Ques.1.

Analyze the scope of various International Legal Instruments

regulating Cyber world?

Ans.-
European Convention on Cyber Crimes
In 1997, the Council of Europe (CoE), an organization of 47 European
countries,
Appointed a Committee of Experts on Crime in Cyberspace to identify
and define new crimes, jurisdictional rights and criminal liabilities
concerning the Internet. Canada, Japan, South Africa and the U.S. were
also invited to participate in the discussions as observer nations. The goal
was to create a set of standard laws concerning cyber-crimes for the
global community and create a common criminal policy to protect against
cyber-crimes. The country representatives sought to make it easier for
law enforcement to cooperate in collecting evidence in investigating
computer crimes (Furnell, 2002).In 1985 the Council of Europe (CoE)
appointed the Expert Committee to discuss the legal aspects of computer
crimes. Their Recommendation was adopted under the terms of
Article15.b of the Statute of the Council of Europe by recognizing the
new challenges of cyber-crimes and harmonization of law and practice.
The Council of Europe introduced a new convention with 23
signatory state members at first instance.
The resulting Convention on Cyber-crime of the CoE was passed in June
2001 and is currently the only global document on this issue (CoE, 2001).
The document attempts to
Define cyber-crimes and to develop policies to prevent particular crimes
committed with use of the internet. The treaty includes provisions geared
toward fighting terrorism, child sexual exploitation, organized crime,
copyright infringement, hacking, and internet fraud. The Convention also
acts as a framework for international cooperation between countries in
investigating and prosecuting possible cyber-crimes. Other portions of the
treaty include
Descriptions of extradition procedures. If countries agree to the treaty,
they must agree to pass legislation to address particular Computer crimes
(Gold, 2000; Yam, 2001). They also agree to provide international
cooperation to other parties in the fight against computer-related crime by
providing a contact for countries that need immediate help in
investigating a computer crime (Boni, 2001). The treaty gives police
agencies expanded powers to investigate and prosecute computer crimes
when the offense crosses national borders (US Ratifies, 2006). On
November 7, 2002, the Council of Ministers adopted an additional
protocol, separate from the main Cyber-crime Convention, which
addresses racist and xenophobic materials committed through computer
networks (CoE, 2001).
After the CoE finalized the proposed treaty, it was signed by twenty-six
member
States in Budapest, Hungary. The countries who enjoyed observer
status (the U.S., Mexico, Japan, and Canada) had the option to sign it. It
was then sent to countries for ratification (Hancock, 2000). The treaty
came into effect when five states, including at least three CoE member
states, ratified it (Convention on Cyber-crime Update, 2002). The
Convention entered into force on July 1, 2004. To date, the Convention
has been ratified by twenty-four countries; twenty-three of whom have
also signed it but not ratified it (Kirk, 2009a; Kirk, 2009b). The last
country to ratify the treaty was Germany, which did so on March 9, 2009.
The U.S. Senate ratified the treaty on August 3, 2006. Although it
appears to be a significant policy to attack cyber criminals, when
examined closely, it is clear that the treaty has many elements of
symbolism in it. The Treaty is organized into four chapters. Each chapter
includes different sections, which are then broken down into articles.
Each chapter discusses a different aspect of the Treaty, with specifics
given in the articles.
A. Cybercrime Offenses

The Convention requires Parties (i.e., ratifying states) to adopt such
legislative and other measures as may be necessary to establish as
criminal offences under its domestic law, when committed intentionally
i. unauthorised intentional access to a computer system,
ii. Unauthorised intentional interception, made by technical means, of
non-public
Transmissions of computer data to, from or within a computer system,
iii. Intentional damaging, deletion, deterioration, alteration or suppression
of computer data without right.
iv. Intentional and unauthorised serious hindering of the functioning of a
Computer system by inputting, transmitting, damaging, deleting,
deteriorating, altering or suppressing computer data,
v. intentional and unauthorised production, sale, procurement for use,
import, distribution or otherwise making available of a device, including
a computer program, designed or adapted primarily for the purpose of
committing any of the offences mentioned in (i) to (iv) above,
vi. Intentional and unauthorised production, sale, procurement for use,
import, distribution or otherwise making available of a computer
password, access code, or similar data by which the whole or any part of
a computer system is capable of being accessed with intent that it be used
for the purpose of committing any of the offences mentioned in (i) to (iv)
above,
vii. The possession of an item referred to in paragraphs (v) and (vi)
above, with intent that it be used for the purpose of committing any of the
offences mentioned in (i) to (iv) above.


