DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

BACHELOR OF BUSINESS ADMINISTRATION

SEMESTER 3

DBB2101
LEGAL AND REGULATORY
FRAMEWORK

Unit 13 : Information Technology Act, 2000 1

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

Unit 13
Information Technology Act, 2000
Table of Contents

SL Topic Fig No / Table SAQ / Page No

No / Graph Activity
1 Introduction - -
3
1.1 Objectives - -
2 Background - - 4
3 Salient Features - 1 5-6
4 Digital Signature - - 7
5 Electronic Governance - 2 8 - 10
6 Regulation of Certifying Authorities - - 11 - 12
7 Cyber Laws - 3 13
8 Penalties for Offences - 4 14 - 17
9 Summary - -
18
10 Glossary - -
11 Terminal Questions - - 19
12 Answers - - 19 - 20

Unit 13 : Information Technology Act, 2000 2

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

1. INTRODUCTION

In the last unit we learned how Intellectual Property Rights have been undergoing changes
in the past decade. We have discussed widely regarding intellectual property such as Patents
Rights, Copy Rights and Trade Marks for which the government has made certain legislation
under which these are governed. The earlier Act gave the protection to a trade mark only in
relation to goods falling in that class but now it gives protection to similar goods across
classes. Today, foreign trade marks can be assigned and registered with very few restraints
which have led to the further opening up of businesses. In this unit we are going to discuss
how the technological revolution in information technology has been of great help in
carrying out business transactions throughout the globe. It has transformed the information
storage from manual or paper based method to electronic data storage system thereby
making it more authentic and everlasting. Keeping in view the above facts, the Government
of India enacted the Information Technology Act, 2000.

1.1 Objectives:

After studying this unit, you should be able to:

❖ describe the scope of the Information Technology Act

❖ define digital signatures
❖ list the modes of Electronic Governance
❖ list the powers of certifying authorities
❖ enumerate the laws relating to cyber crimes

Unit 13 : Information Technology Act, 2000 3

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

2. BACKGROUND
The Information Technology Act, 2000 applies to any offence or contravention committed
under the Act by any person outside India (except as otherwise provided under the Act). The
Act does not apply to the following:

a) Negotiable instrument as defined in section 13 of the Negotiable Instrument Act, 1881.

b) Power-of-attorney as defined in section 1 A of the Power-of-Attorney Act, 1882.
c) Trust as defined in section 3 of the Indian Trusts Act, 1882.
d) Will as defined in clause and section 2 (h) of the Indian Succession Act, 1925 including
any other testamentary disposition by whatever name called.
e) Contract for the sale or conveyance of immovable property or any interest in such
property.
f) Such class of documents or transactions as may be defined or may be notified by the
Central Government in the Official Gazette.

The Act was framed with the following objectives:

a) To bring uniformity in law applicable for transfer of data through electronic means of
communication by introducing certain acts.
b) To promote efficient delivery of government services by means of reliable electronic
records.

Unit 13 : Information Technology Act, 2000 4

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

3. SALIENT FEATURES
The Act was passed with the view to give a boost to the growth of electronically based
transactions, provide legal recognition for e-commerce and e-transactions, facilitate e-
governance, prevent computer-based crimes and ensure security practices and procedures
in the context of widest possible use of information technology worldwide.

Some of the important definitions mentioned in the Act are as follows:

a) Access, with its grammatical variations and similar expression, means communicating
or instructing with logical, arithmetical or memory function resources of a computer
system or computer network.
b) Addressee means a person who is intended by the originator to receive the electronic
record but does not include any intermediary.
c) Digital signature means authentication of any electronic record by a subscriber by
means of an electronic method or procedure in accordance with the provisions of
section 3;
d) Affixing digital signature means adoption of a methodology or a procedure by a
person in order to fulfill the authentication of an electronic record by means of digital
signature.
e) Communication device refers to cell phones, personal digital assistants or
combination of both or any other device used to communicate, send or transmit any
text video, audio or image.
f) Certifying authority refers to a person who has been granted a license to issue a
Digital Signature Certificate under section 24.
g) Cyber café means any facility, from where the access to the internet is offered by any
person in the ordinary course of business, to the members of the public.
h) Electronic gazette means any official gazette published in electronic form.
i) Private key means the key of a key pair used to create a digital signature.
j) Public key means the key of a key pair used to verify a digital signature and which is
listed in the Digital Signature Certificate.
k) Subscriber means a person in whose name the Digital Signature Certificate is issued.

