MODULE- 1 (CYBER LAW)

CYBER LAW (IT LAW) IN INDIA

Cyber Law also called IT Law is the law regarding Information-technology including
computers and internet. It is related to legal informatics and supervises the digital circulation
of information, software, information security and e-commerce. IT law does not consist a
separate area of law rather it encloses aspects of contract, intellectual property, privacy and
data protection laws. Intellectual property is a key element of IT law. The area of software
license is controversial and still evolving in Europe and elsewhere.

According to Ministry of Electronic and Information Technology, Government of India: Cyber

Laws yields legal recognition to electronic documents and a structure to support e-filing and e-
commerce transactions and also provides a legal structure to reduce, check cybercrimes.

Importance of Cyber Law:

1. It covers all transaction over internet.

2. It keeps eyes on all activities over internet.
3. It touches every action and every reaction in cyberspace.

AREA OF CYBER LAW:

Cyber laws contain different types of purposes. Some laws create rules for how individuals and
companies may use computers and the internet while some laws protect people from becoming
the victims of crime through unscrupulous activities on the internet. The major areas of cyber
law include:

(1.) Fraud: Consumers depend on cyber laws to protect them from online fraud. Laws are made
to prevent identity theft, credit card theft and other financial crimes that happen online. A
person who commits identity theft may face confederate or state criminal charges. They
might also encounter a civil action brought by a victim. Cyber lawyers work to both defend
and prosecute against allegations of fraud using the internet.
(2.) Copyright: The internet has made copyright violations easier. In early days of online
communication, copyright violations were too easy. Both companies and individuals need
lawyers to bring actions to impose copyright protections. Copyright violation is an area of
cyber law that protects the rights of individuals and companies to profit from their own
creative works.
(3.) Defamation: Several personnel use the internet to speak their mind. When people use the
internet to say things that are not true, it can cross the line into defamation. Defamation
laws are civil laws that save individuals from fake public statements that can harm a
business or someone’s personal reputation. When people use the internet to make
statements that violate civil laws, that is called Defamation law.
(4.) Harassment and Stalking: Sometimes online statements can violate criminal laws that
forbid harassment and stalking. When a person makes threatening statements again and
again about someone else online, there is violation of both civil and criminal laws. Cyber
lawyers both prosecute and defend people when stalking occurs using the internet and other
forms of electronic communication.
(5.) Freedom of Speech: Freedom of speech is an important area of cyber law. Even though
cyber laws forbid certain behaviours online, freedom of speech laws also allow people to
speak their minds. Cyber lawyers must advise their clients on the limits of free speech
including laws that prohibit obscenity. Cyber lawyers may also defend their clients when
there is a debate about whether their actions consist of permissible free speech.
(6.) Trade Secrets: Companies doing businesses online often depend on cyber laws to protect
their trade secrets. For example, Google and other online search engines spend lots of time
developing the algorithms that produce search results. They also spend a great deal of time
developing other features like maps, intelligent assistance and flight search services to
name a few. Cyber laws help these companies to take legal action as necessary in order to
protect their trade secrets.
(7.) Contracts and Employment Law: Every time you click a button that says you agree to
the terms and conditions of using a website, you have used cyber law. There are terms and
conditions for every website that are somehow related to privacy concerns.

Advantages of Cyber Law:

Organizations are now able to carry out e-commerce using the legal infrastructure provided
by the Act.
Digital signatures have been given legal validity and sanction in the Act.
It has opened the doors for the entry of corporate companies for issuing Digital Signatures
Certificates in the business of being Certifying Authorities.
It allows Government to issue notification on the web thus heralding e-governance.
 It gives authority to the companies or organizations to file any form, application or any
other document with any office, authority, body or agency owned or controlled by the
suitable Government in e-form by means of such e-form as may be prescribed by the
suitable Government.
The IT Act also addresses the important issues of security, which are so critical to the
success of electronic transactions.

Categories of Cyber Crime

1. Cybercrimes against persons

• Cyber stalking
• Impersonation
• Loss of Privacy
• Transmission of Obscene Material
• Harassment with the use of computer
2. Cybercrimes against property
• Unauthorized Computer Trespassing
• Computer vandalism
• Transmission of harmful programmes
• Siphoning of funds from financial institutions
• Stealing secret information & data
• Copyright
3. Cybercrimes against government
• Hacking of Government websites
• Cyber Extortion
• Cyber Terrorism
• Computer Viruses

Some Other Crimes

(i) Logic Bombs

(ii) Spamming
(iii) Virus, worms, Trojan Horse
(iv) E-Mail Bombing
(v) E-Mail abuse etc.
 NEED FOR CYBER LAW

In today’s techno-savvy environment, the world is becoming more and more digitally
sophisticated and so are the crimes. Internet was initially developed as a research and
information sharing tool and was in an unregulated manner. As the time passed by it became
more transactional with e-business, e-commerce, e-governance and e-procurement etc. All
legal issues related to internet crime are dealt with through cyber laws. As the number of
internet users is on the rise, the need for cyber laws and their application has also gathered great
momentum. In today’s highly digitalized world, almost everyone is affected by cyber law.

For example: -

▪ Almost all transactions in shares are in demat form.

▪ Almost all companies extensively depend upon their computer networks and keep their
valuable data in electronic form.
▪ Government forms including income tax returns, company law forms etc. are now filled
in electronic form.
▪ Consumers are increasingly using credit/debit cards for shopping.
▪ Most people are using email, phones and SMS messages for communication.
▪ Even in “non-cybercrime” cases, important evidence is found in computers/cell phones
eg: in cases of murder, divorce, kidnapping, tax evasion, organized crime, terrorist
operations, counterfeit currency etc.
▪ Cybercrime cases such as online banking frauds, online share trading fraud, source code
theft, credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing attacks,
email hijacking, denial of service, hacking, pornography etc. are becoming common.
▪ Digital signatures and e-contracts are fast replacing conventional method of transacting
business.

THE OBJECT OF THE INFORMATION TECHNOLOGY ACT,2000 AS DEFINED

THEREIN IS AS UNDER: -

"to provide legal recognition for transactions carried out by means of electronic data
interchange and other means of electronic communication, commonly referred to as "electronic
methods of communication and storage of information, to facilitate electronic filing of
documents with the Government agencies and further to amend the Indian Penal Code, the
Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891 and the Reserve Bank of
India Act, 1934 and for matters connected therewith or incidental thereto."
Towards that end, the said Act thereafter stipulates numerous provisions. The said Act aims to
provide for the legal framework so that legal sanctity is accorded to all electronic records and
other activities carried out by electronic means. The said Act further states that unless otherwise
agreed, an acceptance of contract may be expressed by electronic means of communication and
the same shall have legal validity and enforceability. The said Act purports to facilitate
electronic intercourse in trade and commerce, eliminate barriers and obstacles coming in the
way of electronic commerce resulting from the glorious uncertainties relating to writing and
signature requirements over the Internet. The Act also aims to fulfil its objects of promoting
and developing the legal and business infrastructure necessary to implement electronic
commerce.