B. Investigative Procedures

The second principal part of the Convention requires Parties to enact
certain procedural mechanisms and procedures to facilitate the
investigation of cybercrimes or any crimes committed with a computer or
for which evidence may be found in electronic form. The provisions in
this part require states to adopt such legislative and other measures as
may be necessary to:

enable its competent authorities to order or similarly obtain the
expeditious preservation of specified computer data, including traffic
data, that has been stored by means of a computer system, in order to
give authorities the opportunity to seek disclosure of the data

With respect to preserved traffic data about a communication, ensure the
expeditious disclosure to the Partys competent authority...of a sufficient
amount of traffic data to enable the Party to identify the service providers
and the path through which the communication was transmitted

Empower its authorities to order a person in its territory to produce
specified computer data in that persons possession or control,
43
and to
order a service provider offering its services in the territory of the Party
to produce subscriber information relating to such services



Empower its competent authorities to search or similarly access and to
seize a computer system or a computer-data storage medium in its
territory, and to search and seize data stored therein

Empower its authorities to collect or record through the application of
technical means on its territory, traffic data, in real-time, associated
with specified communications in its territory transmitted by means of a
computer system, or to compel a service provider, within its existing
technical capability, to do the same or to cooperate and assist the
authorities own collection or recording


Empower its authorities, in the case of serious offences, to collect or
record through the application of technical means on its territory
content data, in real-time, of specified communications in its territory
transmitted by means of a computer system, or to compel a service
provider, within its existing technical capability, to do the same or to
cooperate with the authorities own collection or
Recording

Establish jurisdiction over any of the substantive offenses set forth in the
Convention that are committed in the states territory.

C. International Cooperation

The third principal part of the Convention sets out mechanisms by which
Parties to the convention will assist each other in investigating
cybercrimes and other crimes involving electronic evidence. The
Convention provides that Parties shall co-operate with each other to the
widest extent possible for the purposes of investigations or proceedings
concerning criminal offences related to computer systems and data, or for
the collection of evidence in electronic form of a criminal offence.
However, this cooperation shall occur through the application of
relevant international instruments on international co-operation in
criminal matters, arrangements agreed on the basis of uniform or
reciprocal legislation, and domestic laws. This suggests that cooperation
may be limited or delayed if required by law or other arrangements. The
specific cooperation measures are described below.






RECOGNITION OF FOREIGN JUDGMENTS
One of the core consequences of globalization has been the rapid increase
in transnational litigation and the associated need to enforce judgments
across national borders. This phenomenon has created a number of
problems in cases involving parties of different countries, since foreign
judgments brought to the country do not fall within the confines of the
Full Faith and Credit Clause of the Constitution. Rather than following
the simple, easy and inexpensive judgment-recognition process used in
domestic disputes.
In law, the enforcement of foreign judgments is the recognition and
enforcement in one jurisdiction of judgments rendered in another
("foreign") jurisdiction. Foreign judgments may be recognized based
on bilateral or multilateral treaties or understandings, or unilaterally
without an express international agreement. The emerging legal issues on
jurisdiction as regards transactions over the internet can hardly ignore
the legal aspects involved in the execution/enforcement of foreign
decrees. Even after exercise of jurisdiction, the Courts may be unable to
help the plaintiff in getting relief in case the local laws of the country
concerned have certain restrictions for the execution/enforcement of
foreign judgements or decrees in the country.
Under Indian Law, execution of decrees, whether foreign or domestic, is
governed by the provisions of the Code of Civil Procedure, 1908 (CPC)
(as amended from time to time).
The "recognition" of a foreign judgment occurs when the court of one
country or jurisdiction accepts a judicial decision made by the courts of
another "foreign" country or jurisdiction, and issues a judgment in
substantially identical terms without rehearing the substance of the
original lawsuit. For the private citizen enjoying the right to travel more
freely between states, the development of the Internet and e-commerce in
an increasingly globalised set of markets means that individuals routinely
buy goods, incur debts and suffer loss and injury across state borders. For
consumer groups, human rights advocates, intellectual property rights
holders, and multinational corporations, the continuing reliance on a
fragmented system of territorial boundaries for establishing jurisdiction,
is presenting a new range of problems that can only be resolved by
harmonising laws and standardising remedies.