Unit 13 : Information Technology Act, 2000 5

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

l) Secure system means any computer hardware, software and procedure, which is
reasonably secured from any unauthorised access or misuse, is reliable and follows the
norms according to the procedures as laid down in the Act.

The Act also imposes penalties for certain violations.

Self-Assessment Questions - 1

Fill in the blanks:

1. The IT Act 2000 was enacted in order to provide ___________ in law

applicable for transfer of data through ___________ means.
2. Public key is a term used to a digital signature.
3. State True or False: Addressee does not include a person who is an
intermediary between the originator and receiver of the electronic record.
4. Choose the correct alternative:

Electronic Gazette means

a) Official gazette published in electronic form

b) Data record or data generated or sent in electronic form
c) Data, text message, image or film software notified in the official gazette

Unit 13 : Information Technology Act, 2000 6

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

4. DIGITAL SIGNATURE
According to Section 3 of the Act, the mode of verifying the electronic records is through
digital signature. Certain provisions which should be taken into account for digital signatures
are as follows:

a) Any subscriber can authenticate an electronic record by affixing his digital signature.
b) The authentication of this electronic record shall be affected by the use of asymmetric
crypto system and hash function which envelop and transform the initial electronic
record into another electronic record. In order to explain the above statement we need
to be clear about the terms used above.
c) Hash function is an algorithm mapping or translation of one sequence of bits into
another, generally smaller, set known as ―hash result such that an electronic record
yields the same hash result every time the algorithm is executed with the same
electronic record as its input making it computationally infeasible– (i) to derive or
reconstruct the original electronic record from the hash result produced by the
algorithm; (ii) that two electronic records can produce the same hash result using the
algorithm.
d) The private key and the public key are unique to the subscriber and constitute a
functioning key pair.

Cryptography originates from the Greek word “kryptos” which means secret writing. It is the
science of codification, which converts a normal text into junk characters (known as cipher
text). The process of coding is called encryption and the process of decoding is called
decryption. Encryption and Decryption, are done through Public Key and Private Key. Private
Key refers to the key of a key pair used to create a digital signature and the Public Key refers
to the key of a key pair used to verify a digital signature and is listed in the Digital Signature
Certificate.

In short, it can be summarised that the process of digital signature involves converting
electronic records into secret code first, and then translating the codes into a small number
by applying a formula. Each licensed subscriber uses a unique secret code and formula,
which is known to the subscriber only. This is done through private key. Based on private
key techniques, public key is designed, so as to encode the software.

Unit 13 : Information Technology Act, 2000 7

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

5. ELECTRONIC GOVERNANCE
Governance is the outcome of politics, policies and programs. E-Governance can be defined
as the use of a range of modern information and communication technologies such as the
Internet, Local Area Networks, mobiles etc. by the government to improve effectiveness,
efficiency and service delivery. Governance in IT framework means expansion of Internet
and electronic commerce and redefining of relationships among various stake holders in the
process of governance. It is a new model of governance which is based upon the transactions
in virtual space, digital economy and deals with knowledge-oriented societies. E-Governance
is an emerging trend to re-invent the way the governments functions. It is required in order
to attract greater attention to improve service delivery mechanism, enhance the efficiency
of production and ensure wider access to information.

E-Governance is necessary today, as it can transform citizen service, provide access to

information to empower citizens, enable their participation in governance and enhance their
economic and social opportunities, so that they can lead better lives. The digital platform
enables better interaction between the government and citizens, Government and
Businesses/commerce/e- commerce and between Government agencies (G2G).

Within each of these interaction domains, four kinds of activities take place:

i. Pushing information over the Internet, e.g., regulatory services, general holidays, public
hearing schedules, issue briefs, notifications etc.
ii. Two-way communications between the agency and the citizen, a business or another
government agency. In this model, users can engage in dialogue with agencies and post
problems, comments or requests to the agency.
iii. Conducting transactions, e.g., lodging tax returns, applying for services and grants.
iv. Governance-It enables the transition from passive access to information to active
citizen participation.

