law & IT

82
◄Chapter 1► Introduction Humanity is acquiring all the right technology for all the wrong reasons. -R. Buckminster Fuller Since the beginning of civilization, man has always been motivated by the need to make progress and better the existing technologies. This has led to tremendous development and progress which has been a launching pad for further developments. Of all the significant advances made by mankind from the beginning till date, probably the most important of them is the development of Internet. However, the rapid evolution of Internet has also raised numerous legal issues and questions. As the scenario continues to be still not clear, countries throughout the world are resorting to different approaches towards controlling, regulating and facilitating electronic communication and commerce.

Transcript of law & IT

Page 1: law & IT

◄Chapter 1►

Introduction

Humanity is acquiring all the right technology for all the wrong reasons.

-R. Buckminster Fuller

Since the beginning of civilization, man has always been motivated by the

need to make progress and better the existing technologies. This has led to

tremendous development and progress which has been a launching pad for further

developments. Of all the significant advances made by mankind from the

beginning till date, probably the most important of them is the development of

Internet.

However, the rapid evolution of Internet has also raised numerous legal

issues and questions. As the scenario continues to be still not clear, countries

throughout the world are resorting to different approaches towards controlling,

regulating and facilitating electronic communication and commerce.

In the past few decades there has been a revolution in computing and

communications, and all indications are that technological progress and use of

information technology will continue at a rapid pace. Accompanying and

supporting the dramatic increases in the power and use of new information

technologies has been the declining cost of communications as a result of both

technological improvements and increased competition. According to Moore's law

the processing power of microchips is doubling every 18 months. These advances

present many significant opportunities but also pose major challenges. Today,

innovations in information technology are having wide-ranging effects across

numerous domains of society, and policy makers are acting on issues involving

Page 2: law & IT

economic productivity, intellectual property rights, privacy protection, and a

affordability of and access to information. Choices made now will have long

lasting consequences, and attention must be paid to their social and economic

impacts. One of the most significant outcomes of the progress of information

technology is probably electronic commerce over the Internet, a new way of

conducting business. Though only a few years old, it may radically alter economic

activities and the social environment. Already, it affects such large sectors as

communications, finance and retail trade and might expand to areas such as

education and health services. It implies the seamless application of information

and communication technology along the entire value chain of a business that is

conducted electronically.

Information Technology is a key driver of an increasingly knowledge based

global economy. A knowledge based economy is now a sine qua non for

leadership. Given its current global position in the IT and ITES sector, India is

well positioned to enhance and leverage its IT capabilities towards this end.

Technology has transformational power. It is a great leveler of opportunity within

and across economies. Recognizing this potential of IT, several economies in the

Asia-Pacific region have invested in infrastructure and adopted proactive policies

to foster adoption of IT pervasively. Consequently their economies have

experienced much faster and more equitable growth and their development indices

have moved up rapidly.

The following sections will focus on the impacts of information technology

and electronic commerce on business models, commerce, market structure,

workplace, labour market, education, private life and society as a whole.

Page 3: law & IT

◄Chapter 2►

Impact of Information technology

Definition of IT

IT (information technology) is a term that encompasses all forms of

technology used to create, store, exchange, and use information in its various

forms (business data, voice conversations, still images, motion pictures,

multimedia presentations, and other forms, including those not yet conceived). It's

a convenient term for including both telephony and computer technology in the

same word. It is the technology that is driving what has often been called "the

information revolution."

Impact on Government

Information technology probably impacts governments more than corporations

and private individuals. For the most part, corporations propel and advance

technology. Consumers then jump on the bandwagon embracing new and

wonderful gizmos and ideas. Governments, on the other hand, usually lag behind

and are forced to catch up. And even if they do not want to be involved, they must,

because current trends and business practices demand that they conform. But this

leaves governments vulnerable in many ways and thus, it can be said that

generally speaking, information technology has a negative impact on

governments. 

The first issue, as previously stated, governments are not leaders in technology.

They react to the environment around them rather than trying to find new ways of

efficiency. As a result, it is more costly to change everything over at once

dispensing large sums of cash to meet equipment needs and staff training

Page 4: law & IT

requirements. It also leads to more inefficiency as new systems are confused with

old and chaotic situations occur. 

Secondly, governments hold confidential information. Both data from its

individual citizens and country specific security data. As all information becomes

digital and available to anyone who cares to see it, security breaches are inevitable.

And while many corporations have had scandals regarding customer information

being leaked or hacked, governments are more susceptible, as they rarely attract

the best IT people in the field as employees. Again, they tend to react after the fact

rather than proactively. 

The third issue at work is transparency. Citizens want to know what government

officials and employees are doing. And the internet is perfect for this type of

society. Everyone's business and personal activities are available online. And

while this trend is affecting the ability of individuals to obtain jobs or entry into

excellent schools, it is also adversely affecting the government. Conversations,

actions, decisions and motives are being played out on the internet in emails,

social networking sites, videos and personal blogs. Government officials and

employees can no longer hide in a shroud of secrecy. 

Contrarily, it must be said, that these pitfalls tend to be the realm of governments

from industrialized nations. In countries that have had no access to the internet and

computerized systems, information technology can be a definite life saver.

Enriching the lives of the poor in developing nations can be achieved through the

use of modern day technologies such as medical treatment databases, cell phones

to improve livelihoods, and computers to enable ability the citizens to compete for

online jobs in the global market. Governments can become closer to its people

Page 5: law & IT

through the use of information technology and communications, thereby

increasing efficiency and helping to make their lives better

Further, governments in poorer countries can bridge the gap between the global

environment, the government employees, and their citizens. Having access to

information allows these governments to lay foundations for policies and make

commitments to improve conditions. Being able to obtain information from the

outside ultimately aids in the improvement of the plight of their people. 

In conclusion, information technology negatively impacts some governments

while positively impacting others.

Impact on Social Communication

There are a lot of positive things to do with social communication for

example you can communicate with people at the other end of the world there is

no limit to how far you can communicate as long as there is another person who is

able to reply to your email / facebook comments. You can meet a lot more friends

over the social network and can arrange to meet new people. Communicating over

the internet is fast and easy you can send a message to someone in America inside

seconds this is handy if you are communicating with family or even friends who

maybe you have not communicated with for a while for whatever the

circumstances were. Although there is all the above there is a down side to social

communication where you can be in danger you could be talking to someone over

the internet and you could have never met them face to face in your life. When you

send an email to a friend or person from your family you do not get to see what

their reactions or facial expressions to your email. You could get involved in cyber

bullying or you could get bullied over the internet yourself. Also being on the

computer everyday can make you extremely lazy and this can be highly addictive

and in some cases cause obesity.

Page 6: law & IT

Impact on education

The internet is a wonderful thing when it comes to searching for

information people who would like to learn new things can do this via the internet

you don’t need to read paragraphs and paragraphs of information you can just get

the answer you need by a click of a mouse. The internet is very good for looking

up coursework and it gives you helpful tips as well. But the internet can result in

people just breaching copyright laws by copying and pasting everything that they

see this can result in a fail in your coursework also if you have a facebook or

anything and you are on the internet doing coursework you could be distracted by

this and end up sitting on facebook all evening and getting no coursework done.

More information available - This is one great thing about the internet that

you can find all the information in the world on it. This can help you will all your

work etc. You can find out anything what is going on.

Quicker access to information for coursework- The internet is a great place

to research information for the topic that you are doing you can find all sorts of

facts and opinions inside seconds.

Page 7: law & IT

◄Chapter 3►

Cyber Crimes

Internet crime is crime committed on the Internet, using the Internet and by means of the

Internet.

Computer crime is a general term that embraces such crimes as phishing, credit card

frauds, bank robbery, illegal downloading, industrial espionage, child pornography,

kidnapping children via chat rooms, scams, cyberterrorism, creation and/or distribution of

viruses, Spam and so on. All such crimes are computer related and facilitated crimes.

With the evolution of the Internet, along came another revolution of crime where the

perpetrators commit acts of crime and wrongdoing on the World Wide Web. Internet

crime takes many faces and is committed in diverse fashions. The number of users and

their diversity in their makeup has exposed the Internet to everyone. Some criminals in

the Internet have grown up understanding this superhighway of information, unlike the

older generation of users. This is why Internet crime has now become a growing problem

in the United States. Some crimes committed on the Internet have been exposed to the

world and some remain a mystery up until they are perpetrated against someone or some

company.

