This document outlines key aspects of Nepal's Electronic Transactions Act of 2063 (2008).
1. It establishes the legal validity and recognition of electronic records and digital signatures, allowing electronic transactions to have the same legal standing as traditional written documents.
2. Digital signatures created using an asymmetric cryptosystem and hash function will authenticate an electronic record. The public key can then verify the record was signed by the private key holder.
3. The Act provides definitions for important terms related to digital signatures, electronic records, cryptography, and information technology to clarify how they will be applied under the law.
This document provides a summary of key definitions from Section 2 of the Information Technology Act, 2000 of India. It defines important terms related to digital technology, electronic records, cryptography, and cybersecurity. Some of the terms defined include digital signature, electronic form, electronic record, computer, digital signature certificate, cyber cafe, intermediary, secure system, subscriber, and certifying authority. The definitions section provides clarity on the technical meaning of these terms as used in the Information Technology Act.
The Information Technology Act, 2000 provides the legal framework for electronic governance in India. Some key points covered in the act include:
- Legal recognition of electronic records and digital signatures.
- Regulation of certifying authorities that issue digital signature certificates.
- Establishment of the Cyber Appellate Tribunal to hear appeals related to the act.
- Offences and penalties related to cyber crimes like hacking and publishing obscene content.
- Procedures for adjudicating violations and determining appropriate penalties.
The document summarizes key sections of the Information Technology Act, 2000 related to cyber security in India. It discusses sections establishing protected computer systems, designating agencies responsible for critical infrastructure protection and incident response, penalties for various cyber crimes, and intermediary liability exemptions. The sections establish national agencies to coordinate cyber security, empower agencies to investigate offenses, and outline penalties including imprisonment and fines for offenses like unauthorized access, privacy breaches, and publishing false digital signatures.
The document discusses India's Information Technology Act and digital signatures. It provides information on cryptography, digital signatures, and the roles of the Controller of Certifying Authorities, Certifying Authorities, and subscribers. It also summarizes key sections of the Act related to the legal recognition of electronic records and digital signatures, the use of electronic records and digital signatures by the government, requirements for certifying authorities to obtain licenses to issue digital signature certificates, and the regulation of certifying authorities.
• IT Act is based on the model of electronic commerce
adopted by UN Commission on international trade
law in 1996.
• It provides legal recognition to electronic commerce
transactions, allows electronic filing of documents
and penalizes computer related crimes.
• The cyber law is law relating to computers,
communications and internet and referred as ICT
law.
• ICT law covers e-commerce, e-governance,
Intellectual property, data security, cyber crimes and
issues of privacy.
This document summarizes key aspects of India's Information Technology Act, including:
1) It defines digital signatures and electronic signatures, and outlines requirements for their use in authentication.
2) It establishes rules for electronic governance, electronic records, controllers who regulate certifying authorities, and adjudication of related offenses and compensation.
3) The case study discusses how information was retrieved from laptops of terrorists involved in a Parliament attack case, which revealed their motives and allowed for punishment under the law.
Information Technology Act 2000 - Santosh K PathakDipayan Sarkar
This document provides an overview of cyber crimes and the Information Technology Act 2000 in India. It discusses the types of cyber crimes such as hacking, phishing, spamming, and cyber terrorism. It then outlines the objectives of the IT Act which aims to provide legal recognition for e-commerce transactions and facilitate electronic governance. The document explains the extent of application of the Act and key definitions. Finally, it summarizes the various cybercrime provisions under the IT Act 2000, listing the relevant sections of the Act that penalize offenses such as tampering with computer systems, publishing offensive content, and failure to assist in decrypting data upon request from authorities.
This document provides a summary of key definitions from Section 2 of the Information Technology Act, 2000 of India. It defines important terms related to digital technology, electronic records, cryptography, and cybersecurity. Some of the terms defined include digital signature, electronic form, electronic record, computer, digital signature certificate, cyber cafe, intermediary, secure system, subscriber, and certifying authority. The definitions section provides clarity on the technical meaning of these terms as used in the Information Technology Act.
The Information Technology Act, 2000 provides the legal framework for electronic governance in India. Some key points covered in the act include:
- Legal recognition of electronic records and digital signatures.
- Regulation of certifying authorities that issue digital signature certificates.
- Establishment of the Cyber Appellate Tribunal to hear appeals related to the act.
- Offences and penalties related to cyber crimes like hacking and publishing obscene content.
- Procedures for adjudicating violations and determining appropriate penalties.
The document summarizes key sections of the Information Technology Act, 2000 related to cyber security in India. It discusses sections establishing protected computer systems, designating agencies responsible for critical infrastructure protection and incident response, penalties for various cyber crimes, and intermediary liability exemptions. The sections establish national agencies to coordinate cyber security, empower agencies to investigate offenses, and outline penalties including imprisonment and fines for offenses like unauthorized access, privacy breaches, and publishing false digital signatures.
The document discusses India's Information Technology Act and digital signatures. It provides information on cryptography, digital signatures, and the roles of the Controller of Certifying Authorities, Certifying Authorities, and subscribers. It also summarizes key sections of the Act related to the legal recognition of electronic records and digital signatures, the use of electronic records and digital signatures by the government, requirements for certifying authorities to obtain licenses to issue digital signature certificates, and the regulation of certifying authorities.
• IT Act is based on the model of electronic commerce
adopted by UN Commission on international trade
law in 1996.
• It provides legal recognition to electronic commerce
transactions, allows electronic filing of documents
and penalizes computer related crimes.
• The cyber law is law relating to computers,
communications and internet and referred as ICT
law.
• ICT law covers e-commerce, e-governance,
Intellectual property, data security, cyber crimes and
issues of privacy.
This document summarizes key aspects of India's Information Technology Act, including:
1) It defines digital signatures and electronic signatures, and outlines requirements for their use in authentication.
2) It establishes rules for electronic governance, electronic records, controllers who regulate certifying authorities, and adjudication of related offenses and compensation.
3) The case study discusses how information was retrieved from laptops of terrorists involved in a Parliament attack case, which revealed their motives and allowed for punishment under the law.
Information Technology Act 2000 - Santosh K PathakDipayan Sarkar
This document provides an overview of cyber crimes and the Information Technology Act 2000 in India. It discusses the types of cyber crimes such as hacking, phishing, spamming, and cyber terrorism. It then outlines the objectives of the IT Act which aims to provide legal recognition for e-commerce transactions and facilitate electronic governance. The document explains the extent of application of the Act and key definitions. Finally, it summarizes the various cybercrime provisions under the IT Act 2000, listing the relevant sections of the Act that penalize offenses such as tampering with computer systems, publishing offensive content, and failure to assist in decrypting data upon request from authorities.
Information Technology act 2000 & Threats to India using GoogleHemraj Singh Chouhan
This presentation is delivered at Income tax department on Information & Technology Act 2000 in India + Online threats to India by various terrorist organisations + Bitcoins + Ransom-ware + How dangerous it could be if we use smart phone and provide our data to Google.
Important section of IT Act 2000 & IPC sections related to cyber law. KOMALMALLIK
The document discusses the Information Technology Act 2000 and related cyber crimes and sections of the Indian Penal Code. The IT Act was enacted to provide legal recognition for electronic transactions and documents. It deals with legal recognition of electronic documents, digital signatures, offenses/contraventions, and systems for dealing with cyber crimes. Several sections of the IT Act are summarized that relate to cyber crimes and offenses such as unauthorized access to computers, computer contamination, identity theft, cheating, publishing obscene material, and more. Punishments for offenses under the Act are also mentioned. Relevant sections of the Indian Penal Code dealing with defamation are also listed.
Chapter 06 Information Technology Act 2000Robin Kapoor
This document provides an overview of key sections of the Information Technology Act, 2000 regarding electronic records and digital signatures.
The Act is based on a UNCITRAL model law to facilitate electronic commerce by giving legal recognition to electronic records and digital signatures. Digital signatures use asymmetric cryptography and hash functions to authenticate electronic records.
The Act establishes rules for using digital signatures to authenticate electronic records, defines digital certificates issued by certifying authorities, and provides legal recognition for electronic records, digital signatures, and electronic governance procedures like filing documents electronically. It also covers attribution, acknowledgement and time/place of dispatch and receipt of electronic records.
Cyber law - Legal Environment of Business - Business Law - Commercial Law - M...manumelwin
In discharge of its international responsibility, the Government of India enacted a Law in 2000 known as Information Technology Act 2000. The Act extends to the whole of India and it applies also to any offence or contravention thereon committed outside India by any person.
This document outlines rules established by the Government of India regarding Certifying Authorities. It defines key terms related to digital signatures and certifying authorities. It establishes standards for digital signature certificates and outlines requirements for licensing certifying authorities, including minimum capital and net worth. It also specifies rules regarding cross-certification, validity of licenses, suspension of licenses, and renewal of licenses.