Let us now discuss the important provisions enumerated under this Act:

1. Legal recognition of electronic records: Where any law provides that information or
any other matter shall be in writing or in the typewritten or printed form, then, despite
anything contained in such law, such requirement shall be deemed to have been

Unit 13 : Information Technology Act, 2000 8

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

satisfied if such information or matter is– (a) rendered or made available in an

electronic form; and (b) accessible so as to be usable for a subsequent reference.
2. Legal recognition of digital signatures: If the law provides that information or any other
matter is authenticated by affixing the signature or signed or bears the signature of the
person, then such requirement is deemed to be satisfied if the information contained in
the document is authenticated by a digital signature as prescribed by the Central
Government. This is irrespective of any provision contained in the said Act.
3. Use of electronic records and digital signatures in government: Where any law provides
for— (a) the filing of any form, application or any other document with any office,
authority, body or agency owned or controlled by the appropriate Government in a
particular manner; (b) the issue or grant of any licence, permit, sanction or approval by
whatever name called in a particular manner; (c) the receipt or payment of money in a
particular manner; then, notwithstanding anything contained in any other law for the
time being in force, such requirement shall be deemed to have been satisfied if such
filing, issue, grant, receipt or payment, as the case may be, is effected by means of such
electronic form as may be prescribed by the appropriate Government.
4. Retention of electronic records: If any law provides that documents, records or
information be retained for any specific period, then, that requirement shall be deemed
to have been satisfied if they are retained in the electronic form, provided the following
conditions are satisfied:
a. Information contained therein remains accessible so as to be usable for a subsequent
reference.
b. Electronic record is retained in the format in which it was originally generated, sent
or received or in a format which can be demonstrated to represent accurately the
information originally generated, sent or received.
c. Details which will facilitate the identification of the origin, destination, date and time
of dispatch or receipt of such electronic record available in the electronic record.
5. Publication of rule, regulation, etc. in electronic gazette: If any law provides that any
rule, regulation, order, bylaw, notification or any other matter shall be published in the
official gazette, then, such requirement shall be deemed to have been satisfied if such

Unit 13 : Information Technology Act, 2000 9

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

matter is published in the official gazette or electronic gazette. The date of publication
shall be deemed to be the date of the gazette which was first published in any form.
6. Acceptance of electronic documents cannot be insisted: It is to be noted that no
provisions of Section 3 of the Act confers any right upon any person to insist that any
Ministry or Department of Central or State Government or any body or authority under
the law should accept, issue, create, retain and preserve any document in the form of
electronic records or effect any monetary transactions in electronic form.
7. Power to make rules by Central Government in respect of digital signature: The Central
Government has the right to prescribe certain rules with respect to digital signature. It
can be prescribed in the following:
a) Type of digital signature
b) Manner and format in which the digital signature shall be attached
c) Manner or procedure which helps to identify the person attaching the digital
signature
d) Control procedures and processes to guarantee integrity, security and confidentiality
of electronic records or payment
e) Other matters which provide legal validity to digital signatures

Self-Assessment Questions - 2

State True or False:

5. The term ‘Digital signature’ means signatures downloaded from the Internet.
6. The Central Government has no right to prescribe certain rules of digital
signatures

Fill in the blanks:

7. Hash function is an algorithm or a translation of one ___________ bits into another.

8. The science of codification is known as _____________ .
9. The five interactive domains in E-Governance are_____________ .