The different types of Internet crime vary in their design and how easily they are able to

be committed. Internet crimes can be separated into two different categories. There are

crimes that are only committed while being on the Internet and are created exclusively

because of the World Wide Web. The typical crimes in criminal history are now being

brought to a whole different level of innovation and ingenuity. Such new crimes devoted

to the Internet are email “phishing”, hijacking domain names, virus immistion, and cyber

vandalism. A couple of these crimes are activities that have been exposed and introduced

into the world. People have been trying to solve virus problems by installing virus

protection software and other software that can protect their computers. Other crimes

such as email “phishing” are not as known to the public until an individual receives one

of these fraudulent emails. These emails are cover faced by the illusion that the email is

Page 8: law & IT

from your bank or another bank. When a person reads the email he/she is informed of a

problem with he/she personal account or another individual wants to send the person

some of their money and deposit it directly into their account. The email asks for your

personal account information and when a person gives this information away, they are

financing the work of a criminal.

Cyber Forensics

The simple definition of computer forensics

... is the art and science of applying computer science to aid the legal process. With the

rapid advance in technology it quickly became more than just an art though, and

nowadays you can even get a cyber forensics specialization degree on the subject.

Although plenty of science is attributable to computer forensics, most successful

investigators possess a nose for investigations and a skill for solving puzzles, which is

where the art comes in. - Chris L.T. Brown, Computer Evidence Collection and

Preservation, 2006

Thus, it is more than the technological, systematic inspection of the computer system and

its contents for evidence or supportive evidence of a civil wrong or a criminal act.

Computer forensics requires specialized expertise and tools that goes above and beyond

the normal data collection and preservation techniques available to end-users or system

support personnel. One definition is analogous to "Electronic Evidentiary Recovery,

known also as e-discovery, requires the proper tools and knowledge to meet the Court's

criteria, whereas Computer Forensics is simply the application of computer investigation

and analysis techniques in the interests of determining potential legal evidence."[1]

Another is "a process to answer questions about digital states and events"[2]. This

process often involves the investigation and examination computer system(s), including,

but not limitied to the data acquisition that resides on the media within the computer. The

forensic examiner renders an opinion, based upon the examination of the material that has

been recovered. After rendering an opinion and report, to determine whether they are or

have been used for criminal, civil or unauthorized activities. Mostly, computer forensics

experts investigate data storage devices, these include but are not limited to hard drives,

Page 9: law & IT

portable data devices (USB Drives, External drives, Micro Drives and many more).

Computer forensics experts:

Identify sources of documentary or other digital evidence. 

Preserve the evidence. 

Analyze the evidence. 

Present the findings. 

Computer forensics is done in a fashion that adheres to the standards of evidence that are

admissible in a court of law. Thus, computer forensics must be techno-legal in nature

rather than purely technical or purely legal.

Understand the suspects

It is absolutely vital for the forensics team to have a solid understanding of the level of

sophistication of the suspect(s). If insufficient information is available to form this

opinion, the suspects must be considered to be experts, and should be presumed to have

installed countermeasures against forensic techniques. Because of this, it is critical that

you appear to the equipment to be as indistinguishable as possible from its normal users

until you have shut it down completely, either in a manner which probably prohibits the

machine modifying the drives, or in exactly the same way they would.

If the equipment contains only a small amount of critical data on the hard drive, for

example, software exists to wipe it permanently and quickly if a given action occurs. It is

straightforward to link this to the Microsoft Windows "Shutdown" command, for

example. However, simply "pulling the plug" isn't always a great idea, either--

information stored solely in RAM, or on special peripherals, may be permanently lost.

Losing an encryption key stored solely in Random Access Memory, and possibly

unknown even to the suspects themselves by virtue of having been automatically

generated, may render a great deal of data on the hard drive(s) unusable, or at least

extremely expensive and time-consuming to recover.

Page 10: law & IT

Electronic evidence can be collected from a variety of sources. Within a company’s

network, evidence will be found in any form of technology that can be used to transmit or

store data. Evidence should be collected through three parts of an offender’s network: at

the workstation of the offender, on the server accessed by the offender, and on the

network that connects the two. Investigators can therefore use three different sources to

confirm of the data’s origin.

Like any other piece of evidence used in a case, the information generated as the result of

a computer forensics investigation must follow the standards of admissible evidence.

Special care must be taken when handling a suspect’s files; dangers to the evidence

include viruses, electromagnetic or mechanical damage, and even booby traps. There are

a handful of cardinal rules that are used to ensure that the evidence is not destroyed or

compromised:

Only use tools and methods that have been tested and evaluated to validate their accuracy

and reliability. 

In order to verify that a tool is forensically sound, the tool should be tested in a mock

forensic examination to verify the tools performance. There are government agencies

such as the Defense Cyber Crime Institute that accept requests to test specific digital

forensic tools and methods for governmental agencies, law enforcement organizations, or

vendors of digital forensic products at no cost to the requestor.

Handle the original evidence as little as possible to avoid changing the data. 

Establish and maintain the chain of custody. 

Document everything done. 

Never exceed personal knowledge. 

If such steps are not followed the original data may be changed, ruined or become

tainted, and so any results generated will be challenged and may not hold up in a court of

law. Other things to take into consideration are:

Page 11: law & IT

The time that business operations are inconvenienced. 

How sensitive information which is unintentionally discovered will be handled. 

In any investigation in which the owner of the digital evidence has not given consent to

have his or her media examined – as in most criminal cases – special care must be taken

to ensure that you as the forensic specialist have legal authority to seize, image, and

examine each device. Besides having the case thrown out of court, the examiner may find

him or herself on the wrong end of a hefty civil lawsuit. As a general rule, if you aren't

sure about a specific piece of media, do not examine it. Amateur forensic examiners

should keep this in mind before starting any unauthorized investigation.

Some of the most valuable information obtained in the course of a forensic examination

will come from the computer user themself. In accordance with applicable laws, statutes,

organizational policies, and other applicable regulations, an interview of the computer

user can often yield invaluable information regarding the system configuration,

applications, and most important, software or hardware encryption methodology and keys

utilized with the computer. Forensic analysis can become exponentially easier when

analysts have passphrase(s) utilized by the user open encrypted files or containers used

on the local computer system, or on systems mapped to the local computer through a

local network or the internet.

Secure the machine and the data

Unless completely unavoidable, data should never be analyzed using the same machine it

is collected from. Instead, forensically sound copies of all data storage devices, primarily

hard drives, must be made. Exceptional consideration to this practice are detailed below

regarding live system considerations.

Page 12: law & IT

◄Chapter 4►

How cyber crime works?

Cyber crime has become a profession and the demographic of your typical cyber criminal

is changing rapidly, from bedroom-bound geek to the type of organized gangster more

traditionally associated with drug-trafficking, extortion and money laundering.

It has become possible for people with comparatively low technical skills to steal

thousands of pounds a day without leaving their homes. In fact, to make more money

than can be made selling heroin (and with far less risk), the only time the criminal need

leave his PC is to collect his cash. Sometimes they don't even need to do that.

In all industries, efficient business models depend upon horizontal separation of

production processes, professional services, sales channels etc. (each requiring

specialized skills and resources), as well as a good deal of trade at prices set by the

market forces of supply and demand. Cyber crime is no different: it boasts a buoyant

international market for skills, tools and finished product. It even has its own currency.

The rise of cyber crime is inextricably linked to the ubiquity of credit card transactions

and online bank accounts. Get hold of this financial data and not only can you steal

silently, but also – through a process of virus-driven automation – with ruthlessly

efficient and hypothetically infinite frequency.

The question of how to obtain credit card/bank account data can be answered by a

selection of methods each involving their own relative combinations of risk, expense and

skill.

The most straightforward is to buy the ‘finished product’. In this case we’ll use the

example of an online bank account. The product takes the form of information necessary

to gain authorized control over a bank account with a six-figure balance. The cost to

obtain this information is $400 (cyber criminals always deal in dollars). It seems like a

small figure, but for the work involved and the risk incurred it’s very easy money for the

criminal who can provide it. Also remember that this is an international trade; many

Page 13: law & IT

cyber-criminals of this ilk are from poor countries in Eastern Europe, South America or

South-East Asia.

