Information Technology Act 2000

    Objectives

    Carried out by means of electronic data interchange, and other means of electronic communication, commonly referred to as "electronic commerce“

    To facilitate electronic filing of documents with Government agencies and E-Payments

    Digital SIgnature

    The authentication to be affected by use of asymmetric crypto system and hash function

    The private key and the public key are unique to the subscriber and constitute functioning key pair

    Verification of electronic record possible

    Digital  Signature

    Digital signatures created and verified using cryptography

    Public key System based on Asymmetric keys

    An algorithm generates two different and related keys

    Public key

    Private Key

    Private key used to digitally sign.

    Public key used to verify.

    Role of public key

    Allow parties to have free access to the signer’s public key

    This assures that the public key corresponds to the signer’s private key

    Trust between parties as if they know one another

    Parties with no trading partner agreements, operating on open networks, need to have highest level of trust in one another

    Secure digital signature

    If by application of a security procedure agreed to by the parties concerned, it can be verified that a digital signature, at the time it was affixed, was:

    (a)     unique to the subscriber affixing it;

    (b)     capable of identifying such subscriber;

    (c)  created in a manner or using a means under the exclusive control of the subscriber and is linked to the electronic record to which it relates in such a manner that if the electronic record was altered the digital signature would be invalidated, then such digital signature shall be deemed to be a secure digital signature

    Regulation of Certifying Authorities

    The Central Government may appoint a Controller of Certifying Authority who shall exercise supervision over the activities of Certifying Authorities. 

    Certifying Authority means a person who has been granted a licence to issue a Digital Signature Certificate. The Controller of Certifying Authority shall have powers to lay down rules, regulations, duties, responsibilities and functions of the Certifying Authority issuing Digital Signature Certificates. The Certifying Authority empowered to issue a Digital Signature Certificate shall have to procure a license from the Controller of Certifying Authority to issue Digital Signature Certificates. The Controller of Certifying Authority has prescribed detailed rules and regulations in the Act, as to the application for license, suspension of license and procedure for grant or rejection of license. 

    Digital Signature Certificate

    Any person may make an application to the Certifying Authority for issue of Digital Signature Certificate. The Certifying Authority while issuing such certificate shall certify that it has complied with the provisions of the Act. 

    The Certifying Authority has to ensure that the subscriber (i.e., a person in whose name the Digital Signature Certificate is issued) holds the private key corresponding to the public key listed in the Digital Signature Certificate and such public and private keys constitute a functioning key pair. The Certifying Authority has the power to suspend or revoke Digital Signature Certificate. 

    E-Governence

    a) Legal Recognition of electronic record

             If any information is required in printed or written form under any law the Information provided in electronic form, which is accessible so as to be usable for subsequent use, shall be deemed to satisfy the requirement of presenting the document in writing or printed form.

    Use of electronic records & DS (6)

    Filling of any form or application in office controlled by government

    Issue of grant and license or approval 

    Receipt or payment of money in a particular manner

    Publication of rules 

    The rules regulations which are supposed to published in official gazette , such requirement shall be deemed to be satisfied if it is published in electronic gazette.

    Penalties

    For damage to computer, computer system.etc(43)

    For failure to furnish information , return (44)

        fails to furnish any document-  Rs.1,50,000

        not submitting in specific time period-                                      

                                           Rs.5000 per day of delay

    Failure to maintain books or accounts-

                     compensate the victim if any or penalty

                                                                        upto 25000