KMBN201-

Business Environment & Legal Aspects

Unit-V
For- MBA First Year/Second Sem Students of AKTU
By- Atul Raghuvanshi
The Information Technology Act
IT ACT, 2000
• An Act to provide legal recognition for transactions carried
out by means of electronic data interchange and other
means of electronic communication, commonly referred to
as "electronic commerce", which involve the use of
alternatives to paper-based methods of communication and
storage of information, to facilitate electronic filing of
documents with the Government agencies and further to
amend the Indian Penal Code, the Indian Evidence Act, 1872,
the Bankers' Books Evidence Act, 1891 and the Reserve Bank
of India Act, 1934 and for matters connected therewith or
incidental thereto.
Digital Signatures
• A digital signature is defined in Section 2(1)(p) of the Information
Technology Act,2000.
• A digital signature is a mathematical algorithm that is regularly
used to validate the originality and if the message is true and
genuine.
• A digital signature is a computerized fingerprint that is distinct to
a person or independent organization and it is used to protect
the information in the digital message or document.
• In the case of emails, the email itself becomes part of the digital
signature.
• In simple words, a digital signature is a present-day alternative to
the traditional way of signing documents on paper with ink.
Digital Signatures
• A digital signature is a kind of electronic signature that is
used to verify the name of the sender of a message or the
signer of a document. It makes sure that the document or
message is genuine and the documents that are sent are
untouched. Digital signature gives 2 algorithms.
1.Private key or user secret key
2.Verifying signature that includes the user’s public key. The
output of the signature process is called the digital signature.
Digital Signatures
• The verification of electronic records is done by creating a
digital signature that is a mathematical expression of subject
matter in a message.
• Cryptography secures the privacy of data by replacing it with
a changed version that can be redone to reveal the original
data only to someone who has the proper key.
• A key is an arrangement that manages the operation of
cryptographic transformation.
• It involves 2 processes i.e., encryption and decryption.
• Encryption is the process of modifying a plain message into a
cipher text. In decryption, the several of chipper text into the
original message.
Types of Digital Signature Certificate
• There are 3 types of digital signatures based on security level
i.e. class 1, class 2, and class 3 certificate.
• Class 1 certificate: It is not legally recognized. It is based on
confirmation of valid email and not direct verification.
• Class 2 certificate: This is based on the identification of the
person that is required to be verified against a reliable pre-
verified database.
• Class 3 certificate: is a person in the presence of the Registration
Authority proves his identity.
• Lastly, businesses in India are using digital signatures to sign
documents like invoices, reports, contracts, agreements, HR
letters, and other such documents.
Features of Digital Signature
1.AUTHENTICATION
• It means that the digital signature will help the receiver to
recognize who has sent the message or authenticate the
source of the message.
2.INTEGRITY
• It may be so that while sending the message the document
may get altered in this case the receiver will be able to know
the originality of the message.
3.NON – REPUDIATION
• The sender cannot refuse that he did not send any message.
Advantages of Digital Signature
1.DIGITAL SIGNATURE ARE SECURE
• Digital signatures using cryptographic algorithms cannot be copied, unlike
handwritten signatures which can be forged and copied. Slightest, change
to a digitally signed document makes the signature invalid.
2.DIGITAL SIGNATURE ENSURES AUTHENTICATION
• It means that an electronic document signed will be legally valid, which
stands in court just like any other paper document.
3.DIGITAL SIGNATURE ENSURES NON-REPUDIATION
• The digital signature is created using a distinctive set of algorithms within a
digital certificate issued to the signer after doing analysis by Certifying
Authority. The signer is the true authorizer of his authentication
(signature).
Advantages of Digital Signature
4.LEGALLY VALID IN MOST COUNTRIES
• A digital signature is legally valid in most of the countries that have
laws on e-signature. Though it recognizes electronic signature the
need to have a highly secure digital signature for signing an electronic
document
5.COST EFFECTIVE AND EFFICIENT
• New businesses and governments are welcoming the concept of
digitally signing the document to make or have paperless
transactions, with the implementation of e-signature, the entire
process has become convenient, effective, has reduced the cost, and
documents are secured.
Documents on Which Digital Signature is Valid
