REGULATION CERTIFYING AUTHORITIES

REGULATION CERTIFYING AUTHORITIES

1. Appointment of Controller and other officers

(1) The Central Government may, by notification in the Official Gazette, appoint a Controller of Certifying Authorities for the purpose of this Act and may also by the same or subsequent notification appoint such of Deputy Controllers and Assistant Controllers as it deems fit.

(2) The Controller shall discharge his functions under this Act subject to the general control and directions of the Central Government.

(3) The Deputy Controllers and Assistant Controllers shall perform the functions assigned to them by the Controller under the general superintendence and control of the Controller.

(4) The qualifications, experience and terms and conditions of service of Controller, Deputy Controllers and Assistant Controllers shall be such as may be prescribed by the Central Government.

(5) The Head Office and Branch Office of the office of the Controller shall be at such places as the Central Government may specify, and these may be established at such places as the Central Government may think fit.

(6) There shall be a seal of the Office of the Controller.

2. Functions of Controller

The Controller may perform all or any of the following functions, namely:-
(a) exercising supervision over the activities of the Certifying functions, namely :-

(b) certifying public keys of the Certifying Authorities;

(c) laying down the standards to be maintained by the Certifying Authorities;

(d) specifying the qualifications and experience which employees of the Certifying Authority should possess;

(e) specifying the conditions subject to which the Certifying Authorities shall conduct their business;

(f) specifying the contents of written, printed or visual materials and advertisements that may be distributed or used in respect of a Digital Signature Certificate and the public key;

(g) specifying the form and content of a Digital Signature Certificate and the key;

(h) specifying the form and manner in which accounts shall be maintained by the Certifying Authorities;

(i) specifying the terms and conditions subject to which auditors may be appointed and the remuneration to be paid to them;

(j) facilitating the establishment of any electronic system by a Certifying Authority either solely or jointly with other Certifying Authorities and regulation of such systems;

(k) specifying the manner in which the Certifying Authorities shall conduct their dealings with the subscribers;

(l) resolving any conflict of interests between the Certifying Authorities and the subscribers;

(m) laying down the duties of the Certifying Authorities;

(n) maintaining a data base containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to public.

3. Recognition of foreign Certifying Authorities

(1) Subject to such conditions and restrictions as may be specified by regulations, the Controller may with the previous approval of the Central Government, and by notification in the Official Gazette, recognise any foreign Certifying Authority as a Certifying Authority for the purpose of this Act.

(2) Where any Certifying Authority is recognised under sub-section (1), the Digital Signature Certificate issued by such Certifying Authority shall be valid for the purposes of this Act.

(3) The Controller may, if he is satisfied that the Certifying Authority has contravened any of the conditions and restrictions subject to which it was granted recognition under sub-section (1) he may, for reasons to be recorded in writing in the Official Gazette, revoke such recognition.
4. Controller to act as repository
(1) The Controller shall be the repository of all Digital Signature Certificates issued under this Act.

(2) The Controller shall-

(a) make use of hardware, software and procedures that are secure from intrusion and misuse;

(b) observe such other standards as may be prescribed by the Central Government, to ensure that the secrecy and security of the digital signatures are assured.

(3) The Controller shall maintain a computerised data base of all public keys in such a manner that such data base and the public keys are available to any member of the public.
5. Licence to issue Digital Signature Certificates

(1) Subject to the provisions of sub-section (2), any person may make an application, to the Controller, for a licence to issue Digital Signature Certificates.

(2) No licence shall be issued under sub-section (1), unless the applicant fulfills such requirements with respect to qualification, expertise, manpower, financial resources and other infrastructure facilities, which are necessary to issue Digital signature Certificates as may be prescribed by the Central Government.

(3) A licence granted under this sections shall-

(a) be valid for such period as may be prescribed by the Central Government;

(b) not be transferable or heritable;

(c) be subject to such terms and conditions as may be specified by the regulations.

6. Application for licence

(1) Every application for issue of a licence shall be in such form as may be prescribed by the Central Government.

(2) Every application for issue of a licence shall be accompanied by-

(a) a certification practice statement;

(b) a statement including the procedures with respect to identification of the applicant;

(c) payment of such fees, not exceeding twenty-five thousand rupees as may be prescribed by the Central Government;

(d) such other documents, as may be prescribed by the Central Government.