Ques.2. Briefly explain Cyber Crimes and narrate the different
classifications of Cyber Crimes?
Ans.-
Cybercrime is a term for any illegal activity that uses a computer as its
primary means of commission. The U.S. Department of Justice expands
the definition of cybercrime to include any illegal activity that uses a
computer for the storage of evidence. The growing list of cybercrimes
includes crimes that have been made possible by computers, such as
network intrusions and the dissemination of computer viruses, as well as
computer-based variations of existing crimes, such as identity theft,
stalking, bullying and terrorism. There are a number of controversial
issues surrounding cybercrime. Opinions differ, for example, as to
whether some widespread activities (such as file sharing) should be
classified as criminal acts. The U.S. Digital Media Copyright Act
(DMCA) of 1998 stipulates that exchanging files of copyrighted material,
such as music or videos, is illegal and punishable by law. In August,
2002, the U.S. Department of Justice announced that they would begin to
prosecute cases of peer-to-peer piracy. Since that time, there have been
sporadic suits brought against individuals. Such prosecutions please many
in the entertainment industries but are less popular with the general
public. Gary Shapiro, president of the Consumer Electronics Association,
has remarked that "If we have 70 million people in the United States who
are breaking the law, we have a big issue." Another controversy related to
cybercrime is the issue of digital surveillance and its impact on civil
liberties. Since the terrorist attacks on the World Trade Center in
September 2001, many have deemed it necessary to curtail some
individual rights to privacy of information in exchange for greater
security. According to the American Civil Liberties Union (ACLU),
government surveillance networks monitor enormous volumes of private
communications and apply artificial intelligence (AI) applications to filter
out relevant data.
Cyber crimes are criminal activities executed on the Internet by means of
a computer. Cyber crimes include various unethical activities on the
Internet, such as unauthorized access to computer networks, email
bombing, denial of service attack and virus attacks. Indian laws are
becoming strict on tracking down cyber crimes as it is understood now
that a smart hacker can cause more damage with a keyboard than with a
deadly weapon.

CYBER CRIMES HAVE BEEN CATEGORIZED BASED ON
THE NATURE AND PURPOSE OF THE CRIME. THREE
BROAD CLASSIFICATIONS OF CYBER CRIMES ARE:

(i) Against individuals

It may be against individual persons or their property. Following are the
crimes, which can be committed against Individual persons:

a. Harassment via e-mails
b. Cyber-stalking
c. Dissemination of obscene material
d. Defamation
e. Unauthorized control/access over computer system
f. Indecent exposure;
g. Email spoofing
h. Cheating and Fraud.

Following are the crimes, which can be committed against individual
property:
a. Computer vandalism
b. Transmitting virus
c. Ne trespass
d. Unauthorized control/access over computer system
e. Intellectual Property crimes
f. Internet time thefts.

(ii) Against organization

It may be against the Government, a firm, a company or a group of
individuals. Following are the crimes against an organization:
a. Unauthorized control/access over computer system
b. Possession of unauthorized information
c. Cyber terrorism against the government organization
d. Distribution of pirated software.

(iii) Against the society at large Following are the crimes:

a. Pornography (largely child pornography)
b. Polluting the youth through indecent exposure
c. Trafficking
d. Financial crimes
e. Sale of illegal articles
f. Online gambling
g. Forgery.


CYBER CRIMES HAVE BEEN FURTHER
COMPREHENSIVELY CLASSIFIED BY DAVID L.
CARTER AS GIVEN BELOW:

Computer as Target of Cyber Crime
These cyber crimes are committed with an intention of causing damage to
a computer system or accessing the important data stored in a computer.
This type of crime includes illegal activities, such as stealing data or
information, theft of computer software, theft of information that has high
market value and blackmailing based on personal information gained
from computer.
Computer as an Means of Cyber Crime
This category of cyber crimes includes the use of computer as the means
of conducting cyber offences. Computer programs are often modified by
the hackers for committing frauds. Such crimes include practices, such as
deceptive use of ATM cards and bank accounts, credit card frauds, scams
associated with e-commerce, online fund transfers and stock transfers.
Computer as Incidental to Cyber Crime
This class of cyber crime includes hacking or unlawful access to
information, passwords or credit card numbers, spamming, gambling,
insurance frauds, pornography, threats by e-mails, and cyber stalking.


CYBER CRIMES HAVE BEEN FURTHER
COMPREHENSIVELY CLASSIFIED DUE TO EXTENSIVE
USE OF INTERNET AND COMPUTER AS GIVEN BELOW:
A. On the basis of commission of traditional crimes, cyber crimes can
be classified into following categories:
(i) Cyber Theft
(ii) Cyber trespass
(iii) Cyber Violence
(iv) Cyber Obscenity
(v) Cyber forgery and fraud
(vi) Intellectual Property Crimes

B. On the basis of emergence of new crimes, cyber crimes can be
classified into following categories:

(i) Cyber stalking
(ii) Cyber Pornography
(iii) Unauthorized access
(iv) Hacking
(v) Denial of Service Attack
(vi) Virus and Worms Attacks
(vii) Email Spoofing
(viii) Logic Bombs
(ix) Salami Attacks
(x) Data Diddling
(xi) Email Bombing
(xii) Trojan Attacks
(xiii) Web Jacking
(xiv) Cyber Terrorism
(xv) Computer Vandalism
Ques.3. Elucidate the judicial interpretations on Copyright
issues in the Cyber space?
Ans.-