This document outlines sections of the Information Technology Act, 2000 of India related to cyber crimes and corresponding penalties. Key sections discussed include:
Section 43 - Damage to computer systems, compensation up to 1 crore rupees.
Section 43A - Body corporate failure to protect data, compensation up to 5 crore rupees.
Section 66 - Computer related offenses like hacking, data alteration, imprisonment up to 3 years and fine up to 5 lakh rupees.
The Information Technology Act 2000 provides a legal framework for electronic commerce and digital signatures. It aims to facilitate electronic governance and amend various laws to apply in the digital context. The Act defines cyber crimes and sets penalties for offenses involving unauthorized computer access, cyber attacks, and tampering with digital records. It establishes authorities for issuing digital certificates and adjudicating cyber disputes, while limiting the jurisdiction of regular courts on technology-related matters.
The document outlines major types of cyber crimes such as data diddling, Trojan horse attacks, and computer viruses. It then discusses methods to minimize cyber crimes like using strong passwords and security software. The document mainly focuses on India's Information Technology Act of 2000 which aims to provide legal recognition for electronic transactions. The key aspects of the Act include digital signatures, duties of certifying authorities, penalties for cyber crimes, and establishment of organizations to regulate the cyber space.
The document outlines major types of cyber crimes such as data diddling, Trojan horse attacks, and computer viruses. It then discusses methods to minimize cyber crimes like using strong passwords and scanning for viruses. The document primarily focuses on India's Information Technology Act of 2000 which aims to provide legal recognition for electronic transactions. The key aspects of the Act include provisions around digital signatures, certifying authorities, digital signature certificates, and penalties for cyber crimes. Adjudicating officers and the Cyber Appellate Tribunal are established to investigate offenses and hear appeals.
The IT Act, 2000 was enacted to implement electronic commerce standards set by UNCITRAL. The Act extends to all of India and recognizes electronic records, digital signatures, and online transactions as legally valid. It defines key terms related to digital signatures and cybercrimes. Non-compliance may result in contravention, which requires compensation up to 1 crore rupees, or offenses, which carry punishments like fines or imprisonment. The Act also applies to offenses committed outside India involving computers in India.
History
Introduction
Introduce and finalized by Atal bhirai Bajpai
Parts of the Act
Amendments to I.T. ACT 2000
Offences of I.T ACT 2000
What works
What doesn’t work
Section of I.T. ACT 2000
The advantage of I.T. ACT 2000
The disadvantage of I.T ACT 2000
Conclusion
The document discusses the objectives and key provisions of the Information Technology Act, 2000 in India. The key points are:
1) The Act aims to provide legal recognition for electronic commerce and electronic records on par with paper documents. It also aims to facilitate e-governance and electronic filing of documents.
2) The Act defines important terms related to digital infrastructure and transactions. It also establishes authorities like the Controller of Certifying Authorities to regulate digital signature certificates.
3) The Act addresses issues like legal recognition of electronic documents and digital signatures to support e-commerce. It also establishes mechanisms for offenses and justice systems related to cybercrimes.
This material is for PGPSE / CSE students of AFTERSCHOOOL. PGPSE / CSE are free online programme - open for all - free for all - to promote entrepreneurship and social entrepreneurship PGPSE is for those who want to transform the world. It is different from MBA, BBA, CFA, CA,CS,ICWA and other traditional programmes. It is based on self certification and based on self learning and guidance by mentors. It is for those who want to be entrepreneurs and social changers. Let us work together. Our basic idea is that KNOWLEDGE IS FREE & AND SHARE IT WITH THE WORLD
The document provides an overview of the Information Technology Act of 2000 passed by the Indian Parliament. The key points are:
1. The Act aims to provide legal recognition to electronic transactions and commerce by facilitating electronic filing and use of digital signatures.
2. It defines cybercrimes like hacking and publishing obscene material and prescribes penalties like imprisonment and fines.
3. The Act recognizes digital signatures authenticated by Certifying Authorities as legally valid. It also defines terms like digital signatures, private/public keys, and encryption.
4. It provides for adjudication of cybercrimes and compensation up to Rs. 10 million for offenses like unauthorized access or tampering with computer systems.
The IT Act was enacted in 2000, making India the 12th country to adopt cyber laws. The objectives of the Act were to provide legal recognition to electronic transactions and records, facilitate e-filing with government agencies and e-payments, and amend related laws. The Act defines key terms like "secure system" and "security procedure". It also legally recognizes digital signatures and regulations electronic records and publications. The Act contains provisions to tackle cybercrimes like hacking, publishing obscene content, unauthorized access, and breach of privacy and confidentiality. Various cybercrimes are punishable under the IT Act and other laws like the IPC.
(1) The Electronic Transactions Act was enacted to regulate electronic records and digital signatures by providing them legal validity and recognition.
(2) Key terms like electronic form, electronic record, digital signature, originator, addressee etc. are defined to have the same meaning when used in reference to electronic records as they would have in reference to physical documents.
(3) The act provides for legal recognition of electronic records and digital signatures by establishing them as valid alternatives to physical documents signed using handwritten signatures when prevailing law requires written, printed or signed records.
Information Technology Act 2000 An OverviewAnubhav
The document provides an overview of the Information Technology Act 2000 in India. Some key points:
- The Act aims to provide legal recognition for electronic transactions and facilitate e-filing/payments with the government.
- It defines important terms like electronic records, digital signatures, and security procedures. Digital signatures created using asymmetric cryptographic keys can verify electronic records.
- A public key infrastructure (PKI) allows parties without prior agreements to verify each other's identities through digital certificates issued by a certification authority.
- The Act lays out the legal processes for digital signatures to authenticate electronic records in a secure manner similar to physical signatures.
View the IT Act 2000
Preliminary
Digital Signature
Electronic Governance
Attribution, Acknowledgement and Dispatch of Electronic Records
Secure Electronic Records and Secure Digital Signatures
Regulation of Certifying Authorities
Digital Signature Certificates
Duties of Subscribers
Penalties and Adjudication
The Cyber Regulations Appellate Tribunal
Offences
Network Service Providers Not to be Liable in Certain Cases
The document discusses the Indian Information Technology Act of 2000. Some key points:
- The Act aims to provide legal recognition for electronic records and digital signatures to facilitate electronic governance and commerce.
- It defines cyber crimes and penalties. It also establishes mechanisms like the Controller of Certifying Authorities and the Cyber Appellate Tribunal.
- The original Act contained 94 sections across 13 chapters addressing issues like electronic signatures, electronic governance, record retention, and cyber crimes. It also amended other existing laws.
- A major amendment in 2008 introduced sections on offensive online communications and increased surveillance powers for authorities. It also addressed cybercrimes like pornography and cyberterrorism.
Information Technology act 2000 & Threats to India using GoogleHemraj Singh Chouhan
This presentation is delivered at Income tax department on Information & Technology Act 2000 in India + Online threats to India by various terrorist organisations + Bitcoins + Ransom-ware + How dangerous it could be if we use smart phone and provide our data to Google.
Important section of IT Act 2000 & IPC sections related to cyber law. KOMALMALLIK
The document discusses the Information Technology Act 2000 and related cyber crimes and sections of the Indian Penal Code. The IT Act was enacted to provide legal recognition for electronic transactions and documents. It deals with legal recognition of electronic documents, digital signatures, offenses/contraventions, and systems for dealing with cyber crimes. Several sections of the IT Act are summarized that relate to cyber crimes and offenses such as unauthorized access to computers, computer contamination, identity theft, cheating, publishing obscene material, and more. Punishments for offenses under the Act are also mentioned. Relevant sections of the Indian Penal Code dealing with defamation are also listed.
Chapter 06 Information Technology Act 2000Robin Kapoor
This document provides an overview of key sections of the Information Technology Act, 2000 regarding electronic records and digital signatures.
The Act is based on a UNCITRAL model law to facilitate electronic commerce by giving legal recognition to electronic records and digital signatures. Digital signatures use asymmetric cryptography and hash functions to authenticate electronic records.
The Act establishes rules for using digital signatures to authenticate electronic records, defines digital certificates issued by certifying authorities, and provides legal recognition for electronic records, digital signatures, and electronic governance procedures like filing documents electronically. It also covers attribution, acknowledgement and time/place of dispatch and receipt of electronic records.
Cyber law - Legal Environment of Business - Business Law - Commercial Law - M...manumelwin
In discharge of its international responsibility, the Government of India enacted a Law in 2000 known as Information Technology Act 2000. The Act extends to the whole of India and it applies also to any offence or contravention thereon committed outside India by any person.
This document outlines rules established by the Government of India regarding Certifying Authorities. It defines key terms related to digital signatures and certifying authorities. It establishes standards for digital signature certificates and outlines requirements for licensing certifying authorities, including minimum capital and net worth. It also specifies rules regarding cross-certification, validity of licenses, suspension of licenses, and renewal of licenses.