7. Renewal of licence

An application for renewal of a licence shall be-

(a) in such form;

(b) accompanied by such fees, not exceeding five thousand rupees, as may be prescribed by the Central Government and shall be made not less than forty-five days before the date of expiry of the period of validity of the licence.
8. Procedure for grant or rejection of licence

The Controller may, on receipt of an application under sub-section (1) of section 21, after considering the documents accompanying the application and such other factors, as he deems fit, grant the licence or reject the application: Provided that no application shall be rejected under this section unless the applicant has been given a reasonable opportunity of presenting his case.

9. Suspension of licence

(1) The Controller may, if he is satisfied after making such inquiry, as he may think fit, that a Certifying Authority has,-

(a) made a statement in, or in relation to, the application for the issue or renewal of the licence, which is incorrect or false in material particulars;

(b) failed to comply with the terms and conditions subject to which the licence was granted;

(c) failed to maintain the standards specified under clause (b) of sub-section
(2) of section 20;

(d) contravened any provisions of this Act, rule, regulation or order made thereunder, revoke the licence :
Provided that no licence shall be revoked unless the Certifying Authority has been given a reasonable opportunity of showing cause against the proposed revocation.

(2) The Controller may, if he has reasonable cause to believe that there is any ground for revoking a licence under sub-section (1), by order suspend such licence pending the completion of any inquiry ordered by him : Provided that no licence shall be suspended for a period exceeding ten days unless the Certifying Authority has been given a reasonable opportunity of showing cause against the proposed suspension.

(3) No certifying Authority whose licence has been suspended shall issue any Digital Signature Certificate during such suspension.
10. Notice of suspension or revocation of licence
(1) Where the licence of the Certifying Authority is suspended or revoked, the Controller shall publish notice of such suspension or revocation, as the case may be, in the data base maintained by him.

(2) Where one or more repositories are specified, the Controller shall publish notices of such suspension or revocation, as the case may be, in all such repositories: Provided that the data base containing the notice of such suspension or revocation, as the case may be, shall be made available through a web site shall be accessible round the clock : Provided further that the Controller may, if he considers necessary, publicise the contents of data base in such electronic or other media, as he may consider appropriate.
11. Power to delegate

The Controller may, in writing, authorise the Deputy Controller, Assistant Controller or any officer to exercise any of the powers of the Controller under this Chapter.

12. Power to investigate contraventions
(1) The Controller or any officer authorised by him in this behalf shall take up for investigation any contravention of the provisions of this Act, rules or regulations made thereunder.

(2) The Controller or any officer authorised by him in this behalf shall exercise the like powers which are conferred on Income-tax authorities under Chapter XIII of the Income-tax Act, 1961 and shall exercise such powers, subject to such limitation laid down under that Act.
13. Access to computers and data
(1) Without prejudice to the provisions of sub-section (1) of section 69, the Controller or any person authorised by him shall, if he has reasonable cause to suspect that nay contravention of the provisions of this Act, rules or regulations made thereunder has been committed, have access to any computer system, any apparatus, data or any other material connected with such system, for the purpose of searching or causing a search to be made for obtaining any information or data contained in or available to such computer system.

(2) For the purpose of sub-section (1), the Controller or any person authorised by him may, by order, direct any person incharge of, or otherwise concerned with the operation of, the computer system, data apparatus or material, to provide him with such reasonable technical and other assistance as he may consider necessary.
14. Certifying Authority to follow certain procedures

Every Certifying Authority shall,-
(a) make use of hardware, software and procedures that are secure from intrusion and misuse;

(b) provide a reasonable level of reliability in its services which are reasonably suited to the performance of intended functions;

(c) adhere to security procedures to ensure that the secrecy and privacy of the digital signatures are assured; and

(d) observe such other standards as may be specified by regulations.
15. Certifying Authority to ensure compliance of the Act, etc.

Every Certifying Authority shall ensure that every person employed or otherwise engaged by it complies, in the course of his employment or engagement, with the provisions of this Act, rules, regulations and orders made thereunder.

