|
Keane Insight
What's wrong with our cyber laws?
Three years have passed since parliament passed the IT Act, but India’s
first cyber law is still hard to implement. SUSHMA NAIK looks at the loopholes
in the law and the changes that need to be made
 |
PAVAN DUGGAL says that the IT Act is completely inadequate
as it has several drawbacks and grey areas |
G SHYAM (name changed on request of anonymity) is a hassled chief information
officer (CIO) of a leading private bank. For close to a week, the CIO has been
monitoring attempts by hackers to break into the bank’s network. While
the bank has succeeded in tracing the IP address of the supposed hackers, no
action has been taken. Reason: the cyber crime cell in Mumbai is understaffed.
Out of a total workforce of 4,400 police officers, there are only five in the
cyber crime cell—a measly 0.11 percent.
Another problem is the lack of knowledge. Most police personnel are not familiar
with computers, so tremendous effort is required for training and orienting
them on various aspects of detection, investigation and prosecution of cyber
crimes.
“There are few judges and prosecutors who have adequate IT knowledge.
No provision has been made for the police to take expert help in conducting
investigations. At present they use private professionals—and this is
illegal,” says Gautam Patel, a leading lawyer.
Additionally, cyber crimes are covered under civil procedures, which take a
longer time to deliver justice. Cyber lawyers are of the view that the IT Act
has to be amended to enable it to be covered under a criminal procedure that
would make the act deliver results faster.
Implementation is not the only problem. Domain name issues are presently covered
by legal norms applicable to intellectual properties, including trademarks.
Abuse of chat rooms, cyber stalking, misappropriation and misuse of credit card
numbers are just a few of the many other loopholes which are still not addressed
by IT Act. When the act was announced way back in 2000, market watchers across
the world called it revolutionary. But three years on the act has remained static
while the rest of the world has changed.
Says Pavan Duggal, a noted cyber lawyer, “The IT Act, in spite of being
a special law, has done little to achieve the objectives stated in its preamble.
In the current form the act is completely inadequate as it has several drawbacks
and grey areas.” He says that till the government makes provisions for
recognition and correction of drawbacks, the legal status of electronic payments
will remain in limbo. The only positive amendment to the act is in the form
of admissible evidence; the Evidence Act has been amended to include all electronic
documents as permissible evidence.
Most lawyers Express Computer spoke to believe that many corporates resist filing
cases because there is no clear understanding of the legal implications. India
has also witnessed cases of cyber stalking, cyber harassment and cyber defamation.
However, as there is no specific law or provision under the IT Act, a number
of these cases are either not registered or are registered under the existing
provisions of Indian Penal Code—which are ineffective and do not cover
the said cyber crimes.
Since its promulgation, the IT Act 2000 has undergone some changes. One big
change is the recognition of electronic documents as evidence in a court of
law. Market players believe this will go a long way in giving encouragement
to electronic fund transfers and promoting electronic commerce in the country.
However, all hope is not lost as the cyber crime cell is conducting training
programmes for its forces. It also has plans to organise special courses for
corporates to combat cyber crime and use the IT Act effectively. “Many
senior officials are not computer-savvy. We are making attempts through special
programmes to help them use the IT Act effectively,” says Dr Pragnya Sarvade,
DCP, enforcement, cyber crime cell.
- Electronic documents are now accepted as evidence
in a court of law
- Electronic cheques are now accepted as a valid
means of transaction
* In section 81 of the IT Act 2000 through the Negotiable
Instruments (Amendment and Miscellaneous) Act 2002.
|
| Loopholes |
Improvements needed |
| No clear provision for handling of domain name issues.
They are presently covered by legal norms applicable to intellectual properties
such as trademarks |
The act needs amendment for handling domain name
issues and related concerns such as cyber squatting |
| Cyber theft, cyber stalking, cyber harassment and
cyber defamation are presently not covered under the act |
These crimes need to have specific provisions in
the act to enable the police to take quick action |
| Jurisdiction problems are likely to arise as the
act applies to both Indians and foreign citizens |
There should be clear briefs on how the act will
apply to any offence, and how action will be taken against any person who
has committed the crime outside India |
| The law is now covered under civil procedure, making
the enforcement process slow. This deters companies from approaching the
cyber crime cell |
If the law is covered under criminal procedure, the
process could be faster |
| Some definitions in the act are vague and can cause
problems to the plaintiff |
Definitions, prescriptions of punishment and certain
provisions (such as that dealing with hacking) need specific amendment
|
| The act does not lay down parameters for its implementation |
Law enforcement officials need to be trained for
effective enforcement |
sushma@expresscomputeronline.com
|