• Certain documents need a notarial process or the documents
are required to be a physical signature. Some documents are
also required to be registered by the Registrar or sub-
registrar to be legally enforceable.
• Negotiable instrument such as promissory note or bill of
exchange other than cheque.
• Trust deeds
• Power of attorney
• A Will and testamentary deposition
• Real estate contract (lease/ sales agreement)
Attribution, Acknowledgment and Dispatch of
Electronic Records
• In the IT Act, 2000, there are special provisions under
Chapter III to grant legal recognition to electronic
records, signature, and also encourage
the government and its agencies to use them.
Attribution of electronic records
• An electronic record shall be attributed to the
originator-
• if it was sent by the originator himself.
• by a person who had the authority to act on behalf of
the originator in respect of that electronic record, or
• by an information system programmed by or on
behalf of the originator to operate automatically.
Acknowledgment of receipt
• Where the originator has not agreed with the
addressee that the acknowledgment of receipt of
electronic record be given in a particular form or by a
particular method, an acknowledgment may be given
by -
• any communication by the addressee, automated
or otherwise, or
• any conduct of the addressee, sufficient to indicate
to the originator that the electronic record has
been received.
Acknowledgment of receipt
• Where the originator has stipulated that the
electronic record shall be binding only on receipt
of an acknowledgment of such electronic record
by him, then unless acknowledgment has been
so received, the electronic record shall be
deemed to have been never sent by the
originator.
Acknowledgment of receipt
• Where the originator has not stipulated that the electronic
record shall be binding only on receipt of such
acknowledgment, and the acknowledgment has not been
received by the originator within the time specified or
agreed or, if no time has been specified or agreed to within a
reasonable time, then the originator may give notice to the
addressee stating that no acknowledgment has been
received by him and specifying a reasonable time by which
the acknowledgment must be received by him and if no
acknowledgment is received within the aforesaid time limit
he may after giving notice to the addressee, treat the
electronic record as though it has never been sent.
Time and place of dispatch and receipt of
electronic record
• Save as otherwise agreed to between the originator and the
addressee, the dispatch of an electronic record occurs when it
enters a computer resource outside the control of the originator.
• Save as otherwise agreed between the originator and the
addressee, the time of receipt of an electronic record shall be
determined as follows, namely :-
• if the addressee has designated a computer resource for the purpose of
receiving electronic records -
• receipt occurs at the time when the electronic, record enters the designated
computer resource, or
• if the electronic record is sent to a computer resource of the addressee that is
not the designated computer resource, receipt occurs at the time when the
electronic record is retrieved by the addressee.
Time and place of dispatch and receipt of
electronic record
• If the addressee has not designated a computer resource along
with specified timings, if any, receipt occurs when the electronic
record enters the computer resource of the addressee.
• Save as otherwise agreed to between the originator and the
addressee, an electronic record is deemed to be dispatched at
the place where the originator has his place of business, and is
deemed to be received at the place where the addressee has his
place of business.
• The provisions of sub-section (2) shall apply notwithstanding that
the place where the computer resource is located may be
different from the place where the electronic record is deemed
to have been received under sub-section (3).
Secure Electronic Records and Secure Digital
Signatures
• Secure electronic record.
• Where any security procedure has been applied to an electronic
record at a specific point of time. then such record shall be
deemed to be a secure electronic record from such point of time
to the time of verification.
• Secure digital signature.
• If, by application of a security procedure agreed to by the parties
concerned, it can be verified that a digital signature, at the time
it was affixed, was-
• unique to the subscriber affixing it.
• capable of identifying such subscriber.
Secure Electronic Records and Secure Digital
Signatures
• created in a manner or using a means under the exclusive
control of the subscriber and is linked to the electronic
record to which it relates in such a manner that if the
electronic record was altered the digital signature would be
invalidated.
• then such digital signature shall be deemed to be a secure
digital signature.
Secure Electronic Records and Secure Digital
Signatures