16. Display of licence

Every Certifying Authority shall display its licence at a conspicuous place of the premises in which it carries on its business.

17. Surrender of licence
(1) Every Certifying Authority whose licence is suspended or revoked shall immediately after such suspension or revocation, surrender the licence to the Controller.

(2) Where any Certifying Authority fails to surrender a licence under sub-section (1), the person in whose favour a licence is issued, shall be guilty of an offence and shall be punished with imprisonment which may extend up to six months or a fine which may extend up to ten thousand rupees or with both.
18. Disclosure
(1) Every Certifying Authority shall disclose in the manner specified by regulations-

(a) its Digital Signature Certificate which contains the public key corresponding to the private key used by that Certifying Authority to digitally sign another Digital Signature Certificate;

(b) any certification practice statement relevant thereto;

(c) notice of the revocation or suspension of its Certifying Authority certificate, if any; and

(d) any other fact that materially and adversely affects either the reliability of a Digital Signature Certificate, which that Authority has issued, or the Authority's ability to perform its services.

(2) Where in the opinion of the Certifying Authority any event has occurred or any situation has arisen which may materially and adversely affect the integrity of its computer system or the conditions subject to which a Digital Signature Certificate was granted, then, the Certifying Authority shall-

(a) use reasonable efforts to notify any person who is likely to be affected by that occurrence; or


(b) act in accordance with the procedure specified in its certification practice statement to deal with such event or situation.

Cyber Laws

CYBER LAWS
With the advent of Computers as a basic tool of Communication, Information Processing, Information Storage, Physical Devices Control, etc., a whole new Cyber Society has come into existence. This Cyber society operates on a virtual world created by Technology and it is the “Cyber Space Engineering” that drives this world. In maintaining harmony and co-existence of people in this Cyber Space, there is a need for a legal regime which is what we recognize as “Cyber laws”.  Cyber Laws are the basic laws of a Society and hence have implications on every aspect of the Cyber Society such as Governance, Business, Crimes, Entertainment, Information Delivery, Education etc. 
WHY THE NEED FOR CYBER LAW?
•  Coming of the Internet.
•  Greatest cultural, economic, political and social transformation in the history of human
    society.
•  Complex legal issues arising leading to the development of cyber law.
•  Different approaches for controlling, regulating and facilitating electronic communication
    and commerce.
CATEGORIES OF CYBER LAWS
•  Laws Relating to Digital Contracts
•  Laws Relating to Digital Property
•  Laws Relating to Digital Rights
•  Law of Cyber Crimes



•  Aims to provide the legal infrastructure for e-commerce in India.
•  India 's codified Cyber law is the Information Technology Act, 2000 (Act 21 of 2000).
•  Based on the INCITRAL Model Law on Electronic Commerce, 1996.
•  IT Act is divided into 13 chapters and has 94 sections.
•  Amendments to IPC, Indian Evidence Act, Bankers Book Evidence Act and RBI Act have
    been effected.