Cyber Infringement

Copyright infringement is the use of somebody's own work of art and or
other creations as your own work. The work also has to be taken without
permission of the person or organization that own the rights to that
specific piece of work. Prior to the computer error, copyright
infringement for the most part was a lot easier to control and monitor.
Although copyright infringement before computers may have been easier
to monitor, it was also harder for people to copyright works of art. This is
due to the tools that were available to those that wanted to copy the works
of art or other information. This all change though once there was
technological advances and the everyday use of computers. Once
computers came into the picture, the tables turned. Now it is a lot easier
for people to copy material since it is a lot harder to monitor now. For
example multiple web sites to per to per sharing or files. Music has
become a major problem in the area of copyright infringement. With this
new advancement in technology, the definition of copyright infringement
has to be up dated to include the cyber world. Internet copyright
infringement is a form of intellectual property theft, and it can lead to
significant legal penalties and security issues. Common Internet copyright
violations include illegally downloading music files and movies as well
as pirating certain types of software applications. Posting a copyrighted
work, such as a drawing or writing, online without permission from the
owner may also constitute Internet copyright infringement (What Is
Internet Copyright Infringement). Online copyright infringement can
result in a range of legal problems for unauthorized users. Typically, the
penalties for Internet copyright infringement vary based on the severity of
the crime. People found guilty of lesser types of infringement, such as
illegally downloading a couple of music files, may simply be fined.
Greater violations, however, can lead to jail time (What Is Internet
Copyright Infringement). People who participate in illegal Internet
downloading can inadvertently put their computer security systems at
risk. Computer hackers often capitalize on web sites that provide users
with the ability to illegally download music, videos, and software. Some
hackers purposely infect the files on these sites with harmful codes that
can be difficult to uncover and eliminate. An Internet users computer
may become infected when one of these contaminated files is
downloaded on it (What Is Internet Copyright Infringement).

Pine Labs Pvt. Ltd vs Gemalto Terminals India Pvt. Ltd & Others
The present case had been filed by plaintiff (Pine Labs Pvt. Ltd) against
defenders (Gemalto Terminals Pvt. Ltd & others) for a decree of
declaration, perpetual injunction and rendition of accounts. The suit was
listed before High Court of Delhi on 7th October, 2009. Injunction was
granted by court restraining the defendants, their assigns, licensees,
agents, contractors, employees from in any manner infringing the
copyright of the plaintiff.
Defendant filed an application to modify the injunction on 9th October,
2009. Court modified the interim injunction stating that, the defendant
can continue providing services to Indian Oil Corporation Ltd.
Judgment: In this case, two issues to be decided: I) ownership of the
copyright and II) valid assignment of the copyright
I) Ownership of the copyright : Understanding about ownership
becomes important as it is only the owner under Section 18 of the Act
who can assign either the current or the future work. The ownership of
the copyright is statutorily recognized under Section 17 of the Copyright
Act which provides for the rule that the author shall be the owner of
copyright, subject to the provisions of the Act. Section 17 proviso (c)
deals with a situation where the work is created in the course of the
employment of the employer. In such a case, the work shall belong to the
employer who shall be the owner of the work in the absence of any
contract to the contrary. This furthers the discussion of the issue relating
to contract of employment and contract for employment, which are
clearly distinguishable from each other and determine the applicability of
the section. In the former case, ownership vests with the employer unless
there is agreement/ intention to the contrary and in the latter, ownership
vests with the employee unless there is an agreement/ intention to the
contrary. The degree of control, supervision, time spent, directions and
specifications given by the employer determines the nature of
employment. If we examine the present case from the perspective of a
contract of employment, the ownership of the work belongs to the
defendant no. 1 who was the employer and there is no need to look into
any further agreement or the MSA. It is another thing that the plaintiff in
the allegation made against defendant and in the agreement has taken the
status of an independent contractor, which means that the plaintiff has
created the software for the employer under a contract for service. Prior
to entering into the MSA, the plaintiff wrote an email communication
dated 20th February, 2004 wherein the plaintiff has stated that the work
has been created for a valuable consideration for and on behalf of the
Defendant no. 1 and the plaintiff has been paid in full and the copyright
and other rights vest with the Defendant no. 1 and the plaintiff does not
claim any right in the same. Hence, at this stage it is suffice to say that
prima facie, doubt can be expressed over the ownership of copyright as
claimed by the plaintiff, be it from the standpoint of the contract of
employment or contract for employment.
II ) valid assignment of the copyright : MSA is not as assignment but
an agreement to assign. It is admitted by both the parties that the basic
system design and the fundamental operative software was contained in
version 1.03. All the subsequent versions were primarily adaptations of
version 1.03 with a few additional new features, improving the
performance of version 1.03. The plaintiff has admitted that the copyright
in the new versions vests in the additional features mentioned above.
However, these additional new features are not really useable without the
source code in version 1.03. From the above, it is clear that even if the
rights pertaining to version 1.03 revert back to the plaintiff (which
although according to this court is prima facie not possible) for the
reasons given in the preceding Paras of the order, it is not clear how the
rights pertaining to the other versions, which are valid and subsisting can
revert back. Thus, the contention of the plaintiff is without any substance
and is prima facie, irrational and is not sustainable. Therefore, the
plaintiff is disentitled from the grant of interim relief on this reason as
well. The rights of the plaintiff revert back to it for the software and thus
lead to an enforceable right.