This document outlines sections of the Information Technology Act, 2000 of India related to cyber crimes and corresponding penalties. Key sections discussed include:
Section 43 - Damage to computer systems, compensation up to 1 crore rupees.
Section 43A - Body corporate failure to protect data, compensation up to 5 crore rupees.
Section 66 - Computer related offenses like hacking, data alteration, imprisonment up to 3 years and fine up to 5 lakh rupees.
The Information Technology Act 2000 provides a legal framework for electronic commerce and digital signatures. It aims to facilitate electronic governance and amend various laws to apply in the digital context. The Act defines cyber crimes and sets penalties for offenses involving unauthorized computer access, cyber attacks, and tampering with digital records. It establishes authorities for issuing digital certificates and adjudicating cyber disputes, while limiting the jurisdiction of regular courts on technology-related matters.
The document outlines major types of cyber crimes such as data diddling, Trojan horse attacks, and computer viruses. It then discusses methods to minimize cyber crimes like using strong passwords and security software. The document mainly focuses on India's Information Technology Act of 2000 which aims to provide legal recognition for electronic transactions. The key aspects of the Act include digital signatures, duties of certifying authorities, penalties for cyber crimes, and establishment of organizations to regulate the cyber space.
The document outlines major types of cyber crimes such as data diddling, Trojan horse attacks, and computer viruses. It then discusses methods to minimize cyber crimes like using strong passwords and scanning for viruses. The document primarily focuses on India's Information Technology Act of 2000 which aims to provide legal recognition for electronic transactions. The key aspects of the Act include provisions around digital signatures, certifying authorities, digital signature certificates, and penalties for cyber crimes. Adjudicating officers and the Cyber Appellate Tribunal are established to investigate offenses and hear appeals.
The IT Act, 2000 was enacted to implement electronic commerce standards set by UNCITRAL. The Act extends to all of India and recognizes electronic records, digital signatures, and online transactions as legally valid. It defines key terms related to digital signatures and cybercrimes. Non-compliance may result in contravention, which requires compensation up to 1 crore rupees, or offenses, which carry punishments like fines or imprisonment. The Act also applies to offenses committed outside India involving computers in India.
History
Introduction
Introduce and finalized by Atal bhirai Bajpai
Parts of the Act
Amendments to I.T. ACT 2000
Offences of I.T ACT 2000
What works
What doesn’t work
Section of I.T. ACT 2000
The advantage of I.T. ACT 2000
The disadvantage of I.T ACT 2000
Conclusion
The document discusses the objectives and key provisions of the Information Technology Act, 2000 in India. The key points are:
1) The Act aims to provide legal recognition for electronic commerce and electronic records on par with paper documents. It also aims to facilitate e-governance and electronic filing of documents.
2) The Act defines important terms related to digital infrastructure and transactions. It also establishes authorities like the Controller of Certifying Authorities to regulate digital signature certificates.
3) The Act addresses issues like legal recognition of electronic documents and digital signatures to support e-commerce. It also establishes mechanisms for offenses and justice systems related to cybercrimes.
This material is for PGPSE / CSE students of AFTERSCHOOOL. PGPSE / CSE are free online programme - open for all - free for all - to promote entrepreneurship and social entrepreneurship PGPSE is for those who want to transform the world. It is different from MBA, BBA, CFA, CA,CS,ICWA and other traditional programmes. It is based on self certification and based on self learning and guidance by mentors. It is for those who want to be entrepreneurs and social changers. Let us work together. Our basic idea is that KNOWLEDGE IS FREE & AND SHARE IT WITH THE WORLD
The document provides an overview of the Information Technology Act of 2000 passed by the Indian Parliament. The key points are:
1. The Act aims to provide legal recognition to electronic transactions and commerce by facilitating electronic filing and use of digital signatures.
2. It defines cybercrimes like hacking and publishing obscene material and prescribes penalties like imprisonment and fines.
3. The Act recognizes digital signatures authenticated by Certifying Authorities as legally valid. It also defines terms like digital signatures, private/public keys, and encryption.
4. It provides for adjudication of cybercrimes and compensation up to Rs. 10 million for offenses like unauthorized access or tampering with computer systems.
The IT Act was enacted in 2000, making India the 12th country to adopt cyber laws. The objectives of the Act were to provide legal recognition to electronic transactions and records, facilitate e-filing with government agencies and e-payments, and amend related laws. The Act defines key terms like "secure system" and "security procedure". It also legally recognizes digital signatures and regulations electronic records and publications. The Act contains provisions to tackle cybercrimes like hacking, publishing obscene content, unauthorized access, and breach of privacy and confidentiality. Various cybercrimes are punishable under the IT Act and other laws like the IPC.
(1) The Electronic Transactions Act was enacted to regulate electronic records and digital signatures by providing them legal validity and recognition.
(2) Key terms like electronic form, electronic record, digital signature, originator, addressee etc. are defined to have the same meaning when used in reference to electronic records as they would have in reference to physical documents.
(3) The act provides for legal recognition of electronic records and digital signatures by establishing them as valid alternatives to physical documents signed using handwritten signatures when prevailing law requires written, printed or signed records.
Information Technology Act 2000 An OverviewAnubhav
The document provides an overview of the Information Technology Act 2000 in India. Some key points:
- The Act aims to provide legal recognition for electronic transactions and facilitate e-filing/payments with the government.
- It defines important terms like electronic records, digital signatures, and security procedures. Digital signatures created using asymmetric cryptographic keys can verify electronic records.
- A public key infrastructure (PKI) allows parties without prior agreements to verify each other's identities through digital certificates issued by a certification authority.
- The Act lays out the legal processes for digital signatures to authenticate electronic records in a secure manner similar to physical signatures.
View the IT Act 2000
Preliminary
Digital Signature
Electronic Governance
Attribution, Acknowledgement and Dispatch of Electronic Records
Secure Electronic Records and Secure Digital Signatures
Regulation of Certifying Authorities
Digital Signature Certificates
Duties of Subscribers
Penalties and Adjudication
The Cyber Regulations Appellate Tribunal
Offences
Network Service Providers Not to be Liable in Certain Cases
The document discusses the Indian Information Technology Act of 2000. Some key points:
- The Act aims to provide legal recognition for electronic records and digital signatures to facilitate electronic governance and commerce.
- It defines cyber crimes and penalties. It also establishes mechanisms like the Controller of Certifying Authorities and the Cyber Appellate Tribunal.
- The original Act contained 94 sections across 13 chapters addressing issues like electronic signatures, electronic governance, record retention, and cyber crimes. It also amended other existing laws.
- A major amendment in 2008 introduced sections on offensive online communications and increased surveillance powers for authorities. It also addressed cybercrimes like pornography and cyberterrorism.
Information technology-act 2000- an overview-sethassociatespptSuvabrataSamanta
The document provides an overview of the Information Technology Act 2000 in India. Some key points:
- The IT Act was enacted in 2000, making India the 12th country to adopt cyber laws, and is based on UNCITRAL model law on e-commerce.
- The objectives of the Act were to provide legal recognition for electronic transactions and documents, facilitate e-governance, and amend related laws to include electronic forms.
- It defines important terms like electronic records, digital signatures, and secure digital signatures verified using public key infrastructure.
- The Act provides for legal recognition of electronic records and digital signatures, and regulates the functions of the Controller of Certifying Authorities and licensed Cert
The document provides an overview of the Information Technology Act 2000 of India. It discusses key objectives of the act such as providing legal recognition to electronic transactions and records. It also defines important terms used in the act like computer, electronic record, digital signature. The roles of regulatory authorities like the Controller of Certifying Authorities in licensing and auditing Certifying Authorities are summarized. Provisions around digital signatures, electronic records and their admissibility as evidence are also briefly outlined.
Information technology-act2000-120112080011-phpapp02 2Suryadev Maity
The document provides an overview of the Information Technology Act 2000 of India. Some key points:
- The IT Act was enacted in 2000, making India one of the first 12 countries to adopt cyber laws. It is based on the UNCITRAL Model Law on e-commerce.
- The objectives of the Act were to provide legal recognition for electronic transactions and facilitate e-governance. It amended several other Indian laws to include electronic records and digital signatures.
- The Act applies to cyber offenses committed in India or involving Indian systems. It defines important terms like electronic records, digital signatures, and secure electronic records using cryptography.
- Digital signatures use public key infrastructure for verification by relying parties
Information-Technology-Act 2000- An overview-sethassociatesppt (1).pptshahulgk
The document provides an overview of the Information Technology Act 2000 of India. Some key points:
- The IT Act was enacted in 2000, making India the 12th country to adopt cyber laws, and is based on UNCITRAL model law on e-commerce.