The Act provides for:
•  Legal Recognition of Electronic Documents
•  Legal recognition of Electronic commerce Transactions
•  Admissibility of Electronic data/evidence in a Court of Law
•  Legal Acceptance of digital signatures
•  Punishment for Cyber obscenity and crimes
•  Establishment of Cyber regulations advisory Committee and the Cyber Regulations
    Appellate Tribunal.
•  Facilitation of electronic filing maintenance of electronic records.
THE IT ACT, 2000 – OBJECTIVES
•  To provide legal recognition for transactions:-
•  Carried out by means of electronic data interchange, and
•  Other means of electronic communication, commonly referred to as "electronic commerce",
   involving the     use of alternatives to paper-based methods of communication and storage
   of information,
•  To facilitate electronic filing of documents with the Government agencies
•  To amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker's Book
    Evidence Act, 1891     and the Reserve Bank of India Act, 1934
•  Aims to provide for the legal framework so that legal sanctity is accorded to all electronic
    records and     other activities carried out by electronic means. 
According to the Indian IT Act, 2000 the various Cyber offences are:
•  Tampering with computer source documents
•  Hacking with computer system
•  Publishing of information which is obscene in electronic form
•  Not to obey the direction of Controller
•  Directions of Controller to a subscriber extend facilities to decrypt information
•  Intrusion into protected system
•  Penal action for misrepresentation
•  Breach of confidentiality and privacy
•  Publishing digital signature certificate false in certain particular etc.
•  Act to apply for offence or contravention committed outside India and
•  Confiscation
THE IT ACT, 2000 – POSITIVE ASPECTS
Legality of Email:
•  E-mail will now be a valid and legal form of communication in our country.
•  Can be duly produced and proved in a court of law.
India's strategy for prevention of Computer Crimes 
•  Stipulating the offences which would constitute Computer crimes.
•  Identification of domestic criminal law for possible amendments to meet the requirements
    of prevention of computer     related crimes.
•  Improving international collaborations.
•  Effective prosecution under the existing criminal law.
•  Adaptation and classification of OECD (Organization of Economic Cooperation and
    Development) guidelines.
•  Development of Security guidelines and manuals for implementation of such guidelines.
Crimes Prevention under the IT Act.  
•  Chapter IX provides for Penalties and Adjudication.
•  Chapter XI provides for Offences.
The object of IT Act is to protect:
•  All electronic systems for intrusion;
•  Privacy of certain messages;
•  protect the computer system from unauthorized access
The object of IT Act is to ensure:
•  Compliance to the provisions of the Act;
•  Non-publishing of obscene information.
•  Assistance in the decrypting information in the interest of state and crime control.
The Act also aims at preventing misrepresentation, falsity and fraud and provides for penalty.
Information Technology Act & Indian Penal Code
•  All cyber crimes do not come under the IT Act.
•  Many cyber crimes come under the Indian Penal Code.
Sending threatening messages by email  
-
  Section 506 IPC
Sending defamatory messages by email  
-
  Section 499 IPC
Forgery of electronic records  
-
  Section 465 IPC
Bogus websites, cyber frauds  
-
  Section 420 IPC
Email spoofing  
-
  Section 465, 419 IPC
Web-jacking  
-
  Section 383 IPC
Online sale of narcotics  
-
  NDPS Act
Online sale of weapons  
-
  Arms Act
Hacking  
-
  Section 66 IT Act
Pornography  
-
  Section 67 IT Act
Email bombing  
-
  Section 66 IT Act
Denial of Service attacks  
-
  Section 43 IT Act
Virus attacks  
-
  Section 43, 66 IT Act
Salami attacks  
-
  Section 66 IT Act
Logic bombs  
-
  Section 43, 66 IT Act

I.T. ACT 2000 - Overall Perspectives

The IT Act is a first step taken by the Government of India towards promoting the growth of e-commerce.
It is a first historical step.

Information Technology Act 2000

Introduction of Information Technology Act 2000

Information technology is one of the important law relating to Indian cyber laws. It had passed in Indian parliament in 2000. This act is helpful to promote business with the help of internet. It also set of rules and regulations which apply on any electronic business transaction


Due to increasing crime in cyber space, Govt. of India understood the problems of internet user and for safeguarding the interest of internet users, this act was made.



 The following are its main objectives and scope:-

1. It is objective of I.T. Act 2000 to give legal recognition to any transaction which is done by electronic way or use of internet.


2. To give legal recognition to digital signature for accepting any agreement via computer. 

3. To provide facility of filling document online relating to school admission or registration in employment exchange.

4. According to I.T. Act 2000, any company can store their data in electronic storage. 

5. To stop computer crime and protect privacy of internet users. 

6. To give legal recognition for keeping books of accounts by bankers and other companies in electronic form. 

7. To make more power to IPO, RBI and Indian Evidence act for restricting electronic crime.


Scope 

Every electronic information is under the scope of I.T. Act 2000 but following electronic transaction is not under I.T. Act 2000

1. Information technology act 2000 is not applicable on the attestation for creating trust via electronic way. Physical attestation is must.

2. I.T. Act 2000 is not applicable on the attestation for making will of any body. Physical attestation by two witnesses is must.

3. A contract of sale of any immovable property.

4. Attestation for giving power of attorney of property is not possible via electronic record. 


Highlights the main chapters of I.T. Act 2000 or its main provisions:-

There are 13 chapters in law and all provision is included in this chapters.