COPYRIGHT ASPECTS OF HYPERLINKING
AND FRAMING

In copyright law, the legal status of hyperlinking (also termed "linking")
and that of framing concern how courts address two different but related
web technologies. In large part, the legal issues concern use of these
technologies to create or facilitate public access to proprietary media
content such as portions of commercial Web sites. When hyperlinking
and framing have the effect of distributing, and creating routes for the
distribution of content (information) that does not come from the
proprietors of the Web pages affected by these practices, the proprietors
often seek the aid of courts to suppress the conduct, particularly when the
effect of the conduct is to disrupt or circumvent the proprietors'
mechanisms for receiving financial compensation.
The issues about linking and framing have become so intertwined under
copyright law that it is impractical to attempt to address them separately.
As will appear, some decisions confuse them with one another, while
other decisions involve and therefore address both. Framing involves the
use of hyperlinking, so that any challenge of framing under copyright law
is likely to involve a challenge of hyperlinking as well. (The converse is
not true.)

History of copyright litigation
In large part, linking and framing are not held to be copyright
infringement under US and German copyright law, even though the
underlying Web pages are protected under copyright law. Because the
copyright-protected content is stored on a server other than that of the
linking or framing person (it is stored on the plaintiff's server), there is
typically no infringing "copy" made by the defendant linking or framing
person (as may be essential), on which to base liability. Some European
countries take a more protective view, however, and hold unauthorized
framing and so-called deep linking unlawful.
Denmark
Danish Newspaper Publishers Association v. Newsbooster
The Bailiff's Court of Copenhagen ruled in July 2002 against the Danish
website Newsbooster, holding, in a suit brought by the Danish
Newspaper Publishers Association (DNPA), that Newsbooster had
violated Danish copyright law by deep linking to newspaper articles on
Danish newspapers' Internet sites. Newsbooster's service allows users to
enter keywords to search for news stories, and then deep links to the
stories are provided. The DNPA said that this conduct was "tantamount to
theft." The court ruled in favor of the DNPA, not because of the mere act
of linking but because Newsbooster used the links to gain commercial
advantage over the DNPA, which was unlawful under the Danish
Marketing Act. The court enjoined Newsbooster's service.
DNPA v. Google
In November 2008, the DNPA, citing its success against Newsbooster,
demanded that Google stop deep linking to stories in Danish newspapers
without paying royalties.
United States
Washington Post v. Total News
In February 1997 the Washington Post, CNN, the Los Angeles Times,
Dow Jones (Wall Street Journal), and Reuters sued Total News Inc. for
framing their news stories on the Total News Webpage. The complaint
was filed in New York federal district court. The case was settled in June
1997, on the basis that linking without framing would be used in the
future.
Ticketmaster v. Microsoft
In April 1997 Ticketmaster Corp. sued Microsoft Corp. in Los Angeles
federal district court for deep linking. Ticketmaster objected to
Microsoft's bypassing the home and intermediate pages on Ticketmaster's
site, claiming that Microsoft had "pilfered" its content and diluted its
value. Microsoft's Answer raised a number of defenses explained in
detail in its pleadings, including implied license, contributory negligence,
and voluntary assumption of the risk. Microsoft also, argued that
Ticketmaster had breached an unwritten Internet code, under which any
Web site operator has the right to link to anyone else's site. A number of
articles in the trade press derided Ticketmaster's suit. The case was
settled in February 1999, on confidential terms. But Microsoft stopped
the deep linking and instead used a link to Ticketmaster's home page.



Ques.4. What is E-Commerce? Elucidate the important issues in
Global E- Commerce?
Ans.-
E-commerce (electronic commerce or EC) is the buying and selling of
goods and services, or the transmitting of funds or data, over an
electronic network, primarily the Internet.
E-commerce (electronic commerce or EC) is the buying and selling of
goods and services, or the transmitting of funds or data, over an
electronic network, primarily the Internet. These business transactions
occur either business-to-business, business-to-consumer, consumer-to-
consumer or consumer-to-business. The terms e-commerce and e-
business are often used interchangeably. The term e-tail is also
sometimes used in reference to transactional processes around online
retail.
E-commerce is conducted using a variety of applications, such as email,
fax, online catalogs and shopping carts, Electronic Data Interchange
(EDI), File Transfer Protocol, and Web services. Most of this is business-
to-business, with some companies attempting to use email and fax for
unsolicited ads (usually viewed as spam) to consumers and other business
prospects, as well as to send out e-newsletters to subscribers.
The benefits of e-commerce include its around-the-clock availability, the
speed of access, a wider selection of goods and services, accessibility,
and international reach. Its perceived downsides include sometimes-
limited customer service, not being able to see or touch a product prior to
purchase, and the necessitated wait time for product shipping.
To ensure the security, privacy and effectiveness of e-commerce,
businesses should authenticate business transactions, control access to
resources such as webpages for registered or selected users, encrypt
communications and implement security technologies such as the Secure
Sockets Layer.