Chapter-II of the said Act specifically stipulates that any subscriber may authenticate an
electronic record by affixing his digital signature. It further states that any person by the use of
a public key of the subscriber can verify the electronic record.

CHAPTER III of the Act details about Electronic Governance and provides interalia amongst
others that where any law provides that information or any other matter shall be in writing or
in the typewritten or printed form, then, notwithstanding anything contained in such law, such
requirement shall be deemed to have been satisfied if such information or matter is-

a) rendered or made available in an electronic form; and

b) accessible so as to be usable for a subsequent reference.

The said chapter also details about the legal recognition of Digital Signatures. The various
provisions further elaborate on the use of Electronic Records and Digital Signatures in
Government Agencies. The Act further talks of publications of rules and regulations in the
Electronic Gazette.

Chapter IV of the said Act gives a scheme for Regulation of Certifying Authorities. The Act
envisages a Controller of Certifying Authorities who shall perform the function of exercising
supervision over the activities of the Certifying Authorities as also laying down standards and
conditions governing the Certifying Authorities as also specifying the various forms and
content of Digital Signature Certificates. The Act recognises the need for recognising foreign
Certifying Authorities and it further details the various provisions for the issue of license to
issue Digital Signature Certificates.
Chapter VII of the Act details about the scheme of things relating to Digital Signature
Certificates. The duties of subscribers are also enshrined in the said Bill.

Chapter IX of the said Act talks about penalties and adjudication for various offences. The
penalties for damage to computer, computer system etc. have been fixed as damages by way
of compensation not exceeding Rs. 100,00,000/- to affected persons. The Act talks of
appointment of any officers not below the rank of a Director to the Government of India or an
equivalent officer of state government as an Adjudicating Officer who shall adjudicate whether
any person has made a contravention of any of the provisions of the said act or rules framed
thereunder. The said Adjudicating Officer has been given the powers of a Civil Court.

There is a provision in Chapter X which envisage the Cyber Regulations Appellate Tribunal
shall be an appellate body where appeals against the orders passed by the Adjudicating Officers
shall be preferred. The said Tribunal shall not be bound by the principles of the Code of Civil
Procedure but shall follow the principles of natural justice and shall have the same powers as
those are vested in a Civil Court. Against an order or decision of the Cyber Appellate Tribunal,
an appeal shall lie to the High Court.

Chapter XI of the said Act talks about various offences and the said offences shall be
investigated only by a Police Officer not below the rank of the Deputy Superintendent of Police.
These offences include tampering with computer source documents, publishing of information
which is obscene in electronic form, breach of confidentiality and privacy, misrepresentation,
publishing Digital Signature Certificate false in certain particulars and publication for
fraudulent purposes.

Hacking has been properly defined in Section 66 as, "Whoever with the intent to cause or
knowing that he is likely to cause wrongful loss or damage to the public or any person destroys
or deletes or alters any information residing in a computer resource or diminishes its value or
utility or affects it injuriously by any means, commits hacking." Further for the first time,
punishment for hacking as a cybercrime prescribed in the form of imprisonment upto 3 years
or with fine which may extend to Rs. 2,00,000/- or with both. This is a welcome measure as
hacking has assumed tremendous importance in the present-day scenario. On previous
occasions, the web sites of the Government have been hacked into but no legal provision within
the existing legislation could be invoked to cover "hacking" as a cyber-crime. It shall now be
possible to try and punish hackers under section 66 of the IT Act,2000.
The said Act also provides for the constitution of the Cyber Regulations Advisory Committee
which shall advice the government as regards any rules or for any other purpose connected
with the said act. The said Act also has four Schedules which amend the Indian Penal Code,
1860, the Indian Evidence Act, 1872, The Bankers' Books Evidence Act, 1891, The Reserve
Bank of India Act, 1934 to make them in tune with the provisions of the IT Act.

The said IT Bill was tabled in Parliament in December, 1999 and was referred to the Standing
Committee on Science and Technology, Environment and Forests for examination and report.
The Standing Committee examined the said IT Bill 1999 and proposed some stringent measures
to further strengthen the legal infrastructure of the IT Bill 1999. The most positive aspect of
the said report was that it recommended the insertion of the definition and punishment for
"hacking".

Looking from an overall perspective, the Information Technology Act,2000 is a laudable effort
by the Government to create the necessary legal infrastructure for promotion and growth of
electronic commerce. As on date, the judiciary in India is reluctant to accept electronic records
and communications as evidence. Even email has not been defined in the prevailing statutes of
India and is not an accepted legal form of communication as evidence in a court of law as of
today. The said IT Act,2000 indeed is a step forward in that direction also.

None of the existing laws gave any legal validity or sanction to the activities in Cyberspace.
For example, the Net is used by a large majority of users for email. Yet till today, email id
not “legal” in our country. There is no law in the country, which gives legal validity, and
sanction to email. Courts and judiciary in our country have been reluctant to grant judicial
recognition to the legality of email in the absence of any specific law having been enacted
by the Parliament. As such the need has arisen for Cyber law.

INTERNET AND THE PROBLEM OF GEOGRAPHY

The cross-border nature of the Internet challenges an international system based on separate
national jurisdictions. Unfortunately, discussions among governments on this growing tension
easily spiral into ideological infighting about the application of sovereignty.

Early November however, 1600 participants from 100 countries gathered for the 7th annual
Internet Governance Forum (IGF). Coming from governments, business, technical community,
civil society and international organizations, they shared experiences and concerns - without
any distinction of status and on an equal footing - in more than one hundred self-organized
workshops. Several sessions showed that it is possible to address the relations between the
Internet and sovereignty in a responsible manner. The resulting Cyberspace is a cross-border
environment, a collection of shared spaces allowing people to interact on a daily basis across
national frontiers. As such, it cannot be handled the way we have historically applied
sovereignty. This concept, the origins of which can be traced back to the 1648 Treaty of
Westphalia, allowed governments to draw rigid boundaries to separate their territories and
establish their exclusive authority.

Several IGF sessions illustrated the multiple territorial criteria used to trigger the application
of national laws upon online activities. They can be based on the location of users, data centers
and Domain Name System operators, as well as the country of incorporation of service
providers and cross-border platforms.

