Cyber law

1

Business Law

Contents

• Introduction

• Digital Signatures & Electronic Signatures

• Electronic Governance

• Electronic Records

• Controller & Certifying Authorities

• Adjudication,Penalities & Compensation

• Case Study

2

Introduction

• Electronic Commerce

• Information Technology Act , 2000

as amended by

The Information Technology(Amendment) Act,

2008 with effect from 27/10/2009

• Objectives of the Act

• Provision of Act 3

Digital Signatures• Authentication of electronic record shall be effected by the

use of asymmetric crypto system and hash function which envelope and transfer the initial electronic record to another (Sec.2(1)& Sec.3(1))

• Manners of Authentication

• Verification of Digital signatures

• Generation of Digital Signatures Certificate

• Revocation of Digital Signatures Certificate

• Suspension of Digital Signatures Certificate 4

Electronic Signatures

• Authentication of electronic record by a subscriber by means of electronic technique specified in the second schedule (sec.2(1))

• Subscriber

• Duties of Subscriber Generating key pair Acceptance of Digital Signature Certificate Control of private Key Extend Facilities to decrypt information

5

Electronic Governance• Act for Legal recognition of Electronic Records

• Electronic Form

• Electronic Form evidence

• Access

• Computer & Network

• Verification of Electronic Records

• Authentication of Electronic Records

• Use of Electronic Records 6

Electronic Record• Data, Record or data generated, image or sound stored,

received or sent in an electronic form or micro film or computer generated micro fiche(Sec.2(1))

• Originator

• Intermediary

• Liability of Intermediary

• When Intermediary not Liable?

• Indian Computer Emergency Response Team

7

Controller

• Appointment of Controller

• Functions of Controller

• Powers of Controller

To delegate

To Investigate contraventions

To give directions

Access to Computers and date 8

Certifying Authority

• Definition

• Obligations & Duties

Follow Procedures

Cross certification

Security guidelines

Compliances by employees

Disclosures

Confidential Information

Audit9

Adjudication, Penalties& Compensation• Power to Adjudicate• Power to Investigate Offences• Penalty & Compensation for damage to computer• Penalty for failure to furnish information, return• Penalty for securing access to a protected system• Punishment for sending offensive messages• Punishment for identifying theft• Punishment for cheating by Personation• Punishment for violation of privacy• Punishment for cyber terrorism• Penalty for breach of confidentiality & privacy 10

Case Study

• Parliament Attack Case

• Analyzing & Retrieving information from laptops of

terrorists

• Laptops send to Computer forensics division

• Contains information about terrorists motive

• Retrieved the details

• Suitable punishments were given according to the law 11

Questions

12

13