IMC India - THE PROPOSED IT ACT AMENDMENTS: A CRITICAL EVALUATION-IV-A

English |

Publish!
Post your video, audio, pictures and texts directly from your browser.

News
Immediate covering of the events from the new movements.

Editorial Policy
Learn about this IMC's editorial policy

Be a volunteer
Join this project of media democratization

Contact
Send a message to us.

Help
How to publish your news in all different formats

About IMC
Learn about the principles of the Independent Media Center

IMC chat
Get on our chat channel. Learn how.

Support Indymedia
See other IMC projects and support independent media

Hidden Stories
Stories published twice, stories without content and stories violating the Editorial Policy.

Other IMCs

[an error occurred while processing this directive]

THE PROPOSED IT ACT AMENDMENTS: A CRITICAL EVALUATION-IV-A
By Praveen Dalal 05/09/2005 At 03:03

A work analysing the proposed amendments.

PRAVEEN DALAL, CONSULTANT AND ADVOCATE, DELHI HIGH COURT.

Chapter-X- No comments.

CHAPTER-XI: OFFENCES

Since this is the most important and core Chapter of the Act, I wish to deal with it section wise.

Section 66: Computer related offenses: If any person, dishonestly or fraudulently, without permission of the owner or of any other person who is incharge of a computer resource
(i) accesses or secures access to such computer resource;
(ii) downloads, copies or extracts any data, computer data base or information from such computer resource including information or data held or stored in any removable storage medium;
(iii) denies or causes the denial of access to any person authorised to access any computer resource;

he shall be punishable with imprisonment upto one year or a fine which may extend up to two lacs or with both;

(b) If any person, dishonestly or fraudulently, without permission of the owner or of any other person who is incharge of a computer resource
(i) introduces or causes to be introduced any computer contaminant or computer virus into any computer resource;
(ii) disrupts or causes disruption or impairment of electronic resource;
(iii) charges the services availed of by a person to the account of another person by tampering with or manipulating any computer resource;
(iv) provides any assistance to any person to facilitate access to a computer resource in contravention of the provisions of this Act, rules or regulations made thereunder;
(v) damages or causes to be damaged any computer resource, date, computer databse, or other programmes residing in such computer resource;

he shall be punishable with imprisonment upto two years or a fine which may extend up to five lacs or with both;

The first amendment suggested by the committee in this section is to replace the words “intent to cause or knowing that he is likely to cause” with the expression “dishonestly and fraudulently”.

Explanation (a) to the section specifies dishonestly as “Whoever does anything with the intention of causing wrongful gain to one person, wrongful loss or harm to another person, is said to do this thing dishonestly”. It must be noted that the addition of the word “harm” has significantly improved the existing definition of dishonestly as provided in the IPC.

The addition of the word “harm” is a welcome step.

Explanation (b) to the section describes fraudulently as “A person is said to do a thing fraudulently if he does that thing with intent to defraud but not otherwise.

The important points to be noted here is that the “deterrent effect” has been diluted to considerable limit. The words “likely to cause” was supporting the test of a “reasonable person” while dealing with the requirements of “due diligence” under the IT Act. The expression “intent to cause or knowing that he is likely to cause” was talking about two types of liability. The first category of “with the intent to cause” is dealing with “actual knowledge” whereas the category “likely to cause” is dealing with “constructive knowledge” as well, besides actual knowledge. The later category was taking care of “constructive knowledge” and “due diligence requirements” that unfortunately have been deleted. The expression wrongful gain and loss are talking about “property” if we analyse them under section 23 of the IPC, which assumes significance due to section 2(2) of the IT Act.

The Committee, however, has also put the first two clauses of section 66(1) in section 43(1) as well. Thus, if a person hacks another computer, then either he is “criminally liable” under section 66(1) or a “civil liability”, that may extend upto rupees one crore as compensation, can be imposed. Now this may cause a lot of problem. The moment hacking is committed, either he will be send to jail or he has to pay compensation.

Further, the expression “without the permission of the owner” shall include access to information that exceeds the level of authorised permission to access by virtue of Explanation (c) to section 66. Thus if a person exceeds his authority to access, then he can be held liable for:
(i) Hacking,
(ii) Data property violations, and
(ii) Denial of service attacks (DOSAs).

As far as the hacking and data property violations are concerned, they fit in section 66(1), but it would be better if DOSAs be inserted in section 66(2). It must be noted that even in case of DOSA either the accused is criminally liable or he is civilly liable.

The punishment has been reduced to one year in cases of hacking which was three years. There seems to be no rationale in reducing this punishment.

Section 66(2): This sub-section also recognises both criminal liability and civil liability.

This is a welcome provision and one of the most significant amendments needed in the contemporary society. It must be accepted by adding DOSAs to it.

PRAVEEN DALAL
Cyber Law Consultant and Advocate
Delhi High Court
Tele: 9899169611

Email:: pd37@rediffmail.com
URL:: http://perry4law.blogspot.com/

>>Add a comment