1. Chapter II 

Any contract which is done by subscriber. If he signs the electronic agreement by digital signature. Then it will be valid. 

In case bank, the verification of digital signature can be on the basis of key pair.

2. Chapter III

This chapter explains the detail that all electronic records of govt. are acceptable unless any other law has any rules regarding written or printed record.

3. Chapter IV

This chapter deals with receipts or acknowledgement of any electronic record. Every electronic record has any proof that is called receipt and it should be in the hand who records electronic way.

4. Chapter V 

This chapter powers to organization for securing the electronic records and secure digital signature. They can secure by applying any new verification system. 

5. Chapter VI 

This chapter states that govt. of India will appoint controller of certifying authorities and he will control all activities of certifying authorities.

“Certifying authority is that authority who issues digital signature certificate.”

6. Chapter VII


In this chapter powers and duties of certifying authority is given. Certifying authority will issue digital signature certification after getting Rs. 25000. If it is against public interest, then C.A. can suspend the digital signature certificate.

7. Chapter VIII

This chapter tells about the duties of subscribers regarding digital signature certificate . It is the duty of subscriber to accept that all information in digital signature certificate that is within his knowledge is true .

8. Chapter IX 

If any body or group of body damages the computers , computer systems and computer networks by electronic hacking , then they are responsible to pay penalty upto Rs. 1 crore . Fore judgment this , govt. can appoint adjucating officer .

9. Chapter X 

Under this chapter, cyber regulation appellate tribunal can be established. It will solve the cases relating to orders of adjudicating officers.

10. Chapter XI 

For controlling cyber Crime, Govt. can appoint cyber regulation advisory committee who will check all cyber crime relating to publishing others information. If any fault is done by anybody, he will be responsible for paying Rs. 2 lakhs or he can get punishment of 3 years living in jail or both prison and penalty can be given to cyber criminal.

11. Chapter XII

Police officers have also power to investigate dangerous cyber crime under IPC 1860 , Indian Evidence Act 1872 and RBI Act 1934 .


Advantages of I.T. Act 2000


1. Helpful to promote e-commerce 

• Email is valid

• Digital signature is valid.

• Payment via credit card is valid.

• Online contract is valid 

Above all things validity in eye of Indian law is very necessary. After making IT act 2000 , all above things are valid and these things are very helpful to promote e-commerce in India .

2. Enhance the corporate business 

After issuing digital signature, certificate by Certifying authority, now Indian corporate business can enhance.

3. Filling online forms :-

After providing facility, filling online forms for different purposes has become so easy.

4. High penalty for cyber crime 

Law has power to penalize for doing any cyber crime. After making of this law, nos. of cyber crime has reduced.

Shortcoming of I.T. Act 2000

1. Infringement of copyright has not been included in this law.

2. No protection for domain names.

3. The act is not applicable on the power of attorney, trusts and will.

4. Act is silent on taxation.

5. No, provision of payment of stamp duty on electronic documents.

The Genesis and Objective of IT legislation in India:

The Genesis of IT legislation in India: 


Mid 90’s saw an impetus in globalization and computerisation, 
with more and more nations computerizing their governance, and e-commerce seeing an enormous 
growth. Until then, most of international trade and transactions were done through documents being 
transmitted through post and by telex only. Evidences and records, until then, were predominantly 
paper evidences and paper records or other forms of hard-copies only. With much of international trade 
being done through electronic communication and with email gaining momentum, an urgent and 
imminent need was felt for recognizing electronic records ie the data what is stored in a computer or an 
external storage attached thereto. 
The United Nations Commission on International Trade Law (UNCITRAL) adopted the Model Law on 
e-commerce in 1996. The General Assembly of United Nations passed a resolution in January 1997 
inter alia, recommending all States in the UN to give favourable considerations to the said Model Law, 
which provides for recognition to electronic records and according it the same treatment like a paper 
communication and record. 


Objectives of I.T. legislation in India: .