A patchwork of overlapping jurisdictions

Unfortunately, these jurisdictional criteria often overlap while national laws differ. As a result,
conflicts proliferate regarding privacy, freedom of expression, security or intellectual property,
as increasingly reported in the media. The development of such a patchwork of national
legislations generates legal uncertainty for users, difficulties of enforcement for public
authorities and challenges for global intermediaries.

Furthermore, because the Internet is a shared space and infrastructure, sovereign decisions in
one country may impact citizens in other states, or even the network as a whole. Some states
can actually benefit from an extra-territorial extension of their sovereignty due to the presence
of key platforms or infrastructures on their own soil. The legal geography of cyberspace does
not replicate the clean physical boundaries of national territories.

No sovereignty without responsibility

For the reasons mentioned above, Internet governance cannot be founded on the enforcement
of an absolute Westphalian system with strict separation of sovereignties on an infrastructure
that transcends it. Turning the Internet into a collection of national intranets would not only
destroy the exceptional benefits it has brought so far. It would create more problems and
conflicts than this move pretends to solve.

In our interconnected world, states must, on the contrary, assume responsibility for potential
transboundary impacts of their national decisions. Far from representing a renunciation to
sovereignty, it should be seen as the inescapable consequence of the principle of the equality
of states, if it really means something. There is no legitimate exercise of sovereignty without
this responsibility.

REGULATING THE CYBER SOCIETY- CYBER LIBERTARIANISM

Cyber-libertarianism refers to the belief that individuals—acting in whatever capacity they

choose (as citizens, consumers, companies, or collectives)—should be at liberty to pursue their
own tastes and interests online. Generally speaking, the cyber-libertarian’s motto is “Live &
Let Live” and “Hands Off the Internet!” The cyber-libertarian aims to minimize the scope of
state coercion in solving social and economic problems and looks instead to voluntary solutions
and mutual consent-based arrangements.

Cyber-libertarians believe true “Internet freedom” is freedom from state action; not freedom
for the State to reorder our affairs to supposedly make certain people or groups better off or to
improve some amorphous “public interest”—an all-to convenient facade behind which
unaccountable elites can impose their will on the rest of us.

Application in Social & Economic Contexts

The cyber-libertarian draws no distinction between social and economic freedom when
applying this vision:

Social Freedom: Individuals should be granted liberty of conscience, thought, opinion,

speech, and expression in online environments.
Economic Freedom: Individuals should be granted liberty of contract, innovation, and
exchange in online environments.

Cyber-libertarians also argue that social and economic freedoms are inextricably intertwined:
It is not enough to support liberty of action in one sphere; foreclosing freedom in one sphere
will eventually affect freedom in the other.

How “Code Failures” Are to Be Addressed

The cyber-libertarian believes that “code failures” (the digital equivalent of so-called “market
failures”) are better addressed by voluntary, spontaneous, bottom-up, marketplace responses
than by coerced, top-down, governmental solutions. From a practical perspective, the decisive
advantage of the market-driven approach to correcting code failure comes down to the rapidity
and nimbleness of those responses. Stated differently, cyber-libertarians have a strong aversion
to the politicization of technology issues and efforts to replace market processes with
bureaucratic processes.

Importantly, the cyber-libertarian defines “markets” broadly to include monetary and non-
monetary transactions as well as proprietary and non-proprietary modes of production. To be
clear, collaborative, non-proprietary technologies and efforts (e.g., Wikipedia and open-source
software) are not at odds with cyber-libertarianism. But the cyber-libertarian does reject the
notion these models are the only acceptable model or that they should be imposed on us by
law. The proper policy position with regards to the “open vs. closed” or “proprietary vs. non-
proprietary” debate should be one of techno-agnosticism. Lawmakers and courts should not
be tilting the balance in one direction or the other.

More generally speaking, instead of seeking to define or impose a single utopian vision, the
cyber-libertarian seeks to enable what libertarian philosopher Robert Nozick called a “Utopia
of Utopias:” a framework within which many different models of organizing commerce and
community can flourish alongside, and in competition with, each other.

General Relationship to “Internet Exceptionalism”

Internet exceptionalists are first cousins to cyber-libertarians: They believe that the Internet
has changed culture and history profoundly and is deserving of special care before governments
intervene.

CYBER-LIBERTARIANISM:

In 1996 John Perry Barlow published his famous Declaration of Independence of Cyberspace,
a text which is generally regarded as the definitive explication of so-called ‘cyber-
libertarianism’. Barlow’s rousing text asserts that cyberspace (however one chooses to define
it) is qualitatively different from real space. For Barlow, this qualitative difference is such that
the rule of law does not apply in cyberspace. Consequently, lawmakers are not welcome in the
space, and ‘have no sovereignty where Internet users gather.’

The flaw in this premise is illustrated by the reality that governments today possess a powerful
arsenal of enforcement tools in the online sphere, on everything from e-commerce, to
defamation, to privacy. There is unfortunate irony in the fact that today, much socio-legal
discourse around regulation in cyberspace concerns the very risk to citizens’ fundamental rights
that stems from governments’ immense regulatory power in the Internet eco-system (e.g.,
blocking, filtering, surveillance), a reality far removed from Barlow’s depiction.
In his influential Code and other laws cyberspace, Larry Lessig unpacks the fundamental error
in the cyber-libertarian doctrine that compromised its predictions. Lessig contends that cyber-
libertarianism wrongly assumes that the Internet architecture cannot be altered to lend itself
better to regulation. While in 1996 the basic TCP/IP protocol made online identification and
content control a considerable challenge for public authorities, the years since have seen the
Internet architecture altered to the extent that law online can now be aggressively enforced.

Linked to this, experience illustrates that Barlow’s contention that “where there are wrongs,
we will identify them and address them by our means” has not held wholly true, at least not
with regard to the torts and criminal acts with which governments have most interest in
regulating on (e.g., IPR infringements, child sexual abuse material, etc). Enforcing online
safety on the basis of community norms is ineffective - or at least extremely challenging - when
scaled to billions of users, and that reality has engendered political justification for
governments to undertake regulatory intervention in cyberspace (at least within the limits of
technology and constitutional frameworks) to enforce law regulating speech and behaviour.

CYBER PATERNALISM

Gerald Dworkin, Professor Emeritus at University of California, Davis, defines paternalism as

"interference of a state or an individual with another person, against their will, and defended or
motivated by a claim that the person interfered with will be better off or protected from harm."
Any act of paternalism will involve some limitation on the autonomy of the subject of the
regulation usually without the consent of the subject, and premised on the belief that such act
shall either improve the welfare of the subject or prevent it from diminishing. Seana Shiffrin,
Professor of Philosophy and Pete Kameron Professor of Law and Social Justice at UCLA, takes
a broader view of paternalism and includes within its scope not only matters which are aimed
at improving the subject's welfare, but also the replacement of the subject's judgement about
matters which may otherwise have lied legitimately within the subject's control. In that sense,
Shiffrin's view is interesting for it dispenses with both the requirement for active interference,
and such act being premised on the subject's well-being.

