You are on page 1of 6

How do cyber laws affect the functioning of e-business? Explain IT Act 2000.

THE IMPACT OF IT ACT; 2000. The cyber laws enacted as the IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber crimes. We need such laws so that people can perform purchase transactions over the Net through credit cards without fear of misuse. The Act offers the much-needed legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is in the form of electronic records. In view of the growth in transactions and communications carried out through electronic records, the Act seeks to empower government departments to accept filing, creating and retention of official documents in the digital format. The Act has also proposed a legal framework for the authentication and origin of electronic records / communications through digital signature. * From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain many positive aspects. Firstly, the implications of these provisions for the ebusinesses would be that email would now be a valid and legal form of communication in our country that can be duly produced and approved in a court of law.

* Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act.

* Digital signatures have been given legal validity and sanction in the Act.

* The Act throws open the doors for the entry of corporate companies in the business of being Certifying Authorities for issuing Digital Signatures Certificates.

* The Act now allows Government to issue notification on the web thus heralding egovernance.

* The Act enables the companies to file any form, application or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in electronic form by means of such electronic form as may be prescribed by the appropriate Government.

* The IT Act also addresses the important issues of security, which are so critical to

the success of electronic transactions. The Act has given a legal definition to the concept of secure digital signatures that would be required to have been passed through a system of a security procedure, as stipulated by the Government at a later date. * Under the IT Act, 2000, it shall now be possible for corporates to have a statutory remedy in case if anyone breaks into their computer systems or network and causes damages or copies data. The remedy provided by the Act is in the form of monetary damages, not exceeding Rs. 1 crore. In India, the law enacted to safeguard the information available on the net is known as The Information Technology Act 2000 (ITA-2000)(IT ACT). It is an Act of the Indian Parliament (No 21 of 2000) notified on October 17, 2000. There were major shortcomings in the ITA-2000. The Government of India made major amendments to ITA-2000 in form of the Information Technology Amendment Act, 2008 to overcome the shortcomings. Information technology Act 2000 consisted of 94 sections segregated into 13 chapters. Four schedules formed part of the Act. In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been omitted from the earlier version) and 14 chapters. Schedule I and II have been replaced. Schedules III and IV have been deleted. The Information Technology Amendment Act, 2008 refers to the IT Act 2000 as the ¶principal act·.

What is an EDI? Write a short note on ¶Internet based EDI·.
Electronic Data Interchange (EDI) can be defined as a system which allows document information to be communicated between businesses, government·s structures and other entities. It is a set of standards which creates a cohesive system within which all parties are able to electronically exchange data information within a set of protocols. Electronic data interchange(EDI) is the inter-organisational exchange of business documents in structured, machine processable form .Electronic data Interchange can be used to electronically transmit documents such as purchase orders, invoices, shipping bills, receiving advices and other standard business correspondence between trading partners. EDI can also be used to transmit financial information and payments in electronic form. Payments carried out over EDI are usually referred to as Electronic Funds Transfer (EFT).EDI should not be viewed as simply a way of replacing paper documents and traditional methods of transmission such as mail, phone or in-person delivery with electronic transmission. But it should be seen not as an "end" but as a means to streamline procedures and improving efficiency and productivity.

In EDI, in the place of traditional methods for the transmission of for e.g. a purshase order between a buyer and a seller, data is entered into the buyer's computer system, the same data is electronically sent into the seller's computer without the need for rekeying or reentry. This is normally referred to as application -to-application EDI. When EDI is fully integrated with application programs, not only does data flow electronically between trading partners without the need for rekeying, but data also flows electronically between internal applications of each of the trading partners.

The use of EDI eliminates many of these problems associated with traditional information flow, as listed below. -The delays associated with handling, filing and transportation of paper documents are eliminated. -Since data is keyed in only once the chances of error are reduced. -Time required to re-enter data is saved. -As data is not re-entered at each step in the process, labour costs can be reduced. -Because time delays are reduced, there is more certainty in information flow. The other advantage in the use of EDI is that it generates a functional acknowledgement whenever an EDI message is received and it is electronically transmitted to the sender. This states that the message has been received. Therefore the core concept of EDI is that data is transferred electronically in machine processable form. EDI is often applied in the following situations when there are -A large number of repetitive standard actions -Very tight operating margins -Strong competition requiring significant productivity improvements. -Operational time constraints. It is this kind of computerization which is forcing India as a country to adopt EDI technology for international transactions. In India, National Informatics Centre (NIC) offers EDI services over its satellite based computer communication network called NICNET, with its VSAT reach in every district of the country on the one hand and connectivity to a large number of international networks on the other.