The probable marketplace for this transaction will be a hidden IRC (Internet Relay Chat)

chatroom. The $400 fee will most likely be exchanged in some form of virtual currency

such as e-gold.

Not all cyber-criminals operate at the coalface, and certainly don’t work exclusively of

one another; different protagonists in the crime community perform a range of important,

specialized functions. These broadly encompass:

Coders – comparative veterans of the hacking community. With a few years' experience

at the art and a list of established contacts, ‘coders’ produce ready-to-use tools (i.e.

Trojans, mailers, custom bots) or services (such as making a binary code undetectable to

AV engines) to the cyber crime labour force – the ‘kids’. Coders can make a few hundred

dollars for every criminal activity they engage in.

Kids – so-called because of their tender age: most are under 18. They buy, trade and

resell the elementary building blocks of effective cyber-scams such as spam lists, php

mailers, proxies, credit card numbers, hacked hosts, scam pages etc. ‘Kids’ will make less

than $100 a month, largely because of the frequency of being ‘ripped off’ by one another.

Drops – the individuals who convert the ‘virtual money’ obtained in cyber crime into real

cash. Usually located in countries with lax e-crime laws (Bolivia, Indonesia and Malaysia

are currently very popular), they represent ‘safe’ addresses for goods purchased with

stolen financial details to be sent, or else ‘safe’ legitimate bank accounts for money to be

transferred into illegally, and paid out of legitimately.

Mobs – professionally operating criminal organizations combining or utilizing all of the

functions covered by the above. Organized crime makes particularly good use of safe

‘drops’, as well as recruiting accomplished ‘coders’ onto their payrolls.

Gaining control of a bank account is increasingly accomplished through phishing. There

are other cyber crime techniques, but space does not allow their full explanation.

Page 14: law & IT

All of the following phishing tools can be acquired very cheaply: a scam letter and scam

page in your chosen language, a fresh spam list, a selection of php mailers to spam-out

100,000 mails for six hours, a hacked website for hosting the scam page for a few days,

and finally a stolen but valid credit card with which to register a domain name. With all

this taken care of, the total costs for sending out 100,000 phishing emails can be as little

as $60. This kind of ‘phishing trip’ will uncover at least 20 bank accounts of varying cash

balances, giving a ‘market value’ of $200 – $2,000 in e-gold if the details were simply

sold to another cybercriminal. The worst-case scenario is a 300% return on the

investment, but it could be ten times that.

Better returns can be accomplished by using ‘drops’ to cash the money. The risks are

high, though: drops may take as much as 50% of the value of the account as commission,

and instances of ‘ripping off’ or ‘grassing up’ to the police are not uncommon. Cautious

phishers often separate themselves from the physical cashing of their spoils via a series of

‘drops’ that do not know one another. However, even taking into account the 50%

commission, and a 50% ‘rip-off’ rate, if we assume a single stolen balance of $10,000 –

$100,000, then the phisher is still looking at a return of between 40 and 400 times the

meagre outlay of his/her phishing trip.

In large operations, offshore accounts are invariably used to accumulate the criminal

spoils. This is more complicated and far more expensive, but ultimately safer.

The alarming efficiency of cybercrime can be illustrated starkly by comparing it to the

illegal narcotics business. One is faster, less detectable, more profitable (generating a

return around 400 times higher than the outlay) and primarily non-violent. The other

takes months or years to set-up or realise an investment, is cracked down upon by all

almost all governments internationally, fraught with expensive overheads, and extremely

dangerous.

Add phishing to the other cyber-criminal activities driven by hacking and virus

technologies – such as carding, adware/spyware planting, online extortion, industrial

spying and mobile phone dialers – and you’ll find a healthy community of cottage

industries and international organizations working together productively and trading for

Page 15: law & IT

impressive profits. Of course these people are threatening businesses and individuals with

devastating loss, financial hardship and troubling uncertainty – and must be stopped.

On top of viruses, worms, bots and Trojan attacks, organizations in particular are

contending with social engineering deception and traffic masquerading as legitimate

applications on the network. In a reactive approach to this onslaught, companies have

been layering their networks with stand alone firewalls, intrusion prevention devices,

anti-virus and anti-spyware solutions in a desperate attempt to plug holes in the armoury.

They're beginning to recognize it's a failed strategy. After all, billions of pounds are being

spent on security technology, and yet security breaches continue to rise.

* In order to fight cyber crime to the fullest, there needs to be a tightening of international

digital legislation and of cross-border law enforcement co-ordination. But there also

needs to be a more creative and inventive response from the organizations under threat.

Piecemeal, reactive security solutions are giving way to strategically deployed multi-

threat security systems. Instead of having to install, manage and maintain disparate

devices, organizations can consolidate their security capabilities into a commonly

managed appliance. These measures combined, in addition to greater user education are

the best safeguard against the deviousness and pure innovation of cyber-criminal

activities.

Page 16: law & IT

◄Chapter 5►

Perspective of Information Technology Act, 2000

Introduction to IT Act

The Parliament of India has passed its first Cyberlaw, the Information

Technology Act, 2000 which provides the legal infrastructure for E-commerce in

India. The said Act has received the assent of the President of India and has

become the law of the land in India.

At this juncture, it is relevant for us to understand what the IT Act,2000

offers and its various perspectives.

Object of IT Act

The object of The Information Technology Act, 2000 as defined therein is as

under :-

"to provide legal recognition for transactions carried out by means of electronic

data interchange and other means of electronic communication, commonly

referred to as "electronic methods of communication and storage of information, to

facilitate electronic filing of documents with the Government agencies and further

to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker's

Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters

connected therewith or incidental thereto."

Towards that end, the said Act thereafter stipulates numerous provisions. The

said Act aims to provide for the legal framework so that legal sanctity is accorded

to all electronic records and other activities carried out by electronic means. The

said Act further states that unless otherwise agreed, an acceptance of contract may

be expressed by electronic means of communication and the same shall have legal

validity and enforceability. The said Act purports to facilitate electronic

Page 17: law & IT

intercourse in trade and commerce, eliminate barriers and obstacles coming in the

way of electronic commerce resulting from the glorious uncertainties relating to

writing and signature requirements over the Internet. The Act also aims to fulfil its

objects of promoting and developing the legal and business infrastructure

necessary to implement electronic commerce.

Brief Introduction to IT Act

Chapter-II of the said Act specifically stipulates that any subscriber may

authenticate an electronic record by affixing his digital signature. It further states

that any person by the use of a public key of the subscriber can verify the

electronic record.

CHAPTER III of the Act details about Electronic Governance and provides

interalia amongst others that where any law provides that information or any other

matter shall be in writing or in the typewritten or printed form, then,

notwithstanding anything contained in such law, such requirement shall be

deemed to have been satisfied if such information or matter is-

a) rendered or made available in an electronic form; and

b) accessible so as to be usable for a subsequent reference.

The said chapter also details about the legal recognition of Digital Signatures.

The various provisions further elaborate on the use of Electronic Records and

Digital Signatures in Government Agencies. The Act further talks of publications

of rules and regulations in the Electronic Gazette.

Chapter IV of the said Act gives a scheme for Regulation of Certifying

Authorities. The Act envisages a Controller of Certifying Authorities who shall

perform the function of exercising supervision over the activities of the Certifying

Authorities as also laying down standards and conditions governing the Certiying

Authorities as also specifying the various forms and content of Digital Signature

Page 18: law & IT

Certificates. The Act recognises the need for recognising foreign Certifying

Authorities and it further details the various provisions for the issue of license to

issue Digital Signature Certificates.

Chapter VII of the Act details about the scheme of things relating to Digital

Signature Certificates. The duties of subscribers are also enshrined in the said Bill.

Chapter IX of the said Act talks about penalties and adjudication for various

offences. The penalties for damage to computer, computer system etc. have been

fixed as damages by way of compensation not exceeding Rs. 100,00,000/- to

affected persons. The Act talks of appointment of any officers not below the rank

of a Director to the Government of India or an equivalent officer of state

government as an Adjudicating Officer who shall adjudicate whether any person

has made a contravention of any of the provisions of the said act or rules framed

thereunder. The said Adjudicating Officer has been given the powers of a Civil

Court.