- The Act aims to provide legal recognition for electronic transactions and facilitate e-governance. It defines electronic records and digital signatures.
- A Controller of Certifying Authorities regulates and licenses Certifying Authorities to issue digital signature certificates using public key infrastructure.
- The Act recognizes electronic records and digital signatures as legally valid. It aims to facilitate electronic governance and commerce.
Information technology-act 2000- an overview-sethassociatespptDiya Mirza
The document provides an overview of the Information Technology Act 2000 in India. It discusses key aspects of the act such as its objectives, definitions, provisions regarding electronic records and digital signatures. It also describes the role of the Controller of Certifying Authorities (CCA) in regulating and licensing Certifying Authorities, setting standards for public key infrastructure and digital signature certification processes. The CCA establishes a hierarchy with the government as the root of trust to help secure electronic communications and transactions through digital signatures certified by licensed Certifying Authorities.
1. The document discusses the need for cyber law in India and provides an overview of the key aspects of the Information Technology Act 2000, which was enacted to address this need.
2. It defines important terms related to cyber law like electronic record, digital signature, and explains concepts such as attribution of electronic records and acknowledgement of receipt.
3. It also summarizes provisions of the Act around offenses and penalties for cybercrimes, functions of the Controller of Certifying Authorities, and directions that can be issued to subscribers and certifying authorities.
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptxakshitarathi77
The document provides an overview of the Information Technology Act, 2000 of India. Some key points:
- The Act aims to provide legal recognition to electronic records and transactions carried out online. It defines electronic records and digital signatures.
- It establishes a Controller of Certifying Authorities to regulate and license Certifying Authorities to issue digital signature certificates.
- The Act recognizes electronic governance and gives legal validity to electronic records and digital signatures. It aims to facilitate electronic filing of documents.
- It defines offences related to cybercrime and provides penalties and adjudication process for contravention of the Act's provisions. Adjudicating officers are empowered to determine compensation in cases of loss or unfair advantage resulting
The Information Technology Act 2000 was enacted in India on May 17, 2000 to provide legal recognition to electronic commerce and transactions carried out by electronic data interchange and other means of electronic communication. The Act is based on a model law adopted by the UN on e-commerce. It aims to facilitate electronic governance and filing of documents. Some key components of the Act include provisions around digital signatures, duties of subscribers, penalties for offences, and protection for network service providers. It also defines important terms related to e-commerce and cyber security.
Cyber Law and Information Technology Act 2000 with case studiesSneha J Chouhan
This presentation breifs about the Information Technology Act and Cyber Law in India 2000. The various acts involved in it, case studies and some recent amendments are also mentioned.
P.S: Refer the slides for educational purpose only.
Amendments to the Indian Evidence Act, 1872 with respect to IT ACT 2000Dr. Prashant Vats
This document outlines amendments made to the Indian Evidence Act of 1872 by the Information Technology Act of 2000 regarding electronic records and digital signatures. Some key points:
- It defines electronic terms like digital signature and includes electronic records in definitions of evidence and documents.
- It allows electronic records and documents produced from computers to be considered admissible as evidence if certain conditions are met regarding the computer system and record keeping.
- It establishes provisions for proving digital signatures and verifying them, including allowing courts to request digital signature certificates from individuals, controllers or certifying authorities.
- It creates presumptions that electronic records of official gazettes, electronic agreements containing digital signatures, and secure digital records and signatures are valid unless proven
The document provides an overview of the Information Technology Act 2000 in India. Some key points:
- The Act was enacted in 2000 to provide legal recognition to electronic records and digital signatures. It is based on the UNCITRAL Model Law on E-Commerce.
- The objectives are to facilitate electronic governance and commerce. It defines electronic records, digital signatures, secure systems, etc. and recognizes their legal validity.
- It applies to the whole of India and any offenses committed outside India involving computers in India. Various cybercrimes are punishable under the Act.
- It establishes provisions for public key infrastructure, digital signature certificates, duties of subscribers, and regulates certifying authorities to facilitate
Information Technology Act, 2000, THE SECOND SCHEDULE : Amendments to the Ind...Dr. Prashant Vats
The document summarizes the key amendments made to the Indian Evidence Act of 1872 by the Information Technology Act of 2000 regarding electronic records and digital signatures. Some of the main changes include:
1) Expanding the definitions of "evidence" and certain terms to include electronic records.
2) Stating that electronic records, including those stored on computers, can be considered documents if certain conditions are met.
3) Creating new provisions for dealing with electronic records as evidence, including presumptions around digital signatures, electronic agreements, and records being five years old.
4) Allowing opinions of Certifying Authorities on digital signatures and verification of signatures by public keys.
The Information Technology Act 2000 provides legal recognition for electronic records and digital signatures. It facilitates electronic governance and commerce by recognizing the validity of electronic contracts, attributions, and signatures. The Act establishes a regulatory framework and penalties for cyber crimes. It amends other related laws around electronic evidence and banking.
This document discusses the admissibility and proof of electronic records in court. It defines key terms related to electronic records under the Information Technology Act such as electronic record, data, computer, computer system, and computer network. It outlines various forms of digital evidence that can be obtained from electronic devices and computer outputs. It explains the requirements for proving electronic records in court according to Section 65B of the Indian Evidence Act. Overall, the document provides information on establishing the authenticity and admissibility of different types of electronic records as evidence in legal proceedings.
This document discusses key aspects of the Information Technology Act, 2000 in India, including its objectives and provisions related to electronic governance and digital signatures.
Some key points:
- The Act aims to facilitate electronic commerce and give legal recognition to electronic records and digital signatures. It allows for electronic filing of documents with the government.
- Digital signatures work by encrypting a message digest with a private key, and can be verified using the corresponding public key. Digital certificates bind a public key to an individual.
- The Act provides for legal recognition of electronic records, digital signatures, retention of electronic documents, and publication of official notices electronically. It also specifies rules for attribution, acknowledgment and dispatch of electronic records.
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Sinan KOZAK
Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
Rainfall intensity duration frequency curve statistical analysis and modeling...bijceesjournal
Using data from 41 years in Patna’ India’ the study’s goal is to analyze the trends of how often it rains on a weekly, seasonal, and annual basis (1981−2020). First, utilizing the intensity-duration-frequency (IDF) curve and the relationship by statistically analyzing rainfall’ the historical rainfall data set for Patna’ India’ during a 41 year period (1981−2020), was evaluated for its quality. Changes in the hydrologic cycle as a result of increased greenhouse gas emissions are expected to induce variations in the intensity, length, and frequency of precipitation events. One strategy to lessen vulnerability is to quantify probable changes and adapt to them. Techniques such as log-normal, normal, and Gumbel are used (EV-I). Distributions were created with durations of 1, 2, 3, 6, and 24 h and return times of 2, 5, 10, 25, and 100 years. There were also mathematical correlations discovered between rainfall and recurrence interval.
Findings: Based on findings, the Gumbel approach produced the highest intensity values, whereas the other approaches produced values that were close to each other. The data indicates that 461.9 mm of rain fell during the monsoon season’s 301st week. However, it was found that the 29th week had the greatest average rainfall, 92.6 mm. With 952.6 mm on average, the monsoon season saw the highest rainfall. Calculations revealed that the yearly rainfall averaged 1171.1 mm. Using Weibull’s method, the study was subsequently expanded to examine rainfall distribution at different recurrence intervals of 2, 5, 10, and 25 years. Rainfall and recurrence interval mathematical correlations were also developed. Further regression analysis revealed that short wave irrigation, wind direction, wind speed, pressure, relative humidity, and temperature all had a substantial influence on rainfall.
Originality and value: The results of the rainfall IDF curves can provide useful information to policymakers in making appropriate decisions in managing and minimizing floods in the study area.
artificial intelligence and data science contents.pptxGauravCar
What is artificial intelligence? Artificial intelligence is the ability of a computer or computer-controlled robot to perform tasks that are commonly associated with the intellectual processes characteristic of humans, such as the ability to reason.
› ...
Artificial intelligence (AI) | Definitio
Design and optimization of ion propulsion dronebjmsejournal
Electric propulsion technology is widely used in many kinds of vehicles in recent years, and aircrafts are no exception. Technically, UAVs are electrically propelled but tend to produce a significant amount of noise and vibrations. Ion propulsion technology for drones is a potential solution to this problem. Ion propulsion technology is proven to be feasible in the earth’s atmosphere. The study presented in this article shows the design of EHD thrusters and power supply for ion propulsion drones along with performance optimization of high-voltage power supply for endurance in earth’s atmosphere.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Advanced control scheme of doubly fed induction generator for wind turbine us...