Unit 13 : Information Technology Act, 2000 10

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

6. REGULATION OF CERTIFYING AUTHORITIES

To enforce the Act, the Central Government appoints various authorities as enumerated
below:

1. Appointment of controller and other officers:

a. The Central Government may by notification in the official gazette appoint controller
as certifying authority and also under the same notification, appoint a deputy
controller and assistant controller as necessary.
b. The controller can discharge duties and functions, subject to the general control and
directions of the Central Government.
c. The deputy controller and the assistant controller should deliver their duty according
to the directions given by the controller under the general superintendence and
control of the controller.
2. Functions of the controller: The Controller is expected to be in command of the duties
and the responsibilities given to him and overlook the functions of the respective
certifying authorities. Some of the most important functions of the controller are given
below:
a. Lay down standards to be maintained by the certifying authorities.
b. Qualifications and experience specified for the post of employees of the certifying
authorities.
c. Norms and regulations of conducting the business.
d. Specifying the contents of written, printed or visual material and advertisement that
may be used for digital signature.
e. Appointment of auditors and their terms and conditions.
f. Manner in which the certifying authorities shall conduct their dealings with the
subscribers.
g. Resolve any conflict which may arise between subscriber and the certifying
authorities.
h. Duties laid down of the certifying authorities.
3. Recognition of foreign certifying authorities: The controller with prior approval of the
Central Government conditions and restrictions can recognize any foreign certifying

Unit 13 : Information Technology Act, 2000 11

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

authority as certifying authority for the purpose of the Act. If the controller finds that
the foreign certifying authority has contravened any of the conditions and restrictions
of the Act, then the controller has the power to revoke such recognition and such
contraventions be recorded in writing as a means of proof for the action taken.
4. Controller as Repository: The word repository means storage. The Controller acts as a
repository of all the digital signatures issued under this Act. The Controller is also
responsible for making use of such hardware, software and procedures that are secure
from intrusion and misuse. The function is also to observe standards as prescribed by
the Central Government from time to time and ensure that security and secrecy of
digital signature is maintained and assured. It is also the responsibility of the controller
to maintain computerised database of all public keys so that it is available to the public.
5. Controller authorises: The controller may in writing authorise deputy controller,
assistant controller or any other officers to exercise any powers of the controller.
6. Power to investigate: The controller or any authorised officer shall have the power to
investigate any matter which is in contravention of this Act.

Unit 13 : Information Technology Act, 2000 12

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

7. CYBER CRIMES AND LAW

Cyber-crimes have grown in recent years due to excessive usage in terms of the Internet, e-
mails, financial transactions and share markets. It involves criminal activities through the
medium of computers that are traditional in nature, such as theft, fraud, forgery, defamation
and mischief; all of which are subject to the Indian Penal Code. If we categorise cyber-crimes
with respect to computers and their peripherals, they can be classified as follows:

1. The computer as a target i.e., using a computer to attack other computers. Some
examples of this are hacking, virus/worm attacks, DOS attacks etc.
2. The computer as a weapon i.e., using a computer to commit real world crimes. Some of
the major examples of this usage are:
a. Cyber terrorism, IPR violations, credit card frauds, EFT frauds, pornography etc.
b. E-mail ‘spoofing’ which refers to e-mail that appears to have originated from one
source when it was actually sent from another source.
c. E-mail ‘spamming’ refers to sending e-mail to thousands and thousands of users,
similar to a chain letter.
d. E-mail ‘bombing’ which is characterised by abusers, repeatedly sending an identical
e-mail message to a particular address.
e. Sending threatening e-mails so as to spread viruses, Trojans etc. through e-mails as
an attachment or by sending a link to a website which downloads malicious code
when clicked upon.

Self-Assessment Questions - 3

Fill in the blanks:

10. A controller is able to discharge his duties and function only to the
_____________control and _______________ of Central Government.
11. ‘E-mail spamming’ means sending e-mails to_______________ of users and sent which
is similar to a_______________ .
State True or False:
12. A certifying authority can recognize any foreign certifying authority with prior

Unit 13 : Information Technology Act, 2000 13

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

8. PENALTIES AND OFFENCES

Sections 43 to 47 provide for the following:

1. Penalty for damage to computers and computer system (Section 43): If any person
without permission of the owner or any other person who is in charge of a computer,
computer system or computer network does any of the following acts, he is liable pay
compensation to the person affected:
a. accesses or secures access to such computer, computer system or computer network
or computer resource;
b. downloads, copies or extracts any data, computer database or information from such
computer, computer system or computer network including information or data held
or stored in any removable storage medium;
c. introduces or causes to be introduced any computer contaminant or computer virus
into any computer, computer system or computer network;
d. damages or causes to be damaged any computer, computer system or computer
network, data, computer database or any other programmes residing in such
computer, computer system or computer network;
e. disrupts or causes disruption of any computer, computer system or computer
network;
f. denies or causes the denial of access to any person authorized to access any computer,
computer system or computer network by any means;
g. provides any assistance to any person to facilitate access to a computer, computer
system or computer network in contravention of the provisions of this Act, rules or
regulations made thereunder;
h. charges the services availed by a person to the account of another person by
tampering with or manipulating any computer, computer system, or computer
network;
i. destroys, deletes or alters any information residing in a computer resource or
diminishes its value or utility or affects it injuriously by any means;

Unit 13 : Information Technology Act, 2000 14

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

j. steal, conceal, destroys or alters or causes any person to steal, conceal, destroy or
alter any computer source code used for a computer resource with an intention to
cause damage;

For the purpose of inquiry and adjudging the compensation, the Central Government shall
appoint any officer not below the rank of director to the Government of India or a State
Government to hold the inquiry or adjudication, as prescribed by the Central Government.
The adjudicating officer appointed shall give reasonable opportunity to the person to be
heard, post which he may impose penalty or award such compensation as he thinks fit in
accordance to the provisions of that act. For an appointment to the post of an adjudicating
officer, a person is required to possess such experience in the field of Information
Technology and also judicial experience as laid down by the Central Government. If there is
more than one adjudicating officer, the Central Government shall specify the matter where
these officers shall be able to exercise their powers and their jurisdiction.

An adjudicating officer, when taking a decision on the quantum of compensation should take
into account the following:

i) The amount of gain of unfair advantage wherever it is quantifiable.

ii) The amount of loss occurred to the person due to default.
iii) Whether the default is of repetitive nature.

Offences

2. Section 65 states that if a person knowingly or intentionally conceals, destroys or alters

or intentionally or knowingly causes another to conceal, destroy, or alter any computer
source code used for a computer, computer programme, computer system or computer
network, when the computer source code is required to be kept or maintained by law
for the time being in force, he shall be punished with imprisonment up to three years,
or with fine which may extend up to two lakh rupees, or with both.
3. Section 66 provides that if any person, dishonestly or fraudulently, does any act
referred to in section 43, he shall be punishable with imprisonment for a term which
may extend to three years or with fine which may extend to five lakh rupees or with
both.

Unit 13 : Information Technology Act, 2000 15

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

4. Pornographic material (Section 67): If any person publishes or transmits in any

electronic form any material which is lascivious or appeals to prurient interest or if its
effect is such as to tend to deprave and corrupt persons who are likely, having regard
to all relevant circumstances, to read, see or hear the matter contained or embodied in
it, he/she is punishable with imprisonment extending up to 5 years and with a fine of
rupees one lakh.
5. Protected System (Section 70): The Government may, by notification in the Official
Gazette, declare any computer resource which directly or indirectly affects the facility
of Critical Information Infrastructure, to be a protected system. Any person who
secures access or attempts to secure access to a protected system in contravention of
the provisions of this section shall be punished with imprisonment of either description
for a term which may extend to ten years and shall also be liable to fine.
6. False representation (Section 71): Whoever makes any misrepresentation to, or
suppresses any material fact from the Controller or the Certifying Authority for
obtaining any licence or electronic signature Certificate, as the case may be, shall be
punished with imprisonment for a term which may extend to two years, or with fine
which may extend to one lakh rupees, or with both.
7. Breach of confidentiality and privacy (Section 72): It is very important to maintain
confidentiality and privacy in respect of the documents, electronic records,
correspondence, register, information and other essential records belonging to
someone by the person entrusted with such responsibility. If the documents or
materials or records are disclosed to any unknown or known recipient without the
owner’s consent, the person entrusted with those records would be punishable with
imprisonment for a term which may extend to two years, or fine which may extend to
one lakh rupees or with both.
8. Publication of digital records (Section 73): No person is allowed to publish any form of
Digital Signature Certificate with the knowledge that:
i) The certifying authority listed in the certificate has not issued it.
ii) The subscriber listed in the certificate has not accepted it.
iii) The certificate has been revoked or suspended.