The central premise of John Stuart Mill's On Liberty is that the only justifiable purpose to exert
power over the will of an individual is to prevent harm to others. "His own good, either physical
or moral," according to Mill, "is not a sufficient warrant." However, various scholars over the
years have found Mill's absolute prohibition problematic and support some degree of
paternalism. John Rawls' Principle of Fairness, for instance has been argued to be inherently
paternalistic. If one has to put it in a nutshell, the aspect about paternalism that makes it
controversial is that it involves coercion or interference, which in any theory of normative
ethics or political science needs to be justified based on certain identified criteria. Staunch
opponents of paternalism believe that this justification can never be met. Most scholars
however, do not argue that all forms of paternalism are untenable and the bulk of scholarship
on paternalism is devoted to formulating the conditions under which this justification is
satisfied.

Paternalism interferes with self-autonomy in two ways according to Peter de Marneffe, the
Professor of Philosophy at the School of Historical, Philosophical and Religious Studies,
Arizona State University. The first is the prohibition principle, under which a person's
autonomy is violated by being prohibited from making a choice. The second is the opportunity
principle which undermines the autonomy of a person by reducing his opportunities to make a
choice. Both the cases should be predicated upon a finding that the paternalistic act will lead
to welfare or greater autonomy. According to de Marneffe, there are three conditions under
which such acts of paternalism are justified - the benefits of welfare should be substantial,
evident and must outweigh the benefits of self-autonomy.

There are two main strands of arguments made against paternalism. The first argues that
interference with the choices of informed adults will always be an inferior option to letting
them decide for themselves, as each person is the 'best judge' of his or her interests. The second
strand does not engage with the question about whether paternalism can make better decisions
about individuals, but states that any benefit derived from the paternalist act is outweighed by
the harm of violation of self-autonomy. Most proponents of soft-paternalism build on this
premise by trying to demonstrate that not all paternalistic acts violate self-autonomy. There are
various forms of paternalism that we do not question despite them interfering with our
autonomy - seat belt laws and restriction of tobacco advertising being a few of them. If we try
to locate arguments for self-autonomy in the Kantian framework, it refers not just to the ability
to do what one chooses, but to rational self-governance. This theory automatically "opens the
door for justifiable paternalism." In this paper, I assume that certain forms of paternalism are
justified. In the remaining two section, I will look at two different theories advocating greater
paternalism in the context of privacy governance and try to examine the merits and issues with
such measures.

NUDGE AND LIBERTARIAN PATERNALISM

What is nudge: In 2006, Richard Thaler and Cass Sunstein published their book Nudge:
Improving decisions about health, wealth and happiness. The central thesis of the book is that
in order to make most of decisions, we rely on a menu of options made available to us and the
order and structure of choices is characterised by Thaler and Sunstein as "choice architecture."
According to them, the choice architecture has a significant impact on the choices that we
make. The book looks at examples from a food cafeteria, the position of restrooms and how
whether the choice is to opt-in or opt-out influences the retirement plans that were chosen. This
choice architecture influences our behaviour without coercion or a set of incentives, as
conventional public policy theory would have us expect. The book draws on work done by
cognitive scientists such as Daniel Kahneman and Amos Tversky as well as Thaler's own
research in behavioural economics. The key takeaway from cognitive science and behavioural
economics used in this book is that choice architecture influences our actions in anticipated
ways and leads to predictably irrational behaviour. Thaler and Sunstein believe that this
presents a great potential for policy makers. They can tweak the choice architecture in their
specific domains to influence the decisions made by its subjects and nudge them towards
behaviour that is beneficial to them and/or the society.

The great attraction of the argument made by Thaler and Sunstein is that it offers a compromise
between forbearance and mandatory regulation. If we identify the two ends of the policy
spectrum as - a) paternalists who believe in maximum interference through legal regulations
that coerce behaviour to meet the stated goals of the policy, and b) libertarians who believe in
the free-market theory that relies on the individuals making decisions in their best interests,
'nudging' falls somewhere in the middle, leading to the oxymoronic yet strangely apt phrase,
"libertarian paternalism." The idea is to design choices in such as way that they influence
decision-making so as to increase individual and societal welfare. In his book, The Laws of
Fear, Cass Sunstein argues that the anti-paternalistic position is incoherent as "there is no way
to avoid effects on behaviour and choices."

The proponents of libertarian paternalism refute the commonly posed question about who
decides the optimal and desirable results of choice architecture, by stating that this form of
paternalism does not promote a perfectionist standard of welfare but an individualistic and
subjective standard. According to them, choices are not prohibited, cordoned off or made to
carry significant barriers. However, it is often difficult to conclude what it is that is better for
the welfare of people, even from their own point of view. The claim that nudges lead to choices
that make them better off by their own standards seems more and more untenable. What nudges
do is lead people towards certain broad welfare which the choice-architects believe make the
lives of people better in the longer term.

NETWORK COMMUNITARIANISM

The concept of Network Communitarianism was developed relatively recently by Andrew

Murray (2006) as a school of thought relating to the regulation of the internet. As such, it builds
upon Actor Network Theory (Callon, 1999; Hetherington and Law, 2000; Latour, 2005; Law,
1992) and Social Systems Theory (Luhmann, 1986, 1995) and seeks to provide a bridge
between the schools of cyber libertarianism and cyber-paternalism that developed advocating
either a lessez-faire or an overprotective approach to regulating cyber-space. Indeed, the
regulation of cyberspace, especially among the first generation of scholars, provided ample
opportunities to observe and study issues of regulation of a ‘space’ where laws did not seem to
apply and to consequently question the nature of participatory involvement in the creation of
spaces and in the communication between the users (participants) of those.

Andrew Murray’s theory suggests that systems of networks created in cyber-space can be
responsible for the regulation of this space they virtually occupy by engaging in space-specific
practices. He observes how groups of networks operate both as actors in the network and as
closed or Luhmannian social systems. According to Murray, communication between these
groups of networks is key in understanding their engagement and the creation of norms that
can in their turn, influence the way regulation happens. Thus, the systems become actors in the
network able to affect change and create an environment whereby they not only actively
participate but also by-pass any top-down regulatory attempts. Thus, Network
Communitarianism can provide answers where traditional legal and social tools stop.

Borrowing from this innovative theory, this paper attempts to apply Network
Communitarianism to place management as it is believed that it can help address participatory
place making, and participatory decision making more specifically. By replacing Murray’s
‘space’ with ‘place’, the paper seeks to re-configure Network Communitarianism as an
inclusive process and also ‘measure’ its applicability by making use of a case study chosen
specifically thanks to its uniqueness with respect to the networks that occupy it: this is the case
of the Rog Factory urban squat within Ljubljana, Slovenia.

