWS.NET SURVEY ON

EE--COMPLIANCE ( contd)COMPLIANCE ( contd)

Page 45: It Amendments Act

CYBERLAWS.NET SURVEY ON CYBERLAWS.NET SURVEY ON

EE--COMPLIANCE( contd)COMPLIANCE( contd)

To take the survey & know your present To take the survey & know your present

compliance situation visit the following web compliance situation visit the following web

address :address :

http://http://cyberlaws.net/ecompliancecyberlaws.net/ecompliance

Page 46: It Amendments Act

IT Act Amendments, December 2008IT Act Amendments, December 2008

Page 47: It Amendments Act

IT Act Amendments, 2008IT Act Amendments, 2008

For details visit:For details visit:

www.cyberlaws.net/itamendmentswww.cyberlaws.net/itamendments

OrOr

www.cyberlawindia.comwww.cyberlawindia.com

Page 48: It Amendments Act

A PRESENTATION A PRESENTATION

BY BY

PAVAN DUGGAL,PAVAN DUGGAL,

ADVOCATE, SUPREME ADVOCATE, SUPREME

COURT OF INDIACOURT OF INDIA

PAVAN DUGGAL PAVAN DUGGAL

ASSOCIATESASSOCIATES

EMAIL : EMAIL : pduggal@[email protected]

[email protected]@gmail.com