How can cyber crime be detected? How do cyber laws protect information on the net?
There is no cut-and-dried approach to detecting cybercrime. Today, most cybercrimes are detected by chance. However, recent experience has shown some more or less informal methods by which an individual, but especially managers of large computer networks (which are more susceptible to cybercrime), can detect cybercrime. Auditing 1. Audit the system regularly. Be alert to any irregularities in the system. As of now, it is usually the suspicions of employees or managers that lead to the capturing of a perpetrator. Keep in mind that most computer crime does not derive from distant "hackers," but normally comes from employees or people the operator knows. Most computer crime is done by employees working on large network systems in firms and organizations handling a lot of computerized cash. Obviously, banks, large firms, government offices and universities are vulnerable, and, given the size of the organizations, it can take months to detect with any certainty. Mistakes 2. Look for mistakes. Many authorities hold that cybercriminals can get too greedy and begin to get sloppy. Employees who know of this crime often get jittery and turn the perpetrator in. The same has been known to happen with family members of the cybercriminal. The chances of this working are increased if employees know clearly that cybercrime will result in full prosecution. Government 3. Make use of government agencies to help detect cybercrime. It happens often that audits by the IRS or investigations by police turn up the existence of cybercrime that had gone undetected for a long time. Things like inventory shortages and irregularities in the distribution of income within the firm can be signals that crime is being committed over the network. Nevertheless, it is usually hunches that uncover computer crime, when it is detected at all. This is a sobering reality, but the truth as of now. Cyber crime is the latest and perhaps the most specialized and dynamic field in cyber laws. Some of the Cyber Crimes like network Intrusion are difficult to detect and investigate. Even though most of crimes against individual like cyber stalking, cyber defamation, cyber pornography can be detected and investigated through following steps:

After receiving or coming across suspicious matter: (1) Give command to computer to show full header of mail. (2) In full header find out the IP number and time of delivery of number and this IP number always different for every mail. From this IP number we can know the Internet service provider for that system from which the mail had come. (3) To know about Internet Service Provider from IP number, take the service of search engines like nic.com, macffvisualroute. Com, apnic.com, arin.com. (4) After opening the website of any of above mentioned search engine, feed the IP number and after some time name of ISP can be obtained. (5) After getting the name of ISP we can get the information about the sender from the ISP by giving them the IP number, date and time of sender. (6) ISP will provide the address and phone number of the system, which was used to send the mail with bad intention. After Knowing the address and phone number criminal can be apprehended by using conventional police methods In India, the law enacted to safeguard the information available on the net is known as The Information Technology Act 2000 (ITA-2000)(IT ACT). It is an Act of the Indian Parliament (No 21 of 2000) notified on October 17, 2000. There were major shortcomings in the ITA-2000. The Government of India made major amendments to ITA-2000 in form of the Information Technology Amendment Act, 2008 to overcome the shortcomings. Information technology Act 2000 consisted of 94 sections segregated into 13 chapters. Four schedules formed part of the Act. In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been omitted from the earlier version) and 14 chapters. Schedule I and II have been replaced. Schedules III and IV have been deleted. The Information Technology Amendment Act, 2008 refers to the IT Act 2000 as the ¶principal act·.
Essence of the Act

Information Technology Act 2000 addressed the following issues: 1. 2. 3. 4. Legal Recognition of Electronic Documents Legal Recognition of Digital Signatures Offenses and Contraventions Justice Dispensation Systems for Cybercrimes

ITA 2008 as the new version of Information Technology Act 2000 has provided additional focus on Information Security. It has added several new sections on offences including Cyber Terrorism and Data Protection. The heading of Chapter IX was amended and changed from ¶PENALTIES & ADJUDICATION· to PENALTIES, COMPENSATION & ADJUDICATION. The first section under this chapter (sec 43), that previously dealt with only penalty for damage to computer, computer system, etc was amended to include compensation for failure to protect data. Chapter XI of this Act deals with offences/crimes along with certain other provisions scattered in this Acts .The various offences which are provided under this chapter are shown in the following table: Offence Section under IT Act Tampering with Computer source documents Hacking with Computer systems, Data alteration Publishing obscene information Un-authorized access to protected system Breach of Confidentiality and Privacy Publishing false digital signature certificates Sec.65 Sec.66 (amended by ITA 2008) Sec.67 (amended by ITA 2008) Sec.70 (amended by ITA 2008) Sec.72 (amended by ITA 2008) Sec.73

Explain Private Electronic Market
A private electronic market (PEM) uses the Internet to connect a limited number or pre-qualified buyers or sellers in one market. PEMs are a hybrid between perfectly open markets (e.g. exchanges where there is no pre-existing relationship between buyer and seller - similar to eBay) and closed contract negotiations (such as a sealed bid tender, where there is no visibility between competitors and hence no response to competition). The core idea of PEMs is to create competition among buyers/sellers while allowing buyers/sellers to adjust all those aspects of the deal that are typically only dealt with in a negotiation. This creates a problem of "comparing apples and oranges": bids may be quite different in many dimensions and therefore cannot easily be compared. Apart from the dimension of price these could include pre-negotiated discounts (e.g. for loyalty), specific qualities, combinations of goods and services with conditional pricing, freight differentials, contract fulfillment timing, payment terms, or deliberate constraints such as market share limits.