ISSUES OF JURISDICTION: CYBER JURISDICTION

The internet can be seen as a multi-jurisdictional because of the ease which a user can access
of website anywhere in the world. It can be even viewed as a jurisdictional in the sense that
from the user ‘s perspective that the state and national borders are essentially transparent. For
courts determining jurisdiction situation is more problematic. The court in Zippo mfg. v. Zippo
dot com inc said that there is a global revolution looming on the horizon and the development
of the law in dealing with the allowable scope of personal jurisdiction based on internet use in
its infancy

The developing law of jurisdiction must address whether a particular event in cyber space is
controlled by the law of state or country where the website is located, by the law of the state or
the country where the internet service provider is located. A number of commentators have
voiced their opinion that cyber space should be treated as separate jurisdiction. In practice this
view has not been supported or addressed by the law makers. National laws and judicial
decisions that exert extra-territorial jurisdiction can have negative and often unintended
consequences. For the sake of analogy, let’s call them the “extraterritoriality Internet
symptoms”:

Unpredictability – The unpredictability of how domestic laws might apply and be

enforced can stifle innovation because it creates greater risk and uncertainty for new
product and services.
Inconsistency – As different organizations try to implement decisions and rules, there can
be variance in how rules are implemented. With a proliferation of rules and complexity,
only the largest organizations may be able to comply.
Power-grabs – Some states are trying to grab back power over the Internet, and from other
countries, seeing it as a threat to their authority. This can intensify the conflict of laws as
each country or court races to come out on top, and can even create a wider sense of
uncertainty and resentment of interference from abroad. The resulting confusion to users
could reduce their trust in the Internet.
Uncoordinated action – Unilateral regulatory actions at a national level displace and
undermine collaborative ways of examining issues and impede the development of
international norms. While increasing friction between both networks and nationstates, they
produce outcomes restricted to the social and economic sensitivities of one jurisdiction or
even just one set of stakeholders.
Fragmentation – Applications running in the Internet start to behave differently in
different countries, 16 or content is unavailable. The result is an increasing degree of
 Internet fragmentation, making certain people ‘second class citizens’, and concentrating
the benefits of innovation in some countries, as products and services from abroad are
barred or dissuaded from entering their market.

A negative externality is when the benefit of doing something is enjoyed by some people or
organizations, but the costs are largely borne by others. A classic example is airborne pollution
created in one country that poisons rivers and forests in another. Jurisdictional extraterritoriality
can create negative externalities on the networks - by undermining the Internet Invariants - and
more broadly on governance and participation in the digital economy

1. MINIMUM CONTACTS TEST

A two-part test for determining jurisdiction of the forum court over a defendant not residing ot
carrying on business within the prescribed jurisdiction. a. The Plaintiff needs to show that the
defendant had sufficient number of minimum contacts in the forum That is, the plaintiff has to
show that the defendant must have purposefully directed its activities towards the forum state
or otherwise ‘purposefully availed’ of the privilege of conducting activities in the forum state.
Basically, in simple terms conducting of business in the state where the jurisdiction is evoked.
b. The forum court had to be satisfied that exercising jurisdiction would comport with the
traditional notions of fair play and substantial justice.

The objectives fulfilled by this test were:

A. It protects the defendant from the problem of litigation in a distant forum.

B. To ensure that the states do not “reach out beyond the limits imposed on them by their status
as coequal sovereigns in a federal system.”

This test evolved in the case of Shoe Co. v. Washington 326 U.S. 340 (1945).

2. PURPOSEFUL AVAILMENT TEST

This test was explained in the case of Cybersell, Inc. v. Cybersell, Inc., 130 F.3d 414 (9th Cir.
1997). If the defendant has taken deliberate action within, the forum state of if he has created
continuing obligation by residing in that place with the other forum residents, he is subject to
purposeful availment. Physical presence is not mandatory provided that the forum residents are
affected. A three-part test was formulated with the issue of jurisdiction over the defendant:

a. The non-resident defendant must do some act by which he invokes the jurisdiction of the
forum and its benefits and protections thereof.
b. The claim must arise of the forum related activities of the defendant.

c. There should be reasonable exercise of jurisdiction.

This test was evolved in the case of Hanson v. Denckla 357 U.S. 235 (1958).

3. SLIDING SCALE TEST

The likelihood that personal jurisdiction can be constitutionally exercised, is directly

proportionate to the nature and quality of commercial activity that an entity conducts over the
internet, lead to the comparison with a sliding scale. The specific personal jurisdiction is based
on Internet Activity. The case which evolved this test was of Zippo Manufacturing Co. v. Zippo
Dot Com. Inc.952 F. Supp. 1119, 1124 (W.D. Pa. 1996). The three categories divided into:

a. Passive- Passive information is information available to viewers without any means to

respond. Courts ordinarily would not be expected to exercise personal jurisdiction based solely
on a passive Internet website, because to do so would not be consistent with traditional personal
jurisdiction law.

b. Interactive- It allows the defendant to communicate with the people of the forum state and
the people of the forum state can also communicate back.

c. Integral to the Defendant’s business. - An integral site is used by the defendant to conduct
transactions with the people of the forum state and receive messages from specific customers.

4. EFFECTS TEST

If the operator of a website intends to cause an effect in a given forum ad establishes the same,
he avails the privilege of doing business there. For example, a non-resident of California
allegedly operated a scheme consisting of registering exclusive Internet domain names for his
own use that contained registered trademarks. The defendant allegedly demanded fees from
Panavision, a well-known California resident, and other businesses that asked him to
discontinue his unauthorized use of their trademarks. The Ninth Circuit affirmed a finding of
specific personal jurisdiction in California federal court over the defendant by the defendant’s
having committed a tort “expressly aimed” at California. It reasoned that the defendant could
foresee the harm done in California and therefore satisfied the minimum contact requirement.

SPIDERS
Spiders are the programs used by search engines to create catalogs of information about the
web. Like spam spiders indiscriminately touch everyone’s sites. But in contrast to spam, most
internet users, including both consumers and businesses, find spiders useful. Most search
engine databases are compiled in large part by software programs that search web-servers and
index their contents. These programs are variously known as “spiders,” “robots,” or “crawlers.”
A small amount, perhaps fifteen percent, of the material on the Internet has been indexed and
can be located using search engines such as Google, Yahoo, or FindLaw. Spiders have largely
been viewed as beneficial. The operators of web search engines provide a necessary service,
allowing individuals to find otherwise obscure information and allowing creators of
information resources to rise from obscurity. Consumers use search engines, made possible by
spider-searches and indexes, to locate information on the Internet – an almost impossible task
without search engines. Consumers also appreciate the value-added services that may be
included, such as reviews and rankings of websites, organized hierarchical indexes, caching
(back-up copies stored on the search engine’s website in the event that the original server is
not functioning), and comparison shopping.