 It is against this background the Government of India
enacted its Information Technology Act 2000 with the objectives as follows, stated in the preface to the
Act itself.
“to provide legal recognition for transactions carried out by means of electronic data interchange and
other means of electronic communication, commonly referred to as "electronic commerce", which
involve the use of alternatives to paper-based methods of communication and storage of information, to
facilitate electronic filing of documents with the Government agencies and further to amend the Indian
Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve
Bank of India Act, 1934 and for matters connected therewith or incidental thereto.”
The Information Technology Act, 2000, was thus passed as the Act No.21 of 2000, got President assent
on 9 June and was made effective from 17 October 2000.

The Act essentially deals with the following issues:

Legal Recognition of Electronic Documents
Legal Recognition of Digital Signatures
Offenses and Contraventions
Justice Dispensation Systems for cyber crimes.

Is water a renewable resource?

Is water a renewable resource?

Water is technically considered a renewable resource because it can be used over and over again and it has a rain cycle. However, it is only in the short-term that water can be thought of as a renewable resource and the sustainability of this renewable resource is questionable. In the next few centuries it is thought that there will be a severe lack of drinking water, and this effect can already be seen today but with less severity. Although there is the same amount of water on the earth today as there was when the earth was formed, only 3% of this water is usable and this figure is decreasing as time passes as more and more water becomes contaminated or polluted.
One of the main reasons that water may become a non-renewable source is the population growth. The population is expanding at a speedy rate, and this is putting enormous pressure on all our resources, even the renewable ones. As more and more people need access to drinking water, our groundwater and surface water reserves are being used up. The water is being used faster than it can replenish itself, and this will inevitably lead to a water shortage in the future.
In conclusion, water should not be regarded as a renewable, unlimited resource. Rather, water conservation should take main priority and we should try to reduce our water consumption in whatever way possible.

National Tiger Conservation Authority (NTCA)

National Tiger Conservation Authority (NTCA)



The Govt. of India had launched “Project Tiger” on 1st April 1973 to promote conservation of the tiger. Project Tiger has been the largest species conservation initiative of its kind in the world. While the field implementation of the project, protection and management in the designated reserves is done by the project States, who also provide the matching grant to recurring items of expenditure, deploy field staff/officers, and give their salaries, the Project Tiger Directorate of the Ministry of Environment and Forests was mandated with the task of providing technical guidance and funding support.

The implementation of Project Tiger over the years has highlighted the need for a statutory authority with legal backing to ensure tiger conservation. On the basis of the recommendations of National Board for Wild Life chaired by the Hon’ble Prime Minister, a Task Force was set up to look into the problems of tiger conservation in the country. The recommendations of the said Task Force, interalia include strengthening of Project Tiger by giving it statutory and administrative powers, apart from creating the Wildlife Crime Control Bureau. It has also recommended that an annual report should be submitted to the Central Government for laying in Parliament, so that commitment to Project Tiger is reviewed from time to time, in addition to addressing the concerns of local people. Broadly the urgent recommendations of the said Task Force are as below:

    * Reinvigorating the constitution of governance.
    * Strengthening efforts towards protection of tiger, checking poaching, convicting wildlife criminals and breaking the international trade network in wildlife body parts and derivatives.
    * Expanding the undisturbed areas for tiger by reducing human pressure.
    * Repair the relationship with local people who share the tigers habitat by fielding strategies for coexistence.
    * Regenerate the forest habitats in the fringes of the tigers protective enclaves by investing in forest, water and grassland economies of the people.

Considering the urgency of the situation, Project Tiger has been converted into a statutory authority (NTCA) by providing enabling provisions in the Wild Life (Protection) Act, 1972 through an amendment, viz. Wild Life (Protection) Amendment Act, 2006. This forms one of the urgent recommendations of the Tiger Task Force appointed by the Prime Minister. The NTCA addresses the ecological as well as administrative concerns for conserving tigers, by providing a statutory basis for protection of tiger reserves, apart from providing strengthened institutional mechanisms for the protection of ecologically sensitive areas and endangered species. The Authority also ensures enforcing of guidelines for tiger conservation and monitoring compliance of the same, apart from placement of motivated and trained officers having good track record as Field Directors of tiger reserves. It also facilitates capacity building of officers and staff posted in tiger reserves, apart from a time bound staff development plan.

The Wild Life (Protection) Amendment Act, 2006 has come into force with effect from the 4th of September, 2006, and the NTCA has also been constituted on the same date.