The three major issues in Global e-commerce are:

I. Financial Issues
1. CUSTOMS AND TAXATION
For over 50 years, nations have negotiated tariff reductions because they
have recognized that the economies and citizens of all nations benefit
from freer trade. Given this recognition, and because the Internet is truly
a global medium, it makes little sense to introduce tariffs on goods and
services delivered over the Internet.
Further, the Internet lacks the clear and fixed geographic lines of transit
that historically have characterized the physical trade of goods. Thus,
while it remains possible to administer tariffs for products ordered over
the Internet but ultimately delivered via surface or air transport, the
structure of the Internet makes it difficult to do so when the product or
service is delivered electronically.
Nevertheless, many nations are looking for new sources of revenue, and
may seek to levy tariffs on global electronic commerce.
2. ELECTRONIC PAYMENT SYSTEMS
New technology has made it possible to pay for goods and services over
the Internet. Some of the methods would link existing electronic banking
and payment systems, including credit and debit card networks, with new
retail interfaces via the Internet. "Electronic money," based on stored-
value, smart card, or other technologies, is also under development.
Substantial private sector investment and competition is spurring an
intense period of innovation that should benefit consumers and businesses
wishing to engage in global electronic commerce.
At this early stage in the development of electronic payment systems, the
commercial and technological environment is changing rapidly. It would
be hard to develop policy that is both timely and appropriate. For these
reasons, inflexible and highly prescriptive regulations and rules are
inappropriate and potentially harmful. Rather, in the near term, case-by-
case monitoring of electronic payment experiments is preferred.
From a longer term perspective, however, the marketplace and industry
self-regulation alone may not fully address all issues. For example,
government action may be necessary to ensure the safety and soundness
of electronic payment systems, to protect consumers, or to respond to
important law enforcement objectives.
II. Legal Issues
3. 'UNIFORM COMMERCIAL CODE' FOR ELECTRONIC
COMMERCE
In general, parties should be able to do business with each other on the
Internet under whatever terms and conditions they agree upon.
Private enterprise and free markets have typically flourished, however,
where there are predictable and widely accepted legal environments
supporting commercial transactions. To encourage electronic commerce,
the government should support the development of both a domestic and
global uniform commercial legal framework that recognizes, facilitates,
and enforces electronic transactions worldwide. Fully informed buyers
and sellers could voluntarily agree to form a contract subject to this
uniform legal framework, just as parties currently choose the body of law
that will be used to interpret their contract.
Participants in the marketplace should define and articulate most of the
rules that will govern electronic commerce. To enable private entities to
perform this task and to fulfill their roles adequately, governments should
encourage the development of simple and predictable domestic and
international rules and norms that will serve as the legal foundation for
commercial activities in cyberspace.
4. INTELLECTUAL PROPERTY PROTECTION
Commerce on the Internet often will involve the sale and licensing of
intellectual property. To promote this commerce, sellers must know that
their intellectual property will not be stolen and buyers must know that
they are obtaining authentic products.
International agreements that establish clear and effective copyright,
patent, and trademark protection are therefore necessary to prevent piracy
and fraud. While technology, such as encryption, can help combat piracy,
an adequate and effective legal framework also is necessary to deter fraud
and the theft of intellectual property, and to provide effective legal
recourse when these crimes occur. Increased public education about
intellectual property in the information age will also contribute to the
successful implementation and growth of the GII.
5. PRIVACY
Americans treasure privacy, linking it to our concept of personal freedom
and well- being. Unfortunately, the GII's great promise -- that it facilitates
the collection, re-use, and instantaneous transmission of information --
can, if not managed carefully, diminish personal privacy. It is essential,
therefore, to assure personal privacy in the networked environment if
people are to feel comfortable doing business.
At the same time, fundamental and cherished principles like the First
Amendment, which is an important hallmark of American democracy,
protect the free flow of information. Commerce on the GII will thrive
only if the privacy rights of individuals are balanced with the benefits
associated with the free flow of information.
6. SECURITY
The GII must be secure and reliable. If Internet users do not have
confidence that their communications and data are safe from
unauthorized access or modification, they will be unlikely to use the
Internet on a routine basis for commerce.
A secure GII requires:
1. secure and reliable telecommunications networks;
2. effective means for protecting the information systems attached to those
networks;
3. effective means for authenticating and ensuring confidentiality of
electronic information to protect data from unauthorized use; and
4. well trained GII users who understand how to protect their systems and
their data.