CYBERSPACE TRESPASS TO CHATTELS

The revival of the trespass to chattels doctrine in the context of cyberspace has had unexpected
and far-reaching consequences. Trespass to chattels, a doctrine developed to protect physical
property, initially seemed to courts to be merely a useful doctrinal tool to control spam,
unwanted commercial bulk e-mail. However, the doctrine has recently expanded into other
situations, making visible the flaws inherent in applying to cyberspace doctrines based in real
and tangible property.

The Classic Trespass to Chattels Action:

Trespass to chattels, an old and rarely-used common law tort action, provides redress for the
unauthorized uses or intermeddling with another’s personal property. Chattel, or personal
property, is defined as physical, tangible property and is distinguished from both real property
and intellectual property. “Trespass” has likewise been defined as a tangible interference with
property, requiring physical contact with the property as a threshold matter. The trespassory
use must be intentional, unauthorized, and substantial.

The Emergence of Cyberspace Trespass to Chattels:

The 1996 California Appellate Court decision in Thrifty-Tel v. Bezenek established the notion
that electrons and electronic signals are sufficiently physical and tangible to constitute
intermeddling, and a trespass to chattels. In Thrifty-Tel, a telephone operator sued the families
of two minors who hacked the telephone system. The court in Thrifty-Tel found the presence
of electronic signals constituted trespass to chattels, relying principally on cases involving
intangible interferences in real property (land), not chattel property. Having relied on cases that
moved intangible interferences from the realm of nuisance to the realm of trespass, Thrifty-Tel
then moved intangible interferences even further, from trespass to land to trespass to chattels.
Trespass to chattels was first applied to the Internet in a spam case, CompuServe v. Cyber
Promotions, in which the ISP CompuServe sued Cyber Promotions for spamming CompuServe
account-holders. CompuServe followed Thrifty-Tel in finding that electronic “touches”
constituted a sufficient trespass to meet the requirements for trespass to chattels to apply.

This was despite the fact that the very same electronic “touches” were not only permitted by
CompuServe, but they were the exact kind of uses that comprised any ISP’s principal service—
receipt and delivery of email to accountholders who paid for that service. CompuServe
transformed these electronic touches, which form the basis of all communications on the
Internet, into trespasses any time an ISP merely withdraws its permission to a particular sender.
The defenses which CyberPromotions raised—a First Amendment right to communicate to
users, and access to CompuServe as a public utility—were dismissed by the court with slim
analysis.

CONCEPT OF DIGITAL AND ELECTRONIC SIGNATURE.

The term Digital Signature has been there in the Information Technology Act, 2000 since
inception whereas the term Electronic Signature was inserted in the Information Technology
Act, 2000 by the Information Technology (Amendment) Act, 2008.

Sec. 2(1)(p) of the Information Technology Act, 2000 defines the term "Digital Signature" as
authentication of any electronic record by a subscriber by means of an electronic method or
procedure in accordance with the provisions of Sec. 3 whereas Sec. 2(1)(ta) (as inserted by IT
Amendment Act. 2008) of the Information Technology Act, 2000 defines the term "Electronic
Signature" to mean authentication of any electronic record by a subscriber by means of the
electronic technique specified in the Second Schedule and includes digital signature. A digital
signature is a "secure" electronic signature, but an electronic signature is not necessarily a
digital signature.
Difference between Digital Signature and Electronic Signature Basis Digital Signature
Electronic Signature

1.Scope- A digital signature is an electronic signature. Digital signatures are actually a sub-set
of electronic signatures because they are also in electronic form. The term electronic signature
is broader than digital signatures.

2.Genesis- It uses asymmetric crypto system (key pair) It uses electronic technique specified
in the Second Schedule and includes digital signature.

3.Technology- It is technology-specific (public key cryptography). It is based on cryptography

codes. It is ‘Technology neutral’. It may be created by different technologies e.g. secret code
or PIN used with ATM, retinal scan etc.

4. Security- Due to the technology used, digital signature offers more security. It is less secure
as compared to digital signature when it adopts methods other than digital signature.

DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE AS DEFINED UNDER

THE LAW

ELECTRONIC SIGNATURE

Sec 2 (ta) of Information Technology Act 2000 had defines electronic signature as:

“Authentication of any electronic record by a subscriber by means of the electronic technique

specified in the second schedule and includes digital signature.”

The definition of electronic signature includes digital signature and other electronic techniques
which may be specified in the second schedule of the Act, thus an electronic signature means
authentication of an electronic record by a subscriber by means of electronic techniques. The
adoption of ‘electronic signature’ has made the Act technological neutral as it recognizes both
the digital signature method based on cryptography technique and electronic signature using
other technologies.

TYPES OF ELECTRONIC SIGNATURE

Unsecured Signature

Since Electronic Signature is more of an unsecured type of signature, there are affixations that
are marked in the end for reference. However, as stated earlier, they can be easily tampered
and not provide much of the focus on the authenticity of the Identity. Following are the types
of Electronic Signature:

1) Email Signature– Just merely typing one’s name or symbol in the end of an email or
sending a message on letterhead, they can easily be forged by anyone else.

2) Web Based Signature– In many organizations, the Company dons many hats with regards
to activities conducted in the Organizations, this may make the organization fall for Web-based
clickwrap contracts in which the acceptance is made merely by clicking a single button. Such
signatures bind the party even if they were conned fraudulently.

The advancement of growing online transactions has caused variety of cybercrime to take place
right from the deceptiveness to hidden identity. It is for this reason that Digital Signature is
taken as a more stringent form of signature and to protect the identity of the sender. There are
more advanced ways to curb the menace caused in Electronic Signatures as well.

Secured Signature

This includes the signatures which are digitally secured and also which have more legal
weightage.

Digital Signature

• According to section 2(1)(p) of the Information Technology Act, 2000 digital signature
means the authentication of any electronic record by a person who has subscribed for
the digital signature in accordance to the procedure mentioned under section 3 of the
same act.

• Section 5 of the Information Technology Act, 2000 gives legal recognition to digital
signatures.

DIFFERENCE BETWEEN ELECTRONIC SIGNATURE AND DIGITAL SIGNATURE

S.No Electronic Signature Digital Signature

It has been defined under Section 2(1)

It has been defined under Section 2(1)(p) of
1. (ta) of the Information Technology
the Information Technology Act, 2000.
Act, 2000.
 It is technologically neutral, ie. no
specific technological process is to be It follows a technology-specific approach
2.
followed to create an electronic such as usage of hash functions etc.
signature.