• Security procedure.
• The Central Government shall for the purposes of this Act
prescribe the security procedure having regard to commercial
circumstances prevailing at the time when the procedure was
used, including-
• the nature of the transaction.
• the level of sophistication of the parties with reference to their
technological capacity.
• the volume of similar transactions engaged in by other parties.
• the availability of alternatives offered to but rejected by any
party.
Regulation of Certifying Authority under Information
Technology Act, 2000
• Structure of function of certifying authority
• It consist of various components for the proper working of
the certified authority, the component and their functions
are given below:-
1.Controller of Certifying authority (CCA):- These are those
officers which issue license to the certifying authority to do
that particular work.
2.Certifying Authorities (CAs):- These are those authorities
which issues Digital Signature Certificate to the users.
3.Subscriber: – These are the users of digital signature
certificate.
Regulation of Certifying Authority under Information
Technology Act, 2000
• The regulations of certifying authorities are mentioned
in chapter 6 of Information Technology Act 2000 from the
section 17 to section 34.
• These regulations tells about the various authority are
required for various purpose and they have to work
according to their post and by various ways that are
mentioned in regulations for their proper and smooth
working on the digital platform.
Appointment of controller and other officers
• The central government appoint controller of certifying authority,
Deputy controller, assistant controllers, other officers and various
employees that are deems to be fit by notification or subsequent
notification in the official gazette as per mentioned in sec 17 of
Information Technology Act 2000.
1.The controller discharges his duty under Information Act to
control and give directions to the central government that what
to do and how to do.
2. The Deputy controller and assistant controllers perform their
duty that is given by Controller under the control and
superintendence of him.
3.The central government provides various terms and conditions
for qualification, experience and service to the controller, deputy
controller and other assistant controllers and employees.
Appointment of controller and other officers
4. The office of head and branch office of the controller shall
be at that place where the central government wants to
establish so that it may fit for them.
5. There shall be a seal of offices of the various appointed
authority by central government.
The controller may perform all or any functions from these
which are mentioned below
• The function of controller is mentioned in section 18 of IT act.
1.He can keep eyes on the activity of certifying authority and can also
certifying the keys of this authority.
2.He can specify the conditions for qualification and experience of certifying
authority and can also laid down various standard that are mentioned by
the certifying authority.
3.He can specify various subjects in which this authority can conduct their
business as they want to do.
4.He can specify the forms and content and the standard for electronic
signature and the key provision for the dealing with subscriber.
5.He has power to resolve the issues between the various employees and
other officers and also lay downs the duties that are performed by various
officers and employees.
Recognition of Foreign Certifying Authority (Section
19)
• A Controller has the right to recognize any foreign
certifying authority as a certifying authority for the
purpose of the IT Act, 2000.
• While this is subject to the conditions and restrictions
which the regulations specify, the Controller can
recognize it with the previous approval of the Central
Government and notify in the Official Gazette.
• If a controller recognizes a Certifying Authority under
sub-section (i), then its digital signature certificate is also
valid for the purpose of the Act.
Recognition of Foreign Certifying Authority (Section
19)
• If the controller feels that any certifying authority has
contravened any conditions or restrictions of recognition
under sub-section (i), then he can revoke the recognition.
However, he needs to record the reason in writing and
notify in the Official Gazette.
Controller to act as a repository (Section 20)
• The Controller will act as a repository of all digital signature
certificates under this Act.
• The Controller will –
• Make use of secure hardware, software, and also
procedures.
• Observe the standards that the Central Government
prescribes to ensure the secrecy and also the security of
the digital signatures.
• The Controller will maintain a computerized database of all
public keys. Further, he must ensure that the public keys and
the database are available to any member of the public.
License to issue Digital Signature Certificates (Section 21)