III. Market Access Issues
7. TELECOMMUNICATIONS INFRASTRUCTURE AND
INFORMATION TECHNOLOGY
Global electronic commerce depends upon a modern, seamless, global
telecommunications network and upon the computers and "information
appliances" that connect to it.
8
Unfortunately, in too many countries,
telecommunications policies are hindering the development of advanced
digital networks. Customers find that telecommunications services often
are too expensive, bandwidth is too limited, and services are unavailable
or unreliable. Likewise, many countries maintain trade barriers to
imported information technology, making it hard for both merchants and
customers to purchase the computers and information systems they need
to participate in electronic commerce.
8. CONTENT
The government supports the broadest possible free flow of information
across international borders. This includes most informational material
now accessible and transmitted through the Internet, including through
World Wide Web pages, news and other information services, virtual
shopping malls, and entertainment features, such as audio and video
products, and the arts. This principle extends to information created by
commercial enterprises as well as by schools, libraries, governments and
other nonprofit entities.
9. TECHNICAL STANDARDS
Standards are critical to the long term commercial success of the Internet
as they can allow products and services from different vendors to work
together. They also encourage competition and reduce uncertainty in the
global marketplace. Premature standardization, however, can "lock in"
outdated technology. Standards also can be employed as de facto non-
tariff trade barriers, to "lock out" non-indigenous businesses from a
particular national market.

Ques.5. Briefly examine the Aims and Objectives of the
Information Technology Act, 2000?
Ans.-
THE AIMS AND OBJECTIVES OF THE ACT :
(a) a facilitating Act, (b) an enabling Act, and ( c) a regulating Act
(a) A Facilitating Act:
The Information Technology Act, 2000 is a facilitating Act as it
facilitates both e-commerce and e-governance. Interestingly, the
UNCITRAL Model Law of E-commerce on which this Act is based has
made no reference to e-governance. But it was the collective wisdom of
the legislature, which saw the necessity of introducing concepts like e-
governance in this Act. Infact, the entire Chapter III of the Act is devoted
to e-governance and e- governance practices. There are 7 sections in the
aforesaid Chapter III of the Act, from section 4 to section 10, which deal
with e-governance issues. These sections form the basic law related to
electronic governance rights, which have been conferred to the persons
and the Government(s) both Central and State Governments. It is
applicable to the whole of India, including the State of Jammu and
Kashmir. It is important to understand that the Information Technology
Act, 2000 is the first enactment of its kind in India, which grants e-
governance rights to the citizens of India
(b) An Enabling Act:
The Information Technology Act, 2000 is an enabling Act as it enables a
legal regime of electronic records and digital signatures. That is, in order
to be called legally binding all electronic records, communications or
transactions must meet the fundamental requirements, one authenticity of
the sender to enable the recipient (or relying party) to determine who
really sent the message, two messages integrity, the recipient must be
able to determine whether or not the message received has been modified
en route or is incomplete and third, non-repudiation, the ability to ensure
that the sender cannot falsely deny sending the message, nor falsely deny
the contents of the message. The Act provides for Digital signatures,
which may be considered functional equivalent to physical world
signatures capable of meeting all the fundamental requirements, like
authenticity of the sender, message integrity and non-repudiation. Digital
signature is a misnomer. It does not mean scanning the handwritten
signatures electronically. In fact by applying digital signatures one may
actually transform an electronic message into an alphanumeric code. It
requires a key pair (private key for encryption and public key for
decryption) and a hash function (algorithm).
(c) A Regulating Act :
The Information Technology Act, 2000 is a regulating Act as it regulates
cyber crimes. As stated above, cyber crime is a collective term
encompassing both cyber contraventions and cyber offences. The Act not
only demarcates contraventions from offences, but also provides a
separate redressal mechanism for both.