It uses public key cryptography system to

It can be created by using various sign up for a particular message which
3. available technologies like attaching a requires a pair of keys ie. a private key for
picture of your signature. encryption and a public key for decryption,
computed by using a hash function.

It can be in the form of a name typed at

the end of an email, a digital version of It involves the usage of Cryptographic
4. a handwritten signature in the form of system of constructing the signature with a
an attachment, a code or even a two-way protection system.
fingerprint.

It is less authentic as compared to the It has more authenticity as compared to the

5.
digital signature. electronic signature.

It is verified through the signer’s It has a certificate-based digital 10

6.
identity. verification.

7. It is used for verifying a document. It is used as a means for securing a document.

8. It has no expiration or validity period. It is valid up to a maximum of three years.

9. It is easily vulnerable to tampering. It is more secure and highly reliable.

USAGE OF DIGITAL SIGNATURE

1) Personal Use- It is at the liberty of the individual to use the signature personally without
creating the hassle to personally be at the given place.
2) Business– Professions such as Architecture, Construction and Engineering Companies
require to sign the tenders, market procurements or even biddings, Digital signature can
prove to be a great way to provide the assent.
3) Return filing for GST– GST filing and E-filing causes the individuals to compulsory opt
for Digital Signatures.
4) Filing for Income Tax– Some corporations require the business to file the tax all over
India, thus saving the light of the day.
5) For ROC E-filing– Filing with registrar of Companies and filing for various documents
has caused enough leverage for individuals to opt for Digital Signature.
FEATURES OF DIGITAL SIGNATURE

The authenticity of the sender: The person who receives the electronic message or document
is able to realise who is the sender of the message. The digital signature makes it possible to
verify the name of the person signing the message digitally.

The integrity of the message: The receiver of the electronic message is able to determine
whether he/she has received the original document or whether the document has been altered
before the receipt or not.

Non- Repudiation: The sender of the message cannot refute the contents of the electronic
message and cannot deny that he/she had never sent the message.

Authentication using Digital Signature

The authentication of the electronic record is done by creating a digital signature which is a
mathematical function of the message content. Such signatures are created and verified by
Cryptography, which is a branch of applied mathematics. It is used to secure the confidentiality
and authentication of the data by replacing it with a transformed version that can be reconverted
to reveal the original data only to someone who has the proper key.

A key is a sequence of symbols that controls the operation of a cryptographic

transformation.
It involves two processes which are as follows.
1. Encryption: The process of transforming the plain message into a cipher text.

2. Decryption: The reversal of Cipher text into the original message.

Asymmetric Encryption

Can only be decrypted using a publicly available key known as the ‘Public Key’ provided by
the sender. The procedure has been under Section 2(1)(f) of the Information Technology Act,
2000. Under this system, there is a pair of keys, a private key known only to the sender and a
public key known only to the receivers.

The message is encrypted by the private key of the sender, on the contrary, decryption can be
done by anyone who is having the public key. It depicts the authenticity of the sender. It is also
known as the ‘principle of irreversibility’ ie. the public key of the sender is known to many
users, but they do not have access to the private key of the sender which bars them from forging
the digital signature.

Symmetric Encryption

There is only a single key known to both the sender and the receiver. Under this system, the
secret key or the private key is known to the sender and the legitimate user. This secret key is
used for both encryption and decryption of the message.

The only drawback of this symmetric encryption is that as the number of pairs of users
increases, it becomes difficult to keep track of the secret keys used.

Benefits of Digital Signature

• Authenticity.

• Non-deviability.

• Message cannot be altered in between the transmission.

Process followed for the creation of digital signature

Digital signatures are becoming very popular in the whole world. Countries that approve the
use of digital signatures have a structure that governs the acquisition and use of the digital
signature. Even so, regardless of the country that you come from; the way of acquisition is
standard. Digital signatures are created and issued by qualified individuals. For anyone to get
a valid digital certificate, they must get it from a certifying authority (CA).

The Certifying Authority (CA) is a kind of Trust Service Provider, and it is a third-party
organization that is trusted and accepted in a country. It has the power of issuing the citizens
with digital signatures. These CAs have rules and regulations that they have to keep and be
governed by.

Firstly, a person needs to get a Digital Signature Certificate from the Certifying Authorities.
After that, the following process is followed:
1. The original message of the sender is demarcated in order to get the message digest, with
the help of the hash function.
2. Then the private key is used to encrypt the message digest.
3. The encrypted message digest becomes the digital signature by using the signature function.
4. The digital signature is then attached to the original data
5. Two things are transmitted to the recipient:
The Original message

The digital signature

Rule 4 of the Information Technology (Certifying Authorities) Rules, 2000, explains the
procedure of digital signature as:

To sign an electronic record or any other item of information, the signer first applies
the hash function in the signer’s software. A hash function is a function which is used
to map data of arbitrary size onto data of a fixed size. The values returned by a hash
function are called hash values, hash codes, digests, or simply hashes
The hash function computes a hash result of standard length, which is unique to the
electronic record.
The signer’s software transforms the hash result into a Digital Signature using the
signer’s private key.
The resulting Digital Signature is unique to both electronic record and private key
which is used to create it.
The Digital Signature is attached to its electronic record and stored or transmitted with
its electronic record.
Verification of Digital Signature

The recipient receives the original message and the digital signature. After this, there are two
steps which need to be followed:

A new message digest is recovered from the original message by applying the hash
result.
The signer’s public key is applied to the digital signature received by the recipient and
another message digest is recovered as the outcome of it.
If both the message digests are identical, it means that the message is not altered.
Rule 5 of the Information Technology (Certifying Authorities) Rules, 2000, explains the
method of verification of digital signature as:
The verification of a Digital Signature shall be accomplished by computing a new hash result
of the original electronic record by means of a hash function which is used to create a Digital
Signature and by using the public key and the new hash result.

ELECTRONIC GOVERNANCE UNDER INFORMATION TECHNOLOGY ACT,2000

Section 4 of the Indian IT Act, 2000 confers legal recognition to electronic records. Paper based
documents are equated with electronic records so long as they are made available in electronic
form and are accessible so as to be usable for a subsequent reference. Section 5 confers legal
recognition to digital signatures and equates it with handwritten signatures. The authentication
of such digital signatures will be ensured by means of digital signatures affixed in such manner
as the Central Government prescribes.

Section 6 aims to eliminate red tapism and promote use of electronic records and digital
signatures in Government and its agencies. It provides for filing documents online with
governmental authorities, grant of licenses /approvals and receipt/payment of money. Section
7 allows retention of electronic records akin to paper-based records to fulfil legal requirement
of retention of records.