There is a provision in Chapter X which envisage the Cyber Regulations

Appellate Tribunal shall be an appellate body where appeals against the orders

passed by the Adjudicating Officers shall be preferred. The said Tribunal shall not

be bound by the principles of the Code of Civil Procedure but shall follow the

principles of natural justice and shall have the same powers as those are vested in a

Civil Court. Against an order or decision of the Cyber Appellate Tribunal, an

appeal shall lie to the High Court.

Chapter XI of the said Act talks about various offences and the said offences

shall be investigated only by a Police Officer not below the rank of the Deputy

Superintendent of Police. These offences include tampering with computer source

documents, publishing of information which is obscene in electronic form, breach

of confidentiality and privacy, misrepresentation, publishing Digital Signature

Certificate false in certain particulars and publication for fraudulent purposes.

Page 19: law & IT

Hacking has been properly defined in Section 66 as, "Whoever with the intent

to cause or knowing that he is likely to cause wrongful loss or damage to the

public or any person destroys or deletes or alters any information residing in a

computer resource or diminishes its value or utility or affects it injuriously by any

means, commits hacking." Further for the first time, punishment for hacking as a

cyber crime prescribed in the form of imprisonment upto 3 years or with fine

which may extend to Rs. 2,00,000/- or with both. This is a welcome measure as

hacking has assumed tremendous importance in the present day scenario. On

previous occasions, the web sites of the Government have been hacked into but no

legal provision within the existing legislation could be invoked to cover "hacking"

as a cyber crime. It shall now be possible to try and punish hackers under section

66 of the IT Act,2000.

The said Act also provides for the constitution of the Cyber Regulations

Advisory Committee which shall advice the government as regards any rules or

for any other purpose connected with the said act. The said Act also has four

Schedules which amend the Indian Penal Code, 1860, the Indian Evidence Act,

1872, The Bankers' Books Evidence Act, 1891, The Reserve Bank of India Act,

1934 to make them in tune with the provisions of the IT Act.

The said IT Bill was tabled in Parliament in December, 1999 and was referred

to the Standing Committee on Science and Technology, Environment and Forests

for examination and report. The Standing Committee examined the said IT Bill

1999 and proposed some stringent measures to further strengthen the legal

infrastructure of the IT Bill 1999. The most positive aspect of the said report was

that it recommended the insertion of the definition and punishment for "hacking".

Looking from an overall perspective, the Information Technology Act,2000 is

a laudable effort by the Government to create the necessary legal infrastructure for

promotion and growth of electronic commerce. As on date, the judiciary in India is

Page 20: law & IT

reluctant to accept electronic records and communications as evidence. Even email

has not been defined in the prevailing statutes of India and is not an accepted legal

form of communication as evidence in a court of law as of today. The said IT

Act,2000 indeed is a step forward in that direction also.

Aspects of IT Act

From the perspective of the corporate sector, the IT Act 2000 and its provisions

contain the following positive aspects:-

A. The implications of these provisions for the corporate sector would be that

email will now be a valid and legal form of communication in our country,

which can be duly produced and approved in a court of law. The corporates

today thrive on email, not only as the form of communication with entities

outsides the company but also email is used as an indispensable tools for

intra company communication. Till now it has been seen that the corporates

in their intra company communications on email have not been very careful

in using the language in such emails. Corporates will have to understand

that they shall need to be more careful while writing emails, whether

outside the company or within as the same with whatever language could

be proved in the court of law, sometimes much to the detriment of the

company. Even intra company notes and memos, till now used only for

official purposes, shall also be coming within the ambit of the IT Act and

will be admissible as evidence in a court of law. A possible consequence of

the same for a typical wired company would be that any employee,

unhappy with a particular email communication, whether in personal or

received in a official or personal capacity, may make the said email as the

foundation for launching a litigation in a court of law. Further, when a

company executive sends an email to another executive in the company

with some defamatory or other related material and copies the same to

Page 21: law & IT

others, there are possibilities that he may land in a litigation in a court of

law.

B. Companies shall now be able to carry out electronic commerce using the

legal infrastructure provided by the Act. Till now, the growth of Electronic

commerce was impeded in our country basically because there was no legal

infrastructure to regulate commercial transactions online.

C. Corporates will now be able to use digital signatures to carry out their

transactions online. These digital signatures have been given legal validity

and sanction in the Act.

D. The Act also throws open the doors for the entry of corporates in the

business of being of being Certifying Authorities for issuing Digital

Signatures Certificates. The Act does not make any distinction between any

legal entity for being appointed as a Certifying Authority so long as the

norms stipulated by the government have been followed.

E. The Act also enables the companies to file any form, application or any

other document with any office, authority, body or agency owned or

controlled by the appropriate Government in the electronic form by means

of such electronic form as may be prescribed by the appropriate

Government. India is rapidly moving ahead in the field of electronic

governance and it will not be long before governments start taking

applications or issuing licence, permit, sanction or approvals ,by whatever

name called, online . This provision shall be a great leveler as this will

enable all kinds of companies to do a lot of their interaction with different

government departments online, thereby saving costs, time and wastage of

precious manpower.

Page 22: law & IT

F. Corporates are mandated by different laws of the country to keep and retain

valuable and corporate information. The IT Act enables companies legally

to retain the said information in the electronic form, if-

a. the information contained therein remains accessible so as to be

usable for a subsequent reference;

b. the electronic record is retained in the format in which it was

originally generated, sent or received or in a format which can be

demonstrated to represent accurately the information originally

generated, sent or received;

c. the details which will facilitate the identification of the origin,

destination, date and time of dispatch or receipt of such electronic

record are available in the electronic record:

G. The It Act also addresses the important issues of Security which are so

critical to the success of electronic transactions. The Act has also given a

legal definition to the concept of secure digital signatures which would be

required to have been passed through a system of a security procedure, as

stipulated by the government at a later date. In the times to come, secure

digital signatures shall play a big role in the New Economy particularly

from the perspective of the corporate sector as it will enable a more secure

transaction online.

In today's scenario, information is supreme. Information is stored on their

respective computer systems by the companies apart from maintaining a back up.

Under the IT Act,2000, it shall now be possible for corporates to have a statutory

remedy in case if anyone breaks into their computer systems or network and

causes damages or copies data. The remedy provided by the Act is in the form of

monetary damages not exceeding Rs.100,00,000. This penalty of damages apply to

Page 23: law & IT

any person who, without permission of the owner or any other person who is in

charge of a computer, computer system or computer network,-

(a) Accesses or secures access to such computer, computer

system or computer network.

(b) downloads, copies or extracts any data, computer data base

or information from such computer, computer system or

computer network including information or data held or

stored in any removable storage medium;

(c) Introduces or causes to be introduced any computer

contaminant or computer virus into any computer, computer

system or computer network;

(d) damages or causes to be damaged any computer, computer

system or computer network, data, computer data base or

any other programmes residing in such computer, computer

system or computer network;

(e) Disrupts or causes disruption of any computer, computer

system or computer network;

(f) Denies or causes the denial of access to any person

authorised to access any computer, computer system or

computer network by any means;

(g) provides any assistance to any person to facilitate access to

a computer, computer system or computer network in

contravention of the provisions of this Act, rules or

regulations made thereunder,

Page 24: law & IT

(h) Charges the services availed of by a person to the account

of another person by tampering with or manipulating any

computer, computer system, or computer network.

H. Corporates in India can now take a sigh of relief as the IT Act has defined

various cyber crimes and has declared them penal offences punishable with

imprisonment and fine. These include hacking and damage to computer

source code. Often corporates face hacking into their systems and

information. Till date, the corporates were in a helpless condition as there

was no legal redress to such issues.But the IT Act changes the scene

altogether.

Drawbacks of IT Act

However, despite the overwhelming positive features of the IT Act,2000 for the

corporate sector, there are a couple of issues that concern the corporates in the said

Act:-

1. The said step has come a bit late. With the phenomenon growth of Internet

which doubles approximately every 100 days, the said Act should have

been passed long time back.

2. It may be pertinent to mention that the said Act purports to be applicable to

not only the whole of India but also to any offence or contravention there

under committed outside of India by any person. This provisions in section

1(2) is not clearly and happily drafted. It is not clear as to how and in what

particular manner, the said Act shall apply to any offence or contravention

there under committed outside of India by any person. The enforcement

aspect of the IT Act is an area of grave concern. Numerous difficulties are

likely to arise in the enforcement of the said Act as the medium of Internet

has shrunk the size of the world and slowly, national boundaries shall cease

to have much meaning in Cyberspace.