12the-electronic-transaction-act55.pdf
1. 1
The Electronic Transactions Act, 2063 (2008)
Date of Authentication and Publication
22 Mansir 2063 ( december 8, 2006)
Act number 27 of the year 2063
An Act promulgated for Electronic Transactions
Preamble:
WHEREAS, it is expedient to make, legal provisions for authentication and
regularization of the recognition, validity, integrity and reliability of generation,
production, processing, storage, communication and transmission system of electronic
records by making the transactions to be carried out by means of electronic data
exchange or by any other means of electronic communications, reliable and secured;
And where as, for controlling the acts of unauthorized use of electronic records or of
making alteration in such records through the illegal manner,
Now, therefore, be it enacted by the House of Representatives in the First Year of the
issuance of the Proclamation of the House of Representatives, 2063(2007) .
Chapter - 1
Preliminary
1. Short Title, Extension and Commencement: (1) This Act may be
called "The Electronic Transactions act,2063 (2008)".
(2) This Act shall be deemed to have been commenced from 24 Bhadra
2063 ( sep.2, 2006).
(3) This Act shall extend throughout Nepal and shall also apply to
any person residing anywhere by committing an offence in contravention to
this Act.
2. Definitions: Unless the subject or context otherwise requires, in this Act,-
2. 2
(a) "Asymmetric Crypto System" means a system that creates a secured
key-pair consisting of a private key creating a digital signature and a
public key to verify the digital signature.
(b) "License" means a license obtained pursuant to Sub-section (3) of
Section 18.
(c) "Originator" means a person who generates, stores or transmits
electronic records, and this term also includes a person who causes any
other person to carry out such functions:
Provided that it shall not include an intermediary.
(d) "Computer" means an electro-magnetic, optical or other high-speed data
processing device or system, which performs logical, arithmetic and
memory functions by manipulating electro-magnetic or optical impulses,
and also includes all acts of input, output, processing, storage and
computer software or communication facilities which are connected or
related to the computer in any computer system or computer network.
(e) "Computer Database" means an information, knowledge and concept or
presentation of instructions, which are being prepared or have already
been prepared in word, image, voice or audio visual form in a
formalized manner or which have been produced by a computer,
computer system or computer network, with a view to use in a
computer, computer system or computer network.
(f) "Computer Network" means an interrelationship between two or more
than two computers having interconnection with each other or in contact
of communication.
(g) "Computer System" means a device or a group of devices, containing all
computer programmes including input and output support devices,
electronic instructions, input and output data that performs logical,
arithmetic, data storage and retrieval, communication including
controlling functions.
3. 3
(h) "Computer Resource" means a computer, computer system, computer
network, data, computer database or software.
(i) "Subscriber" means a person who has obtained a certificate under Sub-
section (3) of Section 31.
(j) "Key Pair" means a private key in an asymmetric crypto system and of
pair of public key, interconnected in a mathematics form with the
private key which has a code to verify digital signature by the public key
to be created from the private key.
(k) "Data" means the presentation of information, knowledge, fact and
concept or instructions in any form, which are kept in a formalized
manner in a computer system or computer network and is intended for
processing the same, or processed or stored in a computer memory.
(l) "Tribunal" means the Information Technology Tribunal formed pursuant
to section 60.
(m) "Private Key" means a key of any key pair used to create a digital
signature.
(n) "Controller" means the Controller appointed or designated pursuant to
section 13.
(o) "Digital Signature" means a signature made in any electronic form to be
included in the transformation of electronic record by a person having a
non- transformed initial electronic record and the public key of signatory
by using a type of asymmetric crypto system that may clearly ascertain
the following matters:
(1) Whether or not transformation of electronic record was
created by using a type of private key keeping a logical consistency with
the public key of signatory; and
(2) Whether or not the initial electronic record has been
changed after the transformation of electronic record.
4. 4
(p) "Access" means an opportunity of gaining entry into, logical,
arithmetical or resources of memory function of any computer,
computer system or computer network, giving instructions to such
resources or making communication contact with such resources.
(q) "Appellate Tribunal" means the Information Technology Appellate
Tribunal formed pursuant to section 66.
(r) "Certificate" means a Digital Signature Certificate issued by the
Certifying Authority under Section 30.
(s) "Certification Practice Statement" means any statement issued by a
Certifying Authority to specify the practices to be applied by the
Certifying Authority while issuing a Digital Signature Certificate.
(t) "Certifying Authority" means a certifying authority which has obtained
a license to issue a Digital Signature Certificate under Sub-section (3) of
Section 18.
(u) "Addressee" means a person receiving the processed electronic record as
intended by the originator.
Provided that it shall not include an intermediary.
(v) "Electronic Record" means the data, record, image or sound transmitted,
received or stored in an electronic form by generating the same through
any means.
(w) "Electronic Form" means a form of information transmitted, received or
stored by generating the same through the means of magnetic, optical,
computer memory or similar other devices.
(x) "Public Key" means a key of any key pair used to verify digital
signature.
(y) "Information" means the data details of the scripted texts, images,
sounds, codes, computer programmes, software and computer databases.
5. 5
(z) "Information system" means a system to generate, produce, transmit,
receive, store and display information or to process the same by other
method.
(aa) Software" means any specific part of computer system such as system
software and application software having the capacity for operating
computer hardware.
(ab) "Computer Accessory" means a technology such as computer resource,
the information used by any institution in its business, a software-like
item produced or purchased by such an institution, hardware and
computer network.
(ac) "Government Authority" means a Ministry, Secretariat, Department of
Government of Nepal or the Offices thereunder, Constitutional Body or
the Offices thereunder, Court or Tribunal or Office of the Nepal Army
and it shall also includes other Offices of the similar nature.
(ad) "Public Institution" means the following institutions:-
(1) A company, bank or board whether fully or partially owned or
controlled by Government of Nepal , or a Commission agency,
authority, corporation, enterprise board, centre, council and other
corporate body of the similar nature established by Government
of Nepal pursuant to the laws prevailing.
(2) A university, school, research centre, and other similar academic
or educational institutions operated by Government of Nepal or
which have been receiving a full or partial grant from
Government of Nepal,
(3) The Local Bodies formed under the Local Self-Governance Act,
1998 (2055 B.S);
(4) The Institutions run on the loan, grant or guarantee of
Government of Nepal;
6. 6
(5) The Institution which is fully or partially owned or controlled by
the institution referred to in sub-Clauses (1), (2), (3) or (4) or
which receiving grant from such institution;
(6) Any other Institutions prescribed by Government of Nepal as a
public institution by a notification published in the Nepal
Gazette.
(ae) “Prescribed” or “As prescribed” means prescribed or as prescribed in
Rules framed under this Act.
Chapter - 2
Provisions Relating to Electronic Record and Digital Signature
3. Authencity of Electronic Record: (1) Any subscriber may, subject to the
provisions of this section, authenticate to any electronic record by his/her
personal digital signature.
(2) While authenticating the electronic record pursuant to Sub-
section (1), an act of transforming such electronic record to other electronic
record shall be effected by the use of asymmetric crypto system and hash
function.
Explanation: For the purpose of this section, "hash function" means the acts of
mapping of algorithm or translating of a sequence of bits into another,
generally smaller, set yielding the same hash result from any record in the same
form while executing the algorithm each and every time by using the same
record as an input, infeasible to derive or reconstruct any record from the hash
result produced by the algorithm from the computation point of view, and
making the two records, which produce the same hash result by using the
algorithm, computationally infeasible to derive.
(3) Any person may verify the electronic record by using the public
key of the subscriber.
7. 7
4. Legal Recognition of Electronic Record: Where the prevailing law
requires any information, documents, records or any other matters to be kept in
written or printed typewritten form, then, if such information, document, record
or the matter is maintained in an electronic form by fulfilling the procedures as
stipulated in this Act or the Rules made hereunder, such electronic record shall
also have legal validity.
5. Legal Recognition of Digital Signature: Where the prevailing law requires
any information, document, record or any other matters to be certified by
affixing signature or any document to be signed by any person; then, if such
information, documents, records or matters are certified by the digital signature
after fulfilling the procedures as stipulated in this Act or the Rules made
hereunder, such digital signature shall also have legal validity.
6. Electronic Records to be Kept Safely: Where the prevailing law requires
any information, document or record to be kept safely for any specific period of
time and if such information, document or record are kept safely in an
electronic form, by fulfilling the following condition,, such information,
document or record shall have legal validity if that is,-
(a) kept in an accessible condition making available for a subsequent
reference,
(b) kept safely in the format that can be demonstrated subject to presenting
again exactly in the same format in which they were originally generated
and transmitted or received or stored,
(c) kept making the details available by which the origin, destination and
transmission or date and time of receipt can be identified,
Provided that the provision of this Clause shall not be applied in regard to any
information to be generated automatically for the purpose of transmitting or
receiving any record.