Unit 13 : Information Technology Act, 2000 16

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

If such publication is done by any person he can be punished with imprisonment for two
years or with fine which may extend up to one lakh or both.

9. Publication for fraudulent purpose (Section 74): Whoever knowingly creates, publishes
or otherwise makes available a electronic signature Certificate for any fraudulent or
unlawful purpose shall be punished with imprisonment for a term which may extend
to two years, or with fine which may extend to one lakh rupees, or with both.

Thus, the Information Technology Act, 2000 is an important enactment which aims at giving
legal recognition to electronic records, ensuring the protection of digital data and prevention
of cybercrimes. It is the first enactment of its kind in India and has heralded the arrival of
modern laws in the Indian legal system. However, the scope of the Act can be further
expanded to include more crimes committed through the Internet and mobile phones, so as
to combat threats of cyber terrorism. This, in turn, will help to combat the threats to national
security. Cyber laws can also be used as early warning systems to address abuses of the
loopholes of the system by terrorists and anti-social elements.

Self-Assessment Questions – 4

Fill in the blanks:

13. A person who does not furnish detail in time is liable to be penalised for an amount
of______________ .
14. An adjudicating officer should possess some experience in the field of
________________ and_____________ .
15. If a person contravenes the confidentiality and privacy of the document he is
punishable up to _________________ and a fine of rupees ___________ or both.

Unit 13 : Information Technology Act, 2000 17

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

9. SUMMARY
Let us review the important concepts that have been discussed in this unit:

• The importance of Information Technology Act, 2000 and its relevance in the global
economy is enormous.
• Terminologies used under the Act.
• The importance and need for Digital Signature.
• Significance of e-governance in Information Technology Act.
• Regulatory powers conferred by Central Government.
• Need for cyber laws and penalties levied against offences which are commonly
practiced.

10. GLOSSARY

Cipher: code, symbol, secret message.

Contravention: breaking, flouting, breach.

Contaminant: pollutant, toxin, impurity, noxious waste.

Governance: power, authority, control, supremacy.

Demonstration: expression, display, show, exhibit.

Gazette: Document containing rules of law declared by the government.

Prurient: A vulgar appeal.

Unit 13 : Information Technology Act, 2000 18

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

11. TERMINAL QUESTIONS

1. What are the objectives for enactment of the Information Technology Act, 2000? What
is its relevance to any organisation?
2. Explain the concept and the importance of Digital Signatures, as per theI.T Act, 2000.
3. E-Governance is used as a tool in modern technology. Discuss the different provisions
laid down under the IT Act, 2000 with respect to e-Governance.
4. Enumerate the procedure for appointment of the controller of certifying authorities.
State his functions and duties in accordance to the Act.
5. What are the different types of cyber crimes which are committed?
6. Discuss the different penalties levied against a person who has contravened the IT Act.

12. ANSWERS
Self-Assessment Questions
1. Uniformity, electronic
2. Verify
3. True
4. A
5. False
6. False
7. Sequence
8. Cryptography
9. G2C, G2B, G2R, G2H, G2G
10. General, directions
11. Thousand, chain letter
12. True
13. Rs. 5000
14. Information technology, judiciary
15. Two years, one lakh

Unit 13 : Information Technology Act, 2000 19

DBB2101: Legal and Regulatory Framework Manipal University Jaipur (MUJ)

Terminal Questions

1. Describe the importance and significance of the Act. For further details, refer to Section
2 and 3.
2. Describe the need for Digital signature and its value in the modern age of information
technology. For further details, refer to Section 4.
3. Different provisions are laid down in order to practice a better e-Governance. For
further details, refer to Section 5.
4. Discuss the power, rights, duties and mode of appointment of the controller and the
other certifying authorities. For further details, refer to Section 6.
5. Discuss the need for cyber laws and the different crimes committed under its
jurisdiction. For further details, refer to Section 7.
6. Discuss the penalties laid down as per the Act for any contraventions. For further
details, refer to Section 8.

Reference:

• Business Laws by Dr. S. N. Maheshwari & S. K. Maheshwari.

Unit 13 : Information Technology Act, 2000 20