Page 25: law & IT

3. It is also strange that section 1(4) of the said Act excludes numerous things

from the applicability of the IT Act. The Act does not apply to (a) a

negotiable instrument as defined in section 13 of the Negotiable

Instruments Act, 1881; (b) a power of attorney as defined in section 1 A of

the Powers-of-Attorney Act, 1882; (c) a trust as defined in section 3 of the

Indian Trusts Act, 1882; (d) a will as defined in clause (h) of section 2 of

the Indian Succession Act, 1925 including any other testamentary

disposition by whatever name called; (e) any contract for the sale or

conveyance of immovable property or any interest in such property. The

said IT Act already excludes numerous important things. The Act talks

about promoting electronic commerce and it begins by excluding

immovable property from the ambit of electronic commerce- a reasoning

which defies logic!

4. The IT Act, 2000 does not touch at all the issues relating to Domain Names.

Even Domain Names have not been defined and the rights and liabilities of

Domain Name owners do not find any mention in the said law. It may be

submitted that Electronic Commerce is based on the system of Domain

Names and excluding such important issues from the ambit of India's First

Cyberlaw does not appeal to logic.

5. The IT Act, 2000 does not also deal at all with the Intellectual Property

Rights of Domain Name owners. Contentious yet very important issues

concerning Copyright, Trademark and Patent have been left untouched in

the said law thereby leaving many loopholes in the said law.

6. The IT Act talks about the use of electronic records and digital signatures in

government agencies. Yet, strangely it further says in section 9, that this

does not confer any right upon any person to insist that the document in

questions should be accepted in electronic form. The control of the

Page 26: law & IT

Government is apparent, as the Controller of Certifying Authorities has to

discharge his functions subject to the general control and direction of

Central Government. The Internet and the phenomenon of electronic

commerce require that minimum hurdles and obstacles need to be put in

their way. The Act seeks to bureaucratize the entire process of controlling

electronic commerce. This is likely to result into consequences of delays

and other related problems.

7. As Cyberlaw is growing, so are the new forms and manifestations of cyber

crimes. The offences defines in the IT Act are by no means exhaustive.

However, the drafting of the relevant provisions of the IT Act make it

appear as if the offences detailed in the said IT Act are the only Cyber

offences possible and existing. For example, cyber offences like cybertheft,

cyberstalking, cyber harassment and cyber defamation are not covered

under the Act.

8. The IT Act talks of Adjudicating Officers who shall adjudicate whether any

person has committed a contravention of any provisions of this Act of any

rules, regulations, directions or order made there under. How these

Adjudicating Officers will adjudicate the contravention of the Act has not

been made clear or well defined. Further, it has also not been specified as to

how the said Adjudicating Officers shall determine whether any

contravention of the Act or any offence has been committed by any person

out side India. Further, what authority would these Adjudicating Officers

have viz-a-viz persons out side India who have committed any cyber

offences have not been defined. No definitive procedure for adjudication by

Adjudicating Officers has been exhaustively spelt out by the IT Act.

Further the territorial jurisdiction of the said Adjudicating Officers and also

the Cyber Regulations Appellate Tribunal has not been defined.

Page 27: law & IT

9. Section 55 of the IT Act states that no order of the Central Government

appointing any person as the Presiding Officer of a Cyber Appellate

Tribunal shall be called in question in any manner and no Act or proceeding

before a Cyber Appellate Tribunal shall be called in question in any manner

on the ground merely of any defect in the constitution of a Cyber Appellate

Tribunal. The said provisions is violative of the Fundamental Rights of the

citizens as are enshrined in Chapter III of the Constitution of India and the

said provision is not expedient and is likely to be struck down by the courts.

The Central Government cannot claim immunity in appointments to Cyber

Appellate Tribunal, as the same is contrary to the spirit of the Constitution

of India. Further, it may be submitted that if there is a defect in the

constitution of a Cyber Appellate Tribunal, that goes to the root of the

matter and renders all proceedings and acts of the said Cyber Appellate

Tribunal null & void abinitio.

10. Further the said IT Act talks of any agency of the government intercepting

any information transmitted through any computer resource if the same is

necessary in the interest of the sovereignty or integrity of India, the security

of the State, friendly relations with foreign States or public order or for

preventing incitement to the commission of any cognizable offence. This is

one provision which is likely to be misused by future governments to suit

their political motives as also for the purpose of victimization. No standards

or provisions have been laid down by the IT Act, which define any

conditions detailed above. The supporters of the cause of individual privacy

and freedom see this provisions as a gross violation of individual freedom

and that aforesaid conditions are unreasonable restrictions, which are not

permissible in the context of the rapid growth of Internet.

11. Further, the said IT Act is likely to cause a conflict of jurisdiction.

Page 28: law & IT

12. Another major gray area is that the draconian powers given to a police

officer not below rank of the Deputy Superintendent of Police under

Section 80 of the Act have been left untouched. Nowhere in the world do be

find a parallel such a wide an unrestricted power to given to any officer for

the purpose of investigating and preventing the commission of a cyber

crime. After all, the power given by the IT Act to the said DSP includes the

power to " enter any public place and search and arrest without warrant any

person found therein who is reasonably suspected or having committed or

of committing or of being about to commit any offence under this Act." The

said power has been given without any restrictions of any kind whatsoever.

It is very much possible that the same is likely to be misused and abused in

the context of Corporate India as companies have public offices which

would come within the ambit of "public place" under Section 80 and

companies will not be able to escape potential harassment from the hands

of the DSP . This area of the IT Act can be one of the greatest concerns for

the government, the industry and the people at large.

13. The biggest concern about the new Indian Cyberlaw relates to its

implementation. The said Act does not lay down parameters for its

implementation. Also when Internet penetration in India is extremely low

and government and police officials, in general are not at all, computer

savvy, the new Indian Cyberlaw raises more questions than it answers

them. It seems that the Parliament would be required to amend the IT Act,

2000 to remove the gray areas mentioned above.

All said and done, The Information Technology Act,2000 is a great achievement

and a remarkable step ahead in the right direction. The IT Act is a first step taken

by the Government of India towards promoting the growth of electronic commerce

so that Electronic Commerce in India can leap frog to success. Despite all its

failings, it is a first historical step. The other steps have to follow.

Page 29: law & IT

◄Chapter 6►

Impact of IT in Indian Legal System

Ever since NIC took up computerization in Supreme Court in 1990, many

applications have been computerized which have impact on masses i.e. litigants.

Following are some of the applications which have been successfully implemented

at Supreme Court and 18 High Courts and these applications have either direct or

indirect impact on the masses.

Supreme Court of India

List of Business Information System (LOBIS) : 

It is about scheduling of cases to be heard by the courts on the following day. It

enabled the Registries of Supreme Court and High Courts in eliminating manual

process of Cause List generation thus any manipulation by vested interests. These

databases contain details of fresh cases, disposed and pending cases. It is the

backbone application of every Court.

Impact:

i. As Cause Lists are generated automatically by the computer manual

intervention has been eliminated resulting in generation of Cause List in

time without any hassle

ii. Cases are listed strictly in chronological order of date of filing; eliminated

irregularities

iii. All cases having the same law point(s) to be decided by the courts are

bunched/grouped and posted before one bench. This has helped the courts

in faster disposal of cases.

Page 30: law & IT

iv. It has become simpler to recall dismissed cases when review petitions are

filed.

v. On the spot reliable and instantaneous statistical reports are generated

vi. It has helped Registry of Supreme Court in streamlining its day to day

activities to achieve one of the main objectives of COURTIS Project

Filing Counter Computerization

In the Supreme Court of India and all High Courts fresh cases are filed only before

the computerized Filing Counters. As the advocates stand in queue for Filing cases

before the counters, the data entry Operator enters preliminary details required for

Registration such as Party names, advocate details, etc. The computer terminal at

the query counter is used to attend to the quarries of the litigants on the spot. The

defects, if any, are listed out and handed over to the litigants/advocates for

rectification. Time limitation is also checked by the system automatically. 