In case of the electronic as well as the traditionally printed gazette, it is stipulated that
publication of rules, regulations and notifications in the Electronic Gazette shall also be legally
recognized (Section 8). Therefore, where the publication of any rule, regulation, byelaw and
notification is required to be published in the Official Gazette, such requirement is satisfied if
the same is published electronically. Further, where such Official Gazette is published in both
electronic as well as printed form, the date of publication shall be the date of publication of the
Official Gazette that was first published, whatever may be the form. At the same time, no
person can insist on electronic filing of returns or records, as the Government needs sufficient
time to set up set infrastructure facilities that will enable them to conduct electronic transactions
in the future (Section 9).

The Central Government has been conferred with the power to make rules in respect of Digital
Signature, interalia, the type, manner, format in which digital signature is to be affixed and
procedure of the way in which the digital signature is to be processed (Section 10).Recently,
implementing the e-governance provisions, the Indian railways has started the internet
reservation facility on its website wherein reservations can be made online through use of credit
cards. Also, the Ministry of company affairs has launched its online filing automated system
MCA21 for establishing of new companies in India.
 MENTION OF E-GOVERNANCE AND ASSOCIATED PROVISIONS IN THE IT
ACT, 2000

To know what an e-record is, it is important to understand the electronic record's meaning. The
electronic record meaning is best described in the legal recognition of electronic records, digital
signatures, and associated topics, for which the following provisions of the IT Act, 2000 was
formulated.

• Legal Recognition of Electronic Records (Mentioned in Section 4 of the Act)

For any important point to become a law, it is needed to be written, printed, or typewritten. It
can also be considered to be a law if the information is provided in an electronic form.
However, the electronic form must be accessible all the time for subsequent referencing.

• Legal Recognition of Signatures (Mentioned in Section 5 of the Act)

Most of the documents related to a person are authenticated by his or her signature. If the person
can produce a digital form of his signature acceptable by the central government, then the
person is legally allowed to validate the documents with the digital signature. This is the
summary of the legal recognition of digital signature provision.

• Application of Digital Signature and Electronic Records in Government and its

Agencies (Mentioned in Section 6 of the Act)

According to this provision, if the law allows a person

To fill an application, form, or document related to Government authorities or

related agencies,
To issue or grant sanction, license, approval, or permit in a particular way,
To Pay or receive money in a certain manner
then the person can certainly do so in an electronic form if he maintains the government-
approved format.

Additionally, the manner and format of creating, issuing, and filing electronic records, and the
methods of payment of fees for the same may be prescribed.

• Retention of Electronic Records (Mentioned in Section 7 of the Act)

The law can also retain the electronic form of any information, document, or record if it needs
to do so. Retention of records can take place if the records are accessible and available for
subsequent referencing, the format of the information is unchanged, or accurately represent the
original information, and adequate information of the destination, origin, and date and time of
receipt or dispatch of the record. The law does not hold for automatically generated information
related to the dispatch or receipt of the record. However, the provision does not apply to laws
that expressively provide for electronic retention of documents, records, and information.

• Publications of rules and regulations in Electronic Gazette (mentioned in Section

8 of the Act)

If the law requires to publish any official rule, regulation, notification, by-law and related
matters in the Official Gazette, then it can also do so in the Electronic Gazette. The publication
date of such rules and regulations will be the same as its first published date in any form of the
Gazette.

• Section 6, 7, and 8 does not Provide the Right to insist Acceptance of an Electronic
Form of the Document (Mentioned in Section 9 of the Act)

The previous sections 6, 7, and 8 do not grant the right to any person to insist on the issuance,
acceptance, retention, or creation of any document or monetary transactions directly from the
central or the state government, ministry of the department, or associated agencies.

• Provide Power to the Central Government to Make Rules for Legal Recognition
of Digital Signatures (Mentioned in Section 10 of the Act)

According to the IT Act, 2000, the central government has the power to prescribe:

Format and manner of affixation of the digital signature.

Digital signature type.
Identification procedure for the person who affixes the digital signature.
Determines the procedures to justify the security, integrity, and confidentiality of
electronic records.
Any other legal procedures for digital signature.
Data Protection

According to Section 43A of the IT Act, 2000, if the body responsible for maintaining the
security of personal information and data in a computer resource show negligence leading to
wrongful gain or loss, then the body is liable for paying damages as compensation up to 5 crore
rupees. Additionally, the Government of India incorporated the Information Technology
Rules, 2011, under section 43A of the IT Act, 2000, which applies the rules of security to all
corporate bodies in India.

SMART GOVERNANCE IN INDIA

The last two centuries have seen many revolutionary changes in government structures. The
feudal structure of earlier administration was mainly concentrated on defence and revenue with
small involvement in health and education sector. The context of the administration changed
during the times of industrial revolution with the emergence of new political philosophies. The
post-second world war period saw the emergence of the welfare state leading to a new outlook
for administration. The era of globalisation led to "New Public Management" which led to a
complete reconfiguration of administrative outlook.

Good Governance through "SMART" Governance: In the 21st Century, the democratic
states have become a synonym of a welfare state. The democratic government acts as a service
provider. The government uses government machinery to reach to its citizen and provide
necessary services in an efficient and equitable manner. SMART captures the important
attributes of Good Governance i.e. Simple, Moral, Accountable, Responsive and
Transparent government.

• Simple --Citizen expects a user-friendly government with the simplicity of laws, rules,
regulations, processes. To achieve simplicity, in the delivery of services. The
government is implementing Single Window one-stop services through CSC to
facilitate delivery of services to a common citizen under its e-governance framework.

• Moral - The word Moral in SMART governance denotes emergence of a new system
of governance based on moral values. The cleaning up process is very slow but it is
very essential for the survival of values cherished by Good Governance. Some of the
processes like systematic changes in electoral reforms, downsizing of government,
enhancing literacy, increasing awareness and participation can take a longer duration
to show its effects. However, such programmes should not be overlooked.

• Accountability - It is the soul of a democratic government and the very cornerstone of

public administration.
• Responsiveness It refers to the quality of being attentive to the needs of common man.
A responsive administration shows urgency in responding to different problems faced
by the common man. Citizen Charter developed in 1990's in the UK can be used to
improve the responsiveness of the government. Citizen's Charter is a set of assurances
given by the government agency on the quality of service and time limit for delivery.

• Transparency - Transparency brings some of the essential virtues into public life such
as equity, level playing field and the rule of law. These virtues confer social benefits to
the people with no discretion and no scope of corruption. Transparency arises out of
the citizen's Right To Information (RTI), the right to know why certain decisions
were taken.