7. Electronic Record May Fulfill the Requirement of Submission of any
Original Document: Where the prevailing law requires that any record shall
8. 8
have to be submitted or retained in its main or original form or kept safely,
then, such requirement shall, if the following terms are fulfilled, be deemed to
have been satisfied by the electronic records:
(a) If there exits a ground as prescribed that can be believed that any type of
change is not made in such record by any means from the fist time of its
generation in electronics form,
(b) If such record is of the nature where there is a compulsion of submitting
such document to any person it could be clearly shown to such a person
to whom it requires to do so.
8. Secured Electronic Records: If the verification has been made as prescribed
in connection with the matter as to whether or not any type of changes are
made into the electronic records generated with the application of security
procedures as prescribed, such electronic records shall be deemed to be a
secured electronic records.
9. Secured Digital Signature: Where any digital signature made in electronic
record has been examined in a manner as prescribed with the application of
such security procedure as prescribed, then, such digital signature shall be
deemed to be a secured digital signature.
Chapter - 3
Provision Relating to Dispatch, Receipt and Acknowledgement of
Electronic Records
10. Electronic Record to be Attributed to Originator: (1) Any specific
electronic record shall, in case of any of the following conditions, be attributed
to the originator:
(a) If such an electronic record was transmitted by the originator
him/herself,
9. 9
(b) If such an electronic record was transmitted by a person who had
the authority to act on behalf of the originator in respect of such
an electronic record,
(c) Such an electronic record was transmitted through any
information system that was programmed by the originator or on
behalf of the originator to operate automatically.
(2) If any condition exists as prescribed in respect of electronic
record transmitted pursuant to Sub-section (1), the addressee shall assume that
such an electronic record is attributed to any particular originator and shall
have the authority to act thereon accordingly.
11. Procedure of Receipt and Acknowledgement of Electronic Record:
(1) Where the originator requests the addressee to transmit the
acknowledgement or receipt of electronic record at the time of or before the
dispatch of such electronic record or where there is an agreement between the
originator and addressee to transmit the acknowledgement or receipt of such an
electronic record, then, the provisions of Sub-sections (2), (3) and (4) shall be
applied in relation to the receipt and acknowledgement of such an electronic
record.
(2) Where there is no agreement between the originator and
addressee that information or acknowledgement of receipt of electronic record
is to be given in a particular format or by a particular manner, such an
information or receipt may be given as the following:-
(a) by automated or any other means of communication by the
addressee,
(b) by any conduct of the addressee sufficient to indicate that the
originator has received electronic record.
(3) Where the originator has stipulated in relation to any electronic
record that such an electronic record shall be binding on him/her only after the
receipt of information or acknowledgement of receipt of such electronic record
10. 10
from the addressee, then, unless the information or acknowledgement of receipt
of such an electronic record has been so received from addressee, the electronic
record shall not be deemed to have been transmitted by the originator.
(4) Where the originator has not stipulated that the electronic record
shall be binding only on receipt of such acknowledgement, and where the
originator and addressee have not agreed upon or have not specified any time
for acknowledgement of such receipt of electronic record, then, the originator
shall have to receive such acknowledgement of receipt of such an electronic
record from addressee within a specified time as prescribed. If such
acknowledgement of receipt is not received from addressee, then, such an
electronic record shall be deemed to have not been transmitted by the
originator.
(5) Other procedures of receipt of acknowledgement of electronic
record shall be as prescribed.
12. Time and Place of Dispatch and Receipt of Electronic Record: (1)
Save as otherwise agreed between the originator and the addressee, the dispatch
of an electronic record occurs when it enters into an information system outside
the control of the originator.
(2) Save as otherwise agreed between the originator and the
addressee, the time of receipt of an electronic record shall be determined as
prescribed.
(3) Save as otherwise agreed between the originator and the
addressee, an electronic record shall be deemed to have been dispatched from
the place where the originator has his/her place of business and shall be
deemed to have been received at the place where the addressee has his/her
place of business.
Explanation: For the purpose of this Sub-section "the place of business"
means:
11. 11
(a) In case the originator or the addressee has more than one place of
business, the place of business means the place where the concerned
business shall be operated
(b) If the originator or the addressee does not have a place of business, their
place of residence shall be considered their place of business.
Chapter 4
Provisions Relating to Controller and Certifying Authority:
13. Appointment of the Controller and other Employees: (1)
Government of Nepal may, by notification in the Nepal Gazette, designate any
Government officer or appoint any person who has qualifications as
prescribed in the office of the Controller.
(2) Government of Nepal may, in order to assist the Controller
to perform his/her functions to be performed under this Act, appoint or assign a
Deputy Controller and other employees as required. The employees so
appointed or assigned shall perform their functions under the general direction
and control of the Controller.
14. Functions, Duties and Powers of the Controller:
The functions, duties and powers of the controller shall be as follows:-
(a) To issue a license to the certifying Authority,
(b) To exercise the supervision and monitoring over the activities of
Certifying Authority,
(c) To fix the standards to be maintained by certifying authority in respect
to the verification of digital signature,
(d) To specify the conditions to be complied with by the certifying authority
in operating his/her business,
(e) To specify the format of the certificate and contents to be included
therein,
12. 12
(f) To specify the procedures to be followed by the certifying authority
while conducting his/her dealings with the subscribers,
(g) To maintain a record of information disclosed by the certifying authority
under this act and to make provision of computer database accessible to
public and to update such database,
(h) To perform such other functions as prescribed.
15. License to be obtained: No person shall perform or cause to be performed
the functions of a certifying authority without obtaining a license under this
Act.
16. Application to be submitted for a License: (1) Any person willing to
work as Certifying Authority by issuing a certificate under this Act and who
has the qualifications as prescribed shall have to submit an application to the
controller in a format as prescribed accompanied by a fee as prescribed for
obtaining a license for the certification.
(2) The applicant applying under Sub-section (1) shall also attach the
following documents:
(a) Details regarding certification,
(b) Documents to prove the identification and verification of the
applicant,
(c) Statements specifying the financial resources, human resources and
other necessary facilities,
(d) Such other documents as prescribed.
(3) The controller may, if he/she thinks necessary, ask the applicant
to serve additional documents and details in connection to examine the
appropriation of the applicant as to perform the function of Certifying
Authority. If the necessary additional documents and details are so asked, no
actions shall be taken upon the application of the applicant unless he/she
submits such documents and details.
13. 13
17. Other Functions and Duties of the Certifying Authority:
Other functions and duties of the certifying authority, other than those to
issue a certificate, to suspend or revoke it, shall be as prescribed.
18. Procedure for granting of a license: (1) The Controller may, on receipt of
an application under section 16, after considering the qualification of applicant
and also the documents and statements decide upon within a period of two
months of receipt of such application whether or not such a person possesses
the financial, physical and human resources, and other facilities as prescribed
and whether or not a license should be issued to such an applicant and a notice
to that effect shall be given to him.
(2) While deciding upon the issuance of a license under Sub-section
(1), the Controller may inspect the facilities, financial and physical resources of
the applicant.
(3) If the Controller decides to issue a license under Sub-section (1),
a license in the prescribed format shall be issued to the applicant specifying the
period of validity of the license and also the terms and conditions to be
followed by him.
(4) Other procedures relating to the issuance of a license shall be as
prescribed.
19. Renewal of License: (1) A license obtained by Certifying Authority shall
have to renew in each year,
(2) A Certifying Authority desirous to renew the license under Sub-
section (1), shall have to submit and application in the prescribed format to the
Controller at least two months prior to the expiry of the period of validity of
such a license along with such renewal fee as prescribed,
(3) If an application is submitted for renewal, under Sub-section (2),
the Controller shall have to decide whether to renew the license or not, after
completing the procedures as prescribed one month prior to the expiry date of
validity of such a license,
14. 14
(4) While deciding to reject to renew a license, the applicant shall be
given a reasonable opportunity to present his/her statement in this regard.
20. License may be suspended: (1) If the documents or statement and statement
of financial and physical resources submitted by the certifying authority before
the Controller in order to obtain a license are found incorrect or false or the
conditions to be complied with in course of operation of business is not
complied with or this Act of the Rules framed hereunder are found to be
violated, the Controller may suspend the license of the certifying authority till
the inquiry in this regard is completed.
Provided that, Certifying Authority shall be given the reasonable
opportunity to present his/her defense prior to such suspension of a license.
(2) Other procedures concerning suspension of license and other
provisions related thereto be as prescribed.
21. License may be revoked: (1) If the controller believes, after completion of
an inquiry in connection to any activity of Certifying Authority, made duly, as
prescribed, that any of the following circumstances have been occurred, the
Controller may revoke a license issued under this Act, at any time, as he deems
to be appropriate:
(a) If the Certifying Authority fails to comply with the liabilities under this
act and the rules made thereunder.
(b) If it is found that the Certifying Authority has submitted false or
incorrect document or statement at the time of submitting an application
for obtaining a license or for its renewal, as the case may be.
