“Thanks to the increasing number of cyber crimes that were getting reported
in the media, the Government has finally decided to make changes in its laws”,
told my friend, a very senior IT professional, after the Union Cabinet approved
the introduction of an Amendment Bill to the Information Technology Act, 2000.
Like many in the industry, he has been strongly advocating that the legal system
of India is far behind the technology, and will begin proving to be a deterrent
for Indian users, especially in the business, because their dependence on IT was
going up dramatically.
Enacted in 2000, with the objective of helping e-commerce, e-governance, the
Information Technology Act was supposed to be a legal framework for transactions
to be carried out using IT and Internet technologies of that time. However,
rising number of crimes relating to video voyeurism, identity theft, e-commerce
frauds, frauds on online auction sites, offensive emails, data theft, and
privacy, was putting the laws under increasing pressure, both domestically as
well as in the international media.
On a recent trip to Europe, Prime Minister Manmohan Singh had assured British investors that India will have excellent standards for information protection |
On a recent trip to Europe, Prime Minister Manmohan Singh had assured British
investors that India will have excellent standards for information protection.
This came in the wake of a UK-based channel's allegations about data theft
from Indian call centers.
The penalties are bigger and harsher. Any company found leaking sensitive
information will be liable to pay damages of up to Rs 5 crore to the affected
party, says one amendment, for instance. A person involved in hacking of
computers will be liable for punishment of up to two years or fine of up to Rs 5
lakh or both. Similarly, publication of sexually explicit material through
computers or any other communication instrument will result in imprisonment of
up to five years and a fine of Rs 10 lakh. Repeated violations will result in
imprisonment of up to seven years and a fine of up to Rs 10 lakh.
The good thing is that these amendments are in line with the recommendations
made by United Nations Commission on International Trade Law, said to be a model
law on electronic signature. According to PR Dasmunsi, “An added benefit will
be that frequent legislative changes will not be needed each time a new and
equally effective technology is evolved.” Experts are waiting for more details
before they comment on this aspect.
Clearly, the Act has been amended to give more teeth to the enforcement
agencies. The strength of the Cyber Appellate Tribunal is being increased from
just a single member to three. Now, one needs to watch whether this will lead to
better handling of cyber crime by enforcement authorities, because many industry
members have in the past expressed that whatever laws that are there, are not
getting implemented.
While all amendments to the IT Act, 2000 will be presented in the forthcoming
Winter session of Parliament, its good news for the CIOs who can breathe a
little easy now, and the industry which gets to sell more security and data
storage solutions. And industry associations like Nasscom must now take faster
measures to help educate law enforcement agencies, a job that it has taken upon
itself. This is important not just for better implementation, but also to reduce
misuse of the amended laws.
As the laws are being amended, one hopes that corporates and their CIOs are
more stringent and responsible with their data security issues. Nobody wants a
repeat of the Baazi.com case, where the CEO was behind bars for no fault of his.
The amendments might look to be addressing only the BPO and call center
industry, but actually everybody is likely to benefit from this.
The author is Group Editor of Dataquest. ibrahima@cybermedia.co.in