Impact

The filing process is made easy

The advocates/litigants need not wait for a long time in the queue

The amount collected towards Court fee in a day is automatically calculated

thus saving the time of court official’s time

Query counter avoids the litigants go around the sections to find out the Filing

status

Filing process is orderly

Saves time and efforts of advocates and court officials

Page 31: law & IT

COURTNIC

This is about providing Supreme Courts' pending case status information to

litigants/advocates on any node of NICNET. COURTNIC answers about two

hundred queries of litigants/advocates per day all over the country on the status of

their pending cases. It is available on nominal charges. Primarily COURTNIC

information is available in all NIC-High Court Computer Cells and in some

District Court. It has been in use since 1993.

Impact

The response to the COURTNIC from the public is over-whelming, as pending

cases information is available at his/her District headquarters. It avoids the

litigants to come all over to Delhi from their place. The litigants need not find the

status of their pending cases on phone as is the usual practice. Probably this

facility is first of its kind in the world.

JUDIS

NIC has brought out Judgement Information System (JUDIS) consisting of

complete text of all reported judgement of Supreme Court of India from 1950 to

till Date. (http://judis.nic.in)

Supreme Court's pending Cases on IVR

Interested litigants and advocates can find out the status of their cases pending in

Supreme Court on telephone by making use of Interactive Voice Response System

(IVR) free of charge. For accessing this, the phone nos. are: 011-4362062,

4360112.

Cause Lists on Internet (http://causelists.nic.in)

Causelists are scheduling of cases to be heard by the courts on the following day.

The Causelists of Supreme Court and many other High Courts are available on

Page 32: law & IT

NIC Web Servers. As the Supreme Court of India and all the 18 High Courts and

their 10 Benches are fully computerised, all these courts generate Daily and

Weekly Causelists from the computer servers installed by NIC. The Causelist

application is the backbone application of all courts as no court can function

without that day’s Causelist. Hence this has become near time critical application

in all the Courts.

Immediately after generation of the Causelist most of the courts cyclostyle the

stencils cut from the printers attached to the servers for generating thousands of

copies running into a few lakhs of pages every day. Due to this reason the courts

take a lot of time for generation and supply of the Causelists to the advocates at

their offices or residences. Usually the advocates receive the cyclostyled copies of

a day’s Cause List not before 8 PM. Some High Courts send the Causelists data on

floppy to the Printers for printing thousands of copies. This process costs each

High Courts lakhs of Rupees every year. By making the Causelists available on

Internet, no High Court is incurring any expenditure as they are using the already

available infrastructure and the Software of NIC.

Features

It is available on Internet

Causelists of all High Courts can be accessed at URL i.e.

(http://causelists.nic.in)

Advocates can generate their own Causelist consisting of his/her own cases

Retrieval through the name of either petitioner or respondent

Court wise list can be generated

Judge wise list can be prepared

Entire Causelist can be printed, if required

Page 33: law & IT

Case no. wise access is possible

Impact

Advocates are able to receive the Cause lists almost immediately after courts

hours

Advocate can generate their own casuists which will contain only their cases,

thus avoiding them to go through hundreds of pages to locate their cases

As the application is available on Internet, the litigant public can easily find out

whether their cases are coming for hearing or not, without bothering the

advocates

Some courts are considering to reduce the generation of copies of Causelists, as

most of the advocates are dependent on the Internet version of Causelists, thus

the courts can save good amount money on annual basis

NIC has made the Cause lists of the following High Courts on its Web servers apart from the

Supreme Court of India:

Supreme Court of India

Allahabad

Andhra Pradesh

Bombay

Calcutta

Chattisgarh

Chennai

Delhi

Page 34: law & IT

Gujarat

Guwahati

Himachal Pradesh

Jabalpur

Jammu & Kashmir

Jharkhand

Jodhpur

Karnataka

Kerala

Patna

Punjab & Haryana

Orissa

Uttaranchal

Sikkim

High Court of Calcutta

Ever since NIC has made the Causelists of the Supreme Court of India and High

Courts available on Internet, this application has received huge response from the

advocates and litigant public. To understand the enormous response the

application has received, herewith one week’s Day wise Hit statistics are enclosed.

On an average it is receiving 10,000 hits per day. By any standard, it is a

significant number for one application.

Page 35: law & IT

For the purpose of illustration, some of the screens associated with the application

are also enclosed.

High Courts Computerisation

NIC took up computerisation of all 18 High Courts and 9 Benches on the lines of

Apex Court’s Computerisation. NIC implemented the List of Business Information

(LOBIS) in all High Court Courts. Some of the High Courts’ Cause List are also

available on Internet. Many possible applications in all High Courts have been

computerised. Most of the High Courts have opened query counters along with

Filing Counters for providing pending cases information to the litigants and

advocates.

Facilities provided are:

Causelists are generated automatically

Bunching/Grouping is done

Computer based Filing Counters are opened

Query counters are available

JUDIS & COURTNIC are available

All HCs are connected on NICNET/Internet

Day to day Judgements and Orders are stored on computers

District Courts Computerisation

In 1997, NIC took up the computerisation of all 430 District Courts in the country

on the lines of High Courts Computerisation Project. The basic objectives of the

project are:

to provide transparency of information to the litigants and advocates

Page 36: law & IT

to help the judicial administration in streamlining its activities

to provide judicial and legal databases to the District Judges

NIC provided three level training programs to the District Court officials. The

three levels are:

Computer Awareness Programs for the District Judges. These training

programs were chaired by either the Hon'ble Chief Justice or one of the

Hon'ble Judges of the concerned High Court.

Supervisory level training at NIC State Centres. These supervisory level

officials were identified and sent to NIC State Centres by the District Courts

for training on day to day maintenance of the computers and its peripherals.

In-house hands on training to the District Court officials working on the

computer terminals. The District Informatics Officers of NIC posted at the

District Magistrates' Office imparted this training.

All officials have been trained on 'District Court Information System' (DCIS) SW.

The DCIS Software is a huge general purpose Software package developed for the

computerization of District Courts. This software takes care of all aspects of

District Court needs.

The project is yet to pickup momentum in most of the District Courts for want of

interest from the District Court officials. NIC has proposed to conduct another

round of Training to the users.

Page 37: law & IT

◄Chapter 7►

E-Court Project by E-committee, Supreme Court of India

Introduction

In the era of technology, where speed has become the most essential

requirement/ part of life, manual effort for completion of a task sounds a bit

awkward. Where postage and other modes of communications have been replaced

by mails and messages, imagining life without mobile and internet is like a

nightmare. While being a part of District Administration, it was noticed that a

District Magistrate, the one who is loaded with a number of responsibilities and

tasks, somehow manages to execute on-n-average 15 committee meetings a month

which is an essential part of administration. Due to an over busy and prone to

change schedule, such meetings happens, as well as there schedule changes at a

short notice of time. To intimate all the concerned members of the committee at

such a short notice, sometimes becomes impossible using postage. Even if there is

enough time to intimate all, an intimation/ invitation of meetings is a bundle of at

least 10 pages mentioning the schedule as well as the agenda of the meeting which

is then copied for all the members of the committee and last but not the least, an

overhead of postal charges is also get clubbed in its costing, which again sounds a

tedious process in the era of technology. To speed up the process and to reduce

costing of the same, with the use of the latest technologies, a product has been

developed and is still welcoming new features. The product makes an immense

use of the e-mail and SMS for circulating the information’s and invitations, which

helped in achieving the goal. The product has different levels of Logins matching

the designation and rights of the user e.g. Administrator, Member Secretary and

Member.

Page 38: law & IT

ICT Enablement

Indian Judiciary is in urgent need of re-engineering its processes, optimize the

use of its human resources and bring about change management by harnessing the

potentiality of the available Information and Communication Technology (ICT) to its

fullest extent. The objective of this exercise is to enhance judicial productivity both

qualitatively and quantitatively as also make the justice delivery system affordable,

accessible, cost effective, transparent and accountable. Similar objectives have been

achieved in other parts of the world by use of technology but in India though its

manpower is known for its technology expertise, the ICT benefits could not be fully

explored and utilized in public service sectors like judiciary and other organs of the

State.

In the Indian Judiciary, effort for computerization of some of its processes has

been going on since 1990. Need was felt to make the programme of ICT enablement

of the Indian Judiciary mission-critical. There was an overwhelming realization in the

judicial sector in favour of devising a National Policy and Action Plan with

appropriate spread and phasing to implement ICT in courts across the country and

their web-based interlinking.