(c) If the Certifying Authority operates business in such a manner so that it
shall make adverse effect to the public interest or to the national
economy,
(d) If the Certifying Authority commits any act that is defined as an offence
under this Act or the Rules framed hereunder.
15. 15
(2) The Controller shall, prior to revocation of a license under Sub-
section (1), provide a reasonable opportunity to the Certifying Authority to
present his/her defense.
(3) Other procedures concerning revocation of a license shall be as
prescribed.
22. Notice of Suspension or revocation of a License: (1) Where a license of
any Certifying Authority is suspended or revoked under Section 20 or 21, as
the case may be the Controller shall give a written notice to the Certifying
Authority of such suspension or revocation, as the case may be, to such a
certifying Authority and shall keep such a notice in his computer database and
also publish in the electronic form.
(2) The Controller shall publish the notice of suspension or
revocation of a license at least in two daily newspapers in Nepali and English
languages for two times.
Provided that, there shall be no effect to any decision of suspension or
revocation, as the case may be, made by the Controller under Section 20 or 21,
merely on the ground of non-publication of such a notice.
23. Recognition to Foreign Certifying Authority may be given: (1) The
Controller may with the prior approval of Government of Nepal, and subject to
such conditions and restrictions as may be prescribed, by notification in the
Nepal Gazette, recognize any Certifying Authority who has obtained a license
to certify under any foreign law. Any foreign Certifying Authority so
recognized may issue the certificates under this Act or the Rules made
thereunder throughout the Nepal.
(2) The procedures to be adopted in providing the recognition to a
foreign Certifying Authority as referred to in Sub-section (1), shall be as
prescribed.
24. The Controller may issue Orders: (1) The Controller may, in order to
cause to fulfill the responsibilities in regard to issuance of a certificate by the
16. 16
Certifying Authorities, issue directives, from time to time. It shall be a duty of
the Certifying Authority to comply with such directives.
25. The Controller may delegate power: The Controller may, in order to
perform the function to be performed by him/her delegate to any officer
subordinate to him/her to exercise all or any of his/her powers under this Act or
the Rules framed thereunder.
26. The Controller may investigate: (1) The Controller may, if he/she
believes that this Act or the Rules framed hereunder are not complied with by
the Certifying Authority or by other concerned person, conduct him/herself or
cause any officer to conduct necessary investigation in that regard.
(2) It shall be a duty of Certifying Authority to assist the
investigations, referred to in Sub-section (1).
(3) The procedure to be followed by the Controller or any other
officer in respect to investigation referred to in Sub-section (1) shall be as
prescribed.
27. Performance Audit of Certifying Authority: (1) The Controller may
conduct or cause to be conducted performance audit of the Certifying Authority
in each year.
(2) The Controller may, for the purpose of the performance audit
referred to in Sub-section (1), appoint any recognized auditor, who has
expertise in computer security or any computer expert.
(3) The Controller shall publish the report of the performance audit
in the electronic form made under Sub-section (1) by maintaining in his/her
computer database.
(4) The qualification of the performance auditor or remuneration and
the procedures of such audit shall be as prescribed.
17. 17
(5) The Controller shall fix the standard of the service of Certifying
Authority and publish a notice thereof publicly for the information to the
public-in-general.
28. The Controller to have the Access to Computers and data: (1) The
Controller shall, if there is a reasonable ground to suspect that provision of this
Act and Rules framed hereunder has been violated, have the power to have the
access to any computer system, apparatus, devices, data, information system or
any other materials connected with such system.
(2) The Controller may, for the purpose of Sub-section (1), issue
necessary directives to the owner of any computer system, apparatus, device,
data, information system or any material connected with such system or to any
other responsible person to provide technical or other cooperation as he/she
deems necessary.
(3) It shall be the duty of the concerned person to comply with such
directive issued under Sub-section (2).
29. Record to be maintained: (1) The Controller shall maintain records of all
Certificates issued under this Act.
(2) The Controller shall, in order to ensure the privacy and security
of the digital signatures, perform following functions:
(a) To use Computer Security System,
(b) To apply security procedures to ensure the privacy and
integrity of digital signature,
(c) To comply with the standard as prescribed,
(3) The Controller shall maintain and update computerized data base
of all public keys in a computer system.
(4) For the purpose of verification of Digital Signature, the
Controller shall make available a public key to any person requesting for such a
key.
18. 18
Chapter-5
Provisions Relating to Digital Signature and Certificates
30. Certifying Authority may issue a Certificate: Only a licensed or
recognized Certifying Authority under this Act may issue a Digital Signature
Certificate.
31. Apply to obtain a Certificate: (1) Any person desirous to obtain Digital
Signature Certificate may apply to the Certifying Authority in such a format
along with such fee and other statements as prescribed.
(2) On receipt of an application under Sub-section (1), the Certifying
Authority shall have to decide whether to issue or not a certificate to the
applicant within one month of such application so received.
(3) The Certifying Authority shall, if it decides to issue a certificate
under Sub-section (2), issue a Digital Signature Certificate within seven days
affixing his signature in a prescribed format with the inclusion of such
statements as prescribe and if it decides to reject to issue such certificate, the
applicant shall be notified the reasons for rejection within seven days.
32. Certificate may be suspended: (1) Certifying Authority may suspend the
Certificate in following circumstances:
(d) If the subscriber obtaining the certificate or any person
authorized to act on behalf of such a subscriber, requests to
suspend the certificate.
(e) If it is found necessary to suspend the certificate that
contravenes public interest as prescribed.
(f) If it is found that significant loss might be caused to those
persons who depend on the certificate by the reason that
provisions of this Act or the Rules framed hereunder were
not followed at the time of issuance of the certificate, and if
19. 19
the controller instructs to suspend the certificate having
specified the above ground.
(2) Grounds and procedures for suspension and release of the
suspended certificates shall be as prescribed.
33. Certificate may be revoked: (1) The Controller or the Certifying Authority
may revoke a Certificate in following conditions:
(g) Where the subscriber or any other person authorized by him
requests to revoke a certificate,
(h) If it is necessary to revoke in a certificate that contravenes
the public interest as prescribed,
(i) Upon the death of the subscriber,
(j) Upon the insolvency, winding up or dissolution of the
company or corporate body under the prevailing laws,
where the subscriber is a company or a corporate body.
(k) If it is proved that a requirement for issuance of the
Certificate was not satisfied.
(l) If a material fact represented in the certificate is proved to
be false.
(m) If a key used to generate key pair or security system was
compromised in a manner that affects materially the
Certificate's reliability.
(2) The procedures to be followed by the Controller or Certifying
Authority with respect to revocation of a Certificate shall be as prescribed.
34. Notice of Suspension or Revocation: (1) Where a Certificate is suspended
or revoked under sections 32 or 33, the Certifying Authority or the Controller,
as the case may be, shall publish a public notice thereof maintaining its record
in their repository.
20. 20
(2) It shall be the responsibility of the Certifying Authority or the
Controller, as the case may be, to communicate the subscribers as soon as
possible on suspension or revocation Certificates.
Chapter-6
Functions, Duties and Rights of Subscriber
35. To Generate Key pair: (1) Where any Certificate issued by the Certifying
Authority and accepted by subscriber, consisting of a public key which
corresponds to the key pair and to be listed in such Certificate and if such key
pair is supposed to be generated by the subscriber only, then the subscriber
shall generate such key pair by applying the secured asymmetric crypto system.
(2) Notwithstanding anything contained in Sub-section (1), if a
Certifying Authority and the subscriber have concluded an agreement or the
Certifying Authority has accepted any specific system regarding the security
system to be used to generate the key pair, then, it shall be the duty of
subscriber to apply the security system as specified in agreement or accepted
by the Certifying Authority.
36. To Accept a Certificate: (1) The certificate shall be deemed to have been
accepted by the subscriber in the following conditions:
(n) If he publishes such a certificate or authorizes to publish to
one or more persons, or
(o) If there exists any ground of his acceptance to such
certificate which may cause to believe it.
(2) If the certificate is accepted it shall be deemed that the subscriber,
by that reason, has guaranteed to all who reasonably rely on the information
contained in the certificate that-
(a) The subscriber holds the private key corresponding to the public
key and is entitled to hold the same,
21. 21
(b) All representations and information made by the subscriber to the
Certifying Authority in course of issuance of the certificate are
true and correct and all facts relevant to the information
contained in the certificate are true, and
(c) All information mentioned in the certificate is, to the best
knowledge of subscriber, is true and correct.
37. To retain the private key in a secured manner: (1) Every subscriber shall
exercise reasonable care to retain control of the private key corresponding to
the public key listed in the Certificate and adopt all measures to prevent its
disclosure to a person not authorized to affix the digital signature of subscriber.