• (1) Subject to the provisions of sub-section (2), any

person can apply to the Controller for a license to issue
digital signature certificates.
• (2) A Controller can issue a license under sub-section (1)
only if the applicant fulfills all the requirements. The
Central Government specifies requirements with respect
to qualification, expertise, manpower, financial resources,
and also infrastructure facilities for the issuance of digital
signature certificates.
License to issue Digital Signature Certificates (Section 21)

• (3) A license granted under this section is –

(a) Valid for the period that the Central Government
specifies
(b) Not transferable or inheritable
(c) Subject to the terms and conditions that the
regulations specify
Power to investigate contraventions (Section 28)

1.The Controller or any other Officer that he authorizes

will investigate any contravention of the provisions, rules
or regulations of the Act.
2.The Controller or any other Officer that he authorizes
will also exercise the powers conferred on Income-tax
authorities under Chapter XIII of the Income Tax Act,
1961. Also, the exercise of powers will be limited
according to the Act.
The Consumer Protection Act, 1986
The Consumer Protection Act, 1986
• It was with the emergence of the laissez-faire economy that
the thought of consumer is king was widely followed and
accepted.
• The twentieth century was marked by the advent of
consumerism where there have been frequent trade wars
and conflicts between markets shareholders with constant
ought to be higher than the rest.
• This resulted in stiff competition with the traders resorting to
unfair trade practices and manipulating the customers and
took advantage of the lack of information of the purchasers.
The Consumer Protection Act, 1986
• The Consumer Protection Act was passed in 1986 and it
came into force on 1st July 1987.
• The main objectives of the act are to provide better and one
spherical protection to customers and effective safeguard
against different types of exploitation like defective
merchandise, deficient services and unfair trade practices.
• It conjointly makes provisions for simple, speedy and cheap
machinery for redressal of consumer's grievances.
The Salient Features of the Act
• It applies to all goods, services and unfair trade practice
unless specifically exempted by the Central Government.
• It covers all sectors- private, public or co-operative.
• It provides for the establishment of consumer protection
councils at the central, state and district levels to promote
and protect the rights of consumers and a three-tier quasi
consumer's grievances and disputes.
• It provides statutory recognition to the six rights of
consumers.
Aims & Objectives of the Act
• Consumer Protection Act 1986, enacted as an outcome of
the widespread consumer protection movement.
• On the foundation of the report of the Secretary-General on
Consumer Protection dated 27th May 1983, the United
Nations Economic and Social Council recommended that the
world governments should build up, reinforce and
implement a coherent consumer protection policy taking
into consideration the guidelines which were set.
Consumer Protection Council
• The Consumer Protection Council is a government
institution that was established in 1972 with the main
objective of protecting consumer rights.
• The council is made up of members from various
government departments, such as the Department of
Industrial Policy and Promotion, the Department of Law and
Justice, and the Department of Consumer Affairs.
• The council’s main focus is to safeguard consumer interests
by monitoring and enforcing consumer protection laws,
facilitating consumer education, and providing consumer
redressal mechanisms.
Consumer Protection Council
• Under Chapter 2 Section 3 of the Consumer Protection Act,
2019 the Central Government shall establish the Central
Consumer Protection Council which is known as the Central
Council. It is an advisory body and the Central Council must
consist of the following members;
1.The Minister-in-charge of the Department of Consumer
Affairs in the Central Government will be appointed as the
chairperson of the council, and
2.Any number of official or non-official members representing
necessary interests under the Act.
Consumer Protection Council
• The Central Council may meet as and when necessary,
however, they must hold at least one meeting every year.
The purpose of the Central Council is to protect and promote
the interests of the consumers under the Act.
State Consumer Protection Council
• Every state government shall establish a State Consumer
Protection Council known as the State Council having
jurisdiction over that particular state. The State Council acts
as an advisory body. The members of the State Council are:
1.The Minister-in-charge of the Consumer Affairs in the State
Government will be appointed as the chairperson of the
council,
2.Any number of official or non-official members representing
necessary interests under the Act, and
3.The Central Government may also appoint not less than ten
members for the purposes of this Act.
District Consumer Protection Council
• Under Section 8 of the Act, the state government shall
establish a District Consumer Protection Council for every
district known as the District Council. The members of the
District Council are:
1.The collector of that district will be appointed as the
Chairperson of the District Council, and
2.Any other members representing necessary interests under
the Act.
Central Consumer Protection Authority
• The Central Government shall establish a Central Consumer
Protection Authority which is known as the Central Authority
under Section 10 of the Consumer Protection Act, 2019, to
regulate matters relating to violation of the rights of
consumers, unfair trade practices and false or misleading
advertisements which are prejudicial to the interests of the
public and consumers and to promote, protect and enforce
the rights of consumers. The Central Government will
appoint the Chief Commissioner and the other
Commissioners of the Central Authority as required under
the Act.
Redressal Agencies or Three-Tier Grievances
Machinery under the Consumer Protection Act
1. District Commission
• A district commission includes a president (who can be a
working or retired judge of the District Court) and two
other members.
• They are appointed by the state government.
• One can file a complaint for goods and services of ₹1
crore or less in this agency. For the complaints filed, if the
district commission feels a requirement, it sends the
goods to the laboratory for testing and gives its decision
based on the laboratory report and facts.
Redressal Agencies or Three-Tier Grievances
Machinery under the Consumer Protection Act
• If the aggrieved party is not happy with the jurisdiction of
the district commission, then they can appeal against the
judgment of this agency in the State Commission within
45 days.
• 2. State Commission
• A state commission includes a president (who must be a
working or retired judge of the High Court) and at least
two other members. They are appointed by the state
government.
Redressal Agencies or Three-Tier Grievances
Machinery under the Consumer Protection Act
• One can file a complaint of goods and services worth less
than ₹10 crores and more than ₹1 crore in this agency.
• After receiving a complaint from the aggrieved party, the
state commission contacts the party against whom the
complaint has been filed.
• Also, for the complaints filed, if the state commission
feels a requirement, it sends the goods to the laboratory
for testing.
Redressal Agencies or Three-Tier Grievances
Machinery under the Consumer Protection Act
• If the aggrieved party is not happy with the jurisdiction of
the state commission, then they can appeal against the
judgment of this agency in the National Commission
within 30 days by depositing 50% of the fine money.
3. National Commission
• A national commission includes a president and four
other members one of whom shall be a woman, and
Central Government appoints them. One can file a
complaint of goods and services worth more than ₹10
crores in this agency.
Redressal Agencies or Three-Tier Grievances
Machinery under the Consumer Protection Act
• After receiving a complaint from the aggrieved party, the
national commission informs the party against whom the
complaint has been filed. Also, for the complaints filed, if
the state commission feels a requirement, it sends the
goods to the laboratory for testing, and then gives
judgement based on the reports.
• If the aggrieved party is not happy with the jurisdiction of
the national commission, then they can appeal against
the judgment of this agency in the Supreme Court within
30 days by depositing 50% of the fine money.
Penalties
Penalties