Phase I project analysis

During Phase I of the eCourts Project, in a very large number of Court Complexes,

Computer Server Rooms and Judicial Service Centres have been readied. The

District and Taluka Courts as covered in Phase I of these Court Complexes have

already been computerized, with installation of hardware, LAN etc. and Case

Information Software (CIS). Consequently, these Courts are now providing basic

case-related services to litigants and lawyers.

The e-Courts National portal (ecourts.gov.in) was launched by Hon’ble the Chief

Justice of India on 7th August, 2013. This provides cause-list, case status

information in respect of more than 2.5 crore cases (pending and decided) and has

Page 39: law & IT

sometimes reached daily ‘hits’ in excess of 7 lakhs which is growing exponentially

every week. This is a part of the National Judicial Data Grid that has been made

operational and will be improved in a phased manner. The e-Courts National

portal also provides training material for judicial officers and staff, links to District

Court websites and statistical reports that can be used as a judicial management

information system. This portal is expected to play a key role in bringing about

judicial reforms. The e-transactions services of the eCourts portal as per

etaal.gov.in have crossed 2.2 Crore.

A large number of District Courts have launched their websites for the

convenience of litigants and others have been provided with a template for easy

launch of a website. Like all other organs of democracy, Judiciary is also

endeavoring and persevering earnestly to transform itself by implementing tools

and means of Information and Communication Technology (ICT). As a part of

National eGovernance Plan (NeGP), eCourts Project is an Integrated Mission

Mode Project under implementation since 2007 for Indian Judiciary based on the

‘National Policy and Action Plan for Implementation of Information and

Communication Technology in Indian Judiciary’ (NPAPIICT), prepared by the

eCommittee of Supreme Court of India in 2005 and approved by the Chief Justice

of India. The number of daily hits on the e-Courts National portal has reached

more than 10 lac a day as per the National eTransactions Portal www.etaal.gov.in

The total e-transactions so far since the launch of the portal have cross 2.2 Crore.

The following chart shows the exponential growth of the hits on the eCourts

National portal for availing the services:

Page 40: law & IT

Month-wise eTransactions through eCourts National portal

Sr. No. Duration No. of eTransactions

1 07-08-2013 to 31-08-2013 1,05,790

2 01-09-2013 to 30-09-2013 13,42,894

3 01-10-2013 to 31-10-2013 31,09,045

4 01-11-2013 to 30-11-2013 41,33,381

5 01-12-2013 to 30-12-2013 1,34,87,618

As many as 400 District Courts have launched their websites, either of their

own design or developed as per the template provided by the Project. As a part of

the Change Management programme, more than 14,000 Judicial Officers have

been trained in the use of Ubuntu-Linux Operating System (for their laptops). This

has been achieved by training 218 judicial officers from all over the country as

Master Trainers in different locations around the country.

Similarly, more than 4000 Court Staff have been trained in Case

Information Software as System Administrators. This has been achieved through

training 219 Court Staff as CIS Master Trainers (District System Administrators)

at the Maharashtra Judicial Academy and the Chandigarh Judicial Academy. An

exercise has been initiated by requesting every High Court to provide a Unique

Identification Number (UID) to every Judicial Officer. The UID will be prefixed

with two alphabets representing the State, as for example with motor vehicles. The

proposed time-line is 31st December, 2013. This information will be uploaded on

Page 41: law & IT

the e-Courts portal. This will assist the High Courts in maintaining an accurate

record of all judicial officers.

Phase II project

As a natural phenomenon, the journey covered so far with awareness about the

goalposts yet to reach and the miles yet to go has made the stakeholders more

impatient to see the justice delivery system of the country optimally transformed by

way of modernization enabled by information and communication technology,

thereby necessitating an immediate next phase of the e-Courts project which succeeds

the current phase without any gap of time or efforts and also carries forward all

pendencies, arrears and remainder resources of this phase to the next phase.

Thus, an inevitable component, apart from the other components stated hereinafter, of

Phase II of the Project, will be to also serve as a complementary phase to the current

phase by taking care of all the pending objectives and targets of this phase in itself

with regard to the deliverables of Phase I for all the Courts covered and the Courts

covered but not fully accomplished due to time-lags or other operational issues etc.

The budgeting of Phase II of the Project will have to be done accordingly. This roll-

over component will ensure a seamless transition of the Project to the next phase.

Implementation Model

Experience has shown that decentralization of responsibilities is absolutely necessary.

This has also been agreed to by the High Courts. Consequently, at the ground level,

the implementing agency will be the High Court. This will include implementation of

LAN and procurement of hardware, its maintenance and upkeep. The procurement

will be as per the Procurement and Finance Model given in this chapter. Policy inputs

including for developing software (Open Source) will be provided by the e-

Committee; technical and development support for CIS will be provided by NIC.

Page 42: law & IT

Financial disbursement arrangements will be so made which are conducive to

optimum decentralization and also effectively eliminate delays in project

implementation. Project Monitoring Units (PMUs) will be set up at eCommittee and

Department of Justice (DoJ) to assist the e-Committee and the DoJ in day to day

monitoring of the Project. Accurate and complete information regarding the number

and location of courts and number of judicial officers needs to be collected

immediately. The formula for providing computers for the courts and laptops to

judicial officers will be based on A= courts and judicial officers already covered in

phase I; B= courts and judicial officers not covered in phase I due to increase in

numbers or any other reason; C= courts and judicial officers that will come into

existence till 31st March, 2016. Therefore, the total Courts and Judicial Officers to be

covered will be A + B + C. The project period for Phase II will be 3 years with

additional adequate support for sustenance after this period. Warranty period and

obsolescence for computer hardware will be taken as 3 years and 5 years respectively.

All courts and court complexes (old and new) must be identified at earliest. An

exercise is presently underway (as a test), with the assistance of a mobile application

software made available by DeitY on the lines of the application used by Election

Commission of India (used for booth locations and number) to actually locate each

court complex and the exact number of courts available in that complex. This exercise

is proposed to be carried out with the active assistance of the District Judges. The

proposed time-line of completion is 31st March 2016. The result of this exercise will

be made available on the e-Courts portal. An overall formula for ascertaining the

number of Courts to be covered by the Project is recommended as follows:

i. A = Courts already covered under Phase I

ii. B = Courts not covered / left out in Phase I

iii. C = Courts to be created during Phase II of the Project upto a cut-off date.

Page 43: law & IT

iv. The cut-off date referred above will not be earlier than two years of the

duration of the Phase II of 3 years that is if the Phase II is to commence from

1st April, 2014 the Courts that may be created upto 31st March, 2016 will be

the figure at C above. A tentative number as upper limit may be fixed for these

Courts under category C keeping the target as per the judgment of the Hon'ble

Supreme Court to double the judge strength in a period of five years. Taking

the present strength of the Judicial Officers at around 16000, and the target of

doubling the same in five years, 6400 Courts can be expected to be created in

next two years that is the Project duration of the Phase II. Thus, for the figures

under C category of Courts, the target number will be arrived at as 22400

Courts. A provision for adding more Courts than this figure, if created by 31st

March, 2016 will also have to be made in the budget allocation.

v. The remainder of the hardware/LAN for the courts of figure A above will be

calculated by deducting the hardware/LAN provided in Phase I from the

hardware/LAN to be provided in Phase II. If the hardware provided to Courts

(under category A) is five or more years old, the same will be considered

obsolete and full hardware as to be given in Phase II, will be provided to the

Court. The cut-off date for calculating obsolescence of hardware will be the

end of Project duration as referred above.

vi. The inclusion of Courts in dilapidated/rented buildings will be considered with

a yardstick of one year of duration of the Court expected to be there in such

building. Thus the Courts which are expected to be shifted to new/other

building in less than a year, will be considered only after being shifted.

Another pre-requisite for considering Courts in dilapidated/rented buildings

will be that on future shifting of such Courts from those premises, the

expenditure of laying fresh LAN in the destination premises will be borne by

Page 44: law & IT

the High Court / State Government. The Judicial Service cum Central Filing

Centre may have to be arranged in suitable make-shift porta cabin.