HIGHLIGHTS OF THE ACT :
Chapter-II of the Act specifically stipulates that any subscriber may
authenticate an electronic record by affixing his digital signature. It
further states that any person can verify an electronic record by the use of
a public key of the subscriber.
Chapter III of the Act details about the electronic governance and
provides inter alia amongst others that where any law provides that
information or any other matter shall be in writing or in typewritten or
printed form, then, notwithstanding anything contained in such law, such
requirement shall be deemed to have been satisfied if such information or
matter is
(a) rendered or made available in an electronic form; and
(b) accessible so as to be usable for a subsequent reference The said
chapter also details the legal recognition of digital signatures.
Chapter IV of the said Act gives a scheme for the regulation of
certifying authorities. The Act envisages a Controller who shall supervise
the Certifying Authorities as also laying down standards and conditions
governing the Certifying Authorities. The Controller will also specify the
various forms and content of digital signature certificates. The Act
accepts the need for recognizing foreign certifying authorities and it
further details the various provisions for the issuance of license to issue
digital signature certificates.
Chapter VII of the Act details the scheme of things relating to digital
signature certificates. The duties of subscribers are also enshrined in the
Act.
Chapter IX talks about penalties and adjudication for various offences.
The penalties for damage to a computer system have been fixed as
damages by way of compensation not exceeding Rs 1,00,00,000. The Act
talks of appointment of an officer not below the rank of a Director to the
Government of India or an equivalent officer of a state government as an
Adjudicating Officer to judge whether any person has made a
contravention of any of the provisions of the Act. The officer has been
given the powers of a civil court.
The Act in Chapter X talks of the establishment of Cyber Regulations
Appellate Tribunal, an appellate body where appeals against the orders
passed by the Adjudicating Officers shall be preferred.
Chapter XI of the Act talks about various offences, which could be
investigated only by a police officer not below the rank of Deputy
Superintendent of Police. These offences include tampering with
computer source documents, publishing of information that is obscene in
electronic form and hacking.
Hacking has been properly defined in Section 66 as, "Whoever with the
intent to cause or knowing that he is likely to cause wrongful loss or
damage to the public or any person destroys or deletes or alters any
information residing in a computer resource or diminishes its value or
utility or affects it injuriously by any means, commits hacking." Further
for the first time, punishment for hacking as a cyber crime prescribed in
the form of imprisonment upto 3 years or with fine which may extend to
Rs. 2,00,000/- or with both. This is a welcome measure as hacking has
assumed tremendous importance in the present day scenario. On previous
occasions, the web sites of the Government have been hacked into but no
legal provision within the existing legislation could be invoked to cover
"hacking" as a cyber crime. It shall now be possible to try and punish
hackers under section 66 of the Information Technology Act , 2000,2000.
The said Act also provides for the constitution of the Cyber Regulations
Advisory Committee, which shall advice the government as regards any
rules, or for any other purpose connected with the said act. The said Act
also has four Schedules which amend the Indian Penal Code, 1860, the
Indian Evidence Act, 1872, The Bankers' Books Evidence Act, 1891, The
Reserve Bank of India Act, 1934 to make them in tune with the
provisions of the Information Technology Act , 2000.

SALIENT FEATURES OF THE INFORMATION TECHNOLOGY
ACT, 2000:
(i) Extends to the whole of India (Section 1) ;
(ii) Authentication of electronic records (Section 3) ;
(iii) Legal Framework for affixing Digital signature by use of asymmetric
crypto system and hash function (Section 3) ;
(iv) Legal recognition of electronic records (Section 4);
(v) Legal recognition of digital signatures (Section 5) ;
(vi) Retention of electronic record (Section 7);
(vii) Publication of Official Gazette in electronic form (Section 8);
(viii) Security procedure for electronic records and digital signature
(Sections 14, 15, 16);
(ix) Licensing and Regulation of Certifying authorities for issuing digital
signature certificates (Sections 17-42);
(x) Functions of Controller (Section 18);
(xi) Appointment of Certifying Authorities and Controller of Certifying
Authorities, including recognition of foreign Certifying Authorities
(Section 19);
(xii) Controller to act as repository of all digital signature certificates
(Section 20); (xiii) Data Protection (Sections 43 & 66);
(xiv) Various types of computer crimes defined and stringent penalties
provided under the Act (Section 43 and Sections 66, 67, 72);
(xv) Appointment of adjudicating officer for holding inquiries under the
Act (Sections 46 & 47);
(xvi) Establishment of Cyber Appellate Tribunal under the Act (Sections
48-56);
(xvii) Appeal from order of Adjudicating Officer to Cyber Appellate
Tribunal and not to any Civil Court (Section 57);
(xviii) Appeal from order of Cyber Appellate Tribunal to High Court
(Section 62);
(xix) Interception of information from computer to computer (Section
69);
(xx) Protection System (Section 70);
(xxi) Act to apply for offences or contraventions committed outside India
(Section 75);
(xxii) Investigation of computer crimes to be investigated by officer at the
DSP (Deputy Superintendent of Police) level;
(xxiii) Network service providers not to be liable in certain cases (Section
79);
(xxiv) Power of police officers and other officers to enter into any public
place and search and arrest without warrant (Section 80);
(xxv) Offences by the Companies (Section 85);
(xxvi) Constitution of Cyber Regulations Advisory Committee who will
advice the Central Government and Controller (Section 88).