Page 45: law & IT

Institutional Structure

The composition of the e-Committee generally remains the same. However, given

the volume of work involved, one more regular member has been added and the

list of invitee members has been made more broad-based. The e-Committee will

be involved in policy planning and providing strategic direction and guidance for

the effective implementation of the Project. In addition to its existing

responsibilities, the DoJ will continue to monitor and assist in the implementation

of the Project and will, additionally, be responsible to convene Empowered

Committee as and when required. The High Courts will be the implementing

agencies for the Project in respect of the areas under its jurisdiction. The High

Courts will have the assistance of the High Court Computer Committee, Central

Project Coordinator, District Court Computer Committees and a nodal officer for

each district.

Infrastructure Model

Emphasis will be on cloud computing and therefore Server Rooms (as at present)

will be replaced by Network Rooms. The specifications of these rooms will be

decided on the basis of the number of courts in the complex. To the extent

possible, the existing Judicial Service Centres will be utilized as Reception and

Inquiry Centres and also as Centralized Filing Centres. Additional hardware will

be required for this purpose. Minimum hardware for a court room, for a court

complex and for a judicial officer is discussed in this Chapter. It is proposed to

provide for newly created courts, newly recruited judicial officers and those courts

and judicial officers not covered in Phase I. Obsolete hardware has also been

provided for. The calculation is based on the formula mentioned in Chapter 2

above. Future requirements based on the Project document have been provided for

to avoid any mid-stream shortfalls. Display monitors outside every Court Room

and in the Bar Rooms as Display Board for litigants and lawyers are also provided

Page 46: law & IT

for. Computerization of the offices of District Legal Services Authority (DLSA)

and Taluka Legal Services Committee (TLSC) has also been provided for in this

Phase of the Project. The emphasis in this Phase will be on cloud computing,

which is more efficient and cost effective. The existing hardware, not necessary

with cloud computing will not be discarded but utilized elsewhere or within the

same court complex. It is proposed that State Data Centres will be used for Private

Court Clouds. Disaster Recovery Centres for these Court Clouds will also be

needed. Connectivity has been a problem in Phase I of the Project. Therefore, all

resources will be utilized for better connectivity, including WAN, SWAN,

NICNET, NKN, NOFN etc. This is important considering that video-conferencing

will have greater emphasis in this Phase. Dependence on power back-up such as

DG sets and UPS will continue. It is, however, also proposed that solar energy

may be utilized in court complexes wherever feasible.

System and Application software for Court Processes

The thrust in Phase II of the Project will be on software applications

(includingmobile phone applications) and will be citizen-centric. The e-Committee

will be the deciding agency for software applications to ensure compatibility and

uniformity. Only Free and Open Source solutions will be implemented. The

existing core-periphery model of Case Information Software will continue, the

core being unified and for ‘national’ use while the periphery being as per the local

requirements of each High Court. NIC Pune will continue to be the centre for

software development for CIS and related applications. Each High Court will have

the responsibility of developing the periphery software and ensuring that it is

compatible with the unified core. Each High Court will need to engage

programmers for the development of the periphery software. However, the Project

will provide programmers to each High Court for three years. Software

Page 47: law & IT

compatibility and interoperability, both horizontal and vertical is absolutely

necessary and all High Courts will need to ensure this. Documentation will be

kept properly so as to ensure that change of personnel does not hamper software

development. All data, including meta data will be unified and standardized in

this phase. In all its activities, the e-Committee will take the assistance of experts

from the Government, including DeitY, CDAC etc.

Scanning, Digitization and Digital Preservation of Case Records

Due to space constraints and large volumes of paper, some High Courts are

looking at digitizing case records. Recently, the Supreme Court has also initiated

this process and assistance is being taken from CDAC for digital preservation

solution. Phase II will provide for scanning/digitization of case records of High

Court and District Courts.Phase II will incorporate the latest technologies in

scanning, digitizing and preserving case records with the assistance of experts

from various Government organizations. Long term digital preservation solutions

in the form of trusted digital repositories will be implemented for the

scanned/digitized records. Use of Open Source technology will be strongly

encouraged in preservation of case records. Eventually, Phase II will move

towards ‘less paper courts’ and finally towards ‘paperless courts’.

Video-conferencing for Courts and Jails

Presently, an exercise is being undertaken to assess the viability of a software

based solution for video-conferencing. If this solution is found viable, it will be

used to connect all district court complexes with all Central Jails and District Jails.

Failing this, leased line connectivity with Studio based VCs will be utilized. In any

event, connectivity issues will need to be addressed and made reliable, stable and

effective in all respects. Video-conferencing in Phase II will go beyond routine

remands and production of under-trial prisoners. It will be used initially for

recording evidence in sensitive cases and gradually extended to cover as many

Page 48: law & IT

types of cases as possible. Video-conferencing in Phase II will be compatible with

recording facility. To effectively assist in recording evidence, a document

visualizer will also be necessary in all district court complexes.

Capacity Building Measures

Capacity building through training judicial officers in the use of computers and

court staff in the Case Information Software has been extremely successful. The

Training of Trainers (ToT) model was adopted. This will continue in Phase II.

Additionally, refresher courses are planned every six months so that judicial

officers and staff do not lose familiarity with computer systems and the various

applications. All State Judicial Academies will be involved in the capacity

building exercise. Each such Academy will be equipped with a computer

laboratory catering to the requirement of about 30 trainees at a time. Requisite

staff will be engaged by the State Judicial Academy out of funds from the Project.

Each State Judicial Academy will be equipped with a video conferencing unit for

distance learning purposes as well as for utilizing webcasting facilities of

important lectures and events, both live and recorded. Learning Management

System has been successfully adopted by the e-Committee to reach out to judicial

officers and court staff. State Judicial Academies will be encouraged to use these

tools. As a part of the Change Management exercise which has been conducted for

judicial officers and court staff, workshops will be held through Project funds to

assist in changing the mindset of the Bar Councils, lawyers, Public Prosecutors

and other stake-holders in the justice delivery system.

Judicial Process Re-engineering

Currently a process re-engineering exercise is being undertaken by every High

Court for a fresh look at processes, procedures and systems. It was expected to be

complete by 31st January, 2014. The exercise will have to be repeated for ironing

Page 49: law & IT

out the creases and also to incorporate technological changes that will be

introduced in Phase II. The exercise may well be more or less continuous.

Automation, e-filing of cases, paperless courts will need radical changes in the

processes and procedures of the courts and also in the mindset of all stake-holders.

The changes required for effectuating the Judicial Process Reengineering will be

implemented in the new version of CIS. Change Management warranted by

Process Reengineering will also be duly taken up.

Judicial Knowledge Management System

The Supreme Court Judges Library has successfully implemented an integrated

free Open Source application called KOHA. This is not only being used as an

integrated library management system but also as a Digital Library. This will be

utilized in the libraries of all High Courts and District Courts across the country.

Judgments delivered by a High Court or the Supreme Court will be made available

through an in-house eJournal containing the judgments and its head notes. A set of

programmers will be required to develop the requisite software and a team of

professional lawyers and academics will be required to prepare the head notes. The

eJournal will be made available to all judicial officers free of charge, resulting in a

huge saving. The National Judicial Data Grid (NJDG) will be strengthened to

mine data of all cases, decided or pending. This will enable policy planners and

policy makers to manage case loads and bring in effective case management

systems. Phase II will be a knowledge intensive phase of the Project involving

intensive software centric activities.

Services Delivery

The web resources will be extensively utilized in Phase II of the Project. Web

portals will be used for e-filing; websites will be used for dissemination of

information to litigants and lawyers. All websites will be made disabled friendly

and to the extent possible, information will also be available in the local language.

Page 50: law & IT

Mobile phone applications, SMS and e-mail will be extensively used for

dissemination of information. Kiosks with basic printing facility will be provided

in every court complex (district and taluka). Certified copies of documents will be

given online with bar coding to avoid tampering. ePayment gateways will be

provided for making deposits, payment of court fees, fine etc. Portfolio managed

cause lists will be made available to facilitate a search of cases. NJDG will be

further improvised to facilitate more qualitative information for Courts,

Government and Public. All functionalities will be interoperable and compatible

with the CIS, both unified core and periphery. A Litigant’s Charter of services has

been prepared and is given below. As the Project progresses and technology

develops, necessary additions will be made.

Lastly I have added Annexure 1-II of the E-committee which briefly discusses the

actions plan in the Three phases of E-Court Projects.1

1 E-Committee, Supreme Court of India “Policy And Action Plan Document Phase Ii Of The Ecourts Project” (as approved on 8th January, 2014)