(2) If the private key has been disclosed or compromised by any
reason whatsoever, then, the subscriber shall communicate the same without
any delay to the Certifying Authority and on receipt of such information the
Certifying Authority shall immediately suspend such a Certificate.
(3) If a certificate is suspended under this Act, it shall be a duty of
the subscriber to retain the private key under this section in a safe manner
throughout the duration of such suspension of Certificate.
38. To Deposit the Private Key to the Controller: (1) If the Controller
thinks, in order to protect the sovereignty or integrity of Nepal, to maintain the
friendly relations with friendly countries, to maintain the law and order, to
prevent from committing of any offence under the laws prevailing, and or in
other conditions as prescribed, necessary to issue an order to any subscriber to
deposit the private key to him/her specifying reason there for, such a subscriber
shall immediately deposit the private key to the Controller.
(2) The controller shall not inform any unauthorized person about the
private key deposited as per sub section (1).
22. 22
Chapter-7
Electronic Record and Government use of Digital Signature
39. Government Documents may be published in electronic form: (1)
Government of Nepal may also publish ordinance, Act, Rules Bye-laws,
Formation Orders or notifications or any other matters in the electronic form
which are published in the Nepal Gazette under the prevailing laws.
(2) Where the prevailing law provides for the filing of any form,
application or any other document or any record to be generated or retained or
secured and or any license or permit or approval or certificate to be issued or
provided or any payment to be made in any Government agency, or public
entity or in any bank or financial institution operating business within the
Nepal, it may be filed, generated, retained or secured or issued or granted in
electronic form or payment may be made in electronic mode of
communication, and, it shall not be denied to provide the legal validity to such
form, application, document record, license, permit or approval, certificate or
payment on the ground of the use of electronic form or electronic
communication mode.
40. To Accept the Document in Electronic Form: (1) Government agency
or public entity or bank or financial institutions operating business within the
Nepal may also accept any document and payment to be submitted or paid to
them under the prevailing law in electronic form or through any electronic
mode and if such documents and submitted or payment is made, as the case
may be, it shall not be denied to grant legal recognition merely on the ground
that it was accepted electronic form or through any electronic mode.
(2) Notwithstanding anything contained in Sub-section (1) no
Government agency or public entity or bank of financial institution operating
business within the Nepal shall, except in the conditions as prescribed and
government agencies as prescribed, be compelled to accept any document or
23. 23
payment in electronic form, and such an agency or institution shall, except in
the conditions and agency as prescribed, not compel to any other persons to
accept any document in electronic form or the payment through any electronic
form.
(3) For the purpose of Sub-section (1), the provision relating to the
procedure, process and format to be followed shall as prescribed.
41. Use of Digital Signature in Government Offices: (1) Where it is
required that the concerned person shall have to affix his/her signature in any
document or record for verification of such document or record to be
transmitted or issued by any Government agency or public entity or bank or
financial institution operating business within the Nepal or to be accepted by
such agency or institution then, Government of Nepal may, if it thinks
appropriate, make a provision to use digital signature instead of such a
signature.
(2) Notwithstanding anything contained elsewhere in this Act,
Government of Nepal may, for the purpose of the provision made in Sub-
section (1), prescribe additional security procedure for the verification and
authentication of such digital signature.
(3) Provisions regarding the Certifying Authority and Digital
Signature Certificate to be used by the government agency or entity referred to
in Sub-section (1), shall be as prescribed.
Chapter –8
Provisions Relating to Network Service
42. Liability of Network Service Providers: Intermediaries providing their
services as network service providers shall undertake the following liabilities in
regard to such service provided by them:
(a) Liabilities referred to in the agreement made with the subscriber in
regard to service provision,.
24. 24
(b) Liabilities referred to in the license of network service providers, and,
(c) Any such other liability as prescribed.
43. Network Service Provider not to be Liable: Notwithstanding anything
contained in Section 42, no network service provider shall be liable to bear any
criminal or civil liability arising from any fact or statement mentioned or
included in the information or data of the third party made available in
electronic form by him/her merely on the ground that he/she has made
available the access to such information or data.
Provided that, such a person or institution providing network service
shall not be relieved from such liability, if he/she has made available access to
such information or data with the knowledge that any fact or statement
mentioned or included in such information or data contravene this Act or Rules
framed hereunder.
Explanation: For the purpose of this section" Third Party" means a net work
service provider who provides service as intermediary and any person over
whom there is no control of the network service provider.
Chapter -9
Offence Relating To Computer
44. To Pirate, Destroy or Alter computer source code: When computer
source code is required to be kept as it is position for the time being the
prevailing law, if any person, knowingly or with malafide intention, pirates,
destroys, alters computer sources code to be used for any computer, computer
programme, computer system or computer network or cause, other to do so,
he/she shall be liable to the punishment with imprisonment not exceeding three
years or with a fine not exceeding two hundred thousand Rupees or with both.
Explanation: For the purpose of this section "computer source code" means
the listing of programmes, computer command, computer design and layout
and programme analysis of the computer resource in any form.
25. 25
45. Unauthorized Access in Computer Materials: If any person with an
intention to have access in any programme, information or data of any
computer, uses such a computer without authorization of the owner of or the
person responsible for such a computer or even in the case of authorization,
performs any act with an intention to have access in any programme,
information or data contrary to from such authorization, such a person shall be
liable to the punishment with the fine not exceeding Two Hundred Thousand
Rupees or with imprisonment not exceeding three years or with both depending
on the seriousness of the offence.
46. Damage to any Computer and Information System: If any person
knowingly and with a mala fide intention to cause wrongful loss or damage to
any institution destroys, damages, deletes, alters, disrupts any information of
any computer source by any means or diminishes value and utility of such
information or affects it injuriously or causes any person to carryout such an
act, such a person shall be liable to the punishment with the fine not exceeding
two thousand Rupees and with imprisonment not exceeding three years or with
both.
47. Publication of illegal materials in electronic form: (1) If any person
publishes or displays any material in the electronic media including computer,
internet which are prohibited to publish or display by the prevailing law or
which may be contrary to the public morality or decent behavior or any types
of materials which may spread hate or jealousy against anyone or which may
jeopardize the harmonious relations subsisting among the peoples of various
castes, tribes and communities shall be liable to the punishment with the fine
not exceeding One Hundred Thousand Rupees or with the imprisonment not
exceeding five years or with both.
(2) If any person commit an offence referred to in Sub-section (1)
time to time he/she shall be liable to the punishment for each time with one and
one half percent of the punishment of the previous punishment.
26. 26
48. Confidentiality to Divulge: Save otherwise provided for in this Act or Rules
framed hereunder or for in the prevailing law, if any person who has an access
in any record, book, register, correspondence, information, documents or any
other material under the authority conferred under this Act or Rules framed
hereunder divulges or causes to divulge confidentiality of such record, books,
registers, correspondence, information, documents or materials to any
unauthorized person, he/she shall be liable to the punishment with a fine not
exceeding Ten Thousands Rupees or with imprisonment not exceeding two
years or with both, depending on the degree of the offence.
49. To inform False statement: If any person with an intention to obtain a
license from Certifying Authority under this Act or with any other intention
either to Controller or with an intention to obtain Digital Signature Certificate
or with any other intention conceals statement knowingly or lies any statement
to be submitted to the Certifying Authority any false statements shall be liable
to the punishment with a fine not exceeding One Hundred Thousands rupees
or with an imprisonment not exceeding two years or with both.
50. Submission or Display of False License or Certificates: (1) If any
person who works as a Certifying Authority without a license issued by the
Controller under this Act, shall be liable to the punishment with a fine not
exceeding one hundred thousands Rupees or with an imprisonment not
exceeding two years or with both, depending on seriousness of the offence.
(2) Any person without obtaining a license from the Certifying
Authority publishes a fake license or false statement in regard to license or
provides to any person by any other means, shall be liable to the punishment
not exceeding one hundred thousand Rupees in the case where the act referred
to in Sub-section (1) has not been accomplished by such a person.
(3) If any person publishes or otherwise makes available a certificate
to any other person by any means knowingly that a certificate is not issued by
the Certifying Authority referred to in such a certificate or the subscriber listed
in such certificate has not accepted the certificate or such a certificate is already
27. 27
suspended or revoked, shall be liable to the punishment with a fine not
exceeding one hundred thousands Rupees or with an imprisonment not
exceeding two years or with both.
Provided that, if such a certificate suspended or revoked is published or
provided for the purpose of verification of the Digital Signature before it was
suspended or revoked, it shall not be deemed to have been committed an
offence under this Sub-section.
51. Non-submission of Prescribed Statements or Documents: (1) If any
person responsible to submit any statement, document or report to the
Controller or Certifying Authority under this Act or Rules framed hereunder,
fails to submit such statement, document, or report within the specified time
limit, such a person shall be liable to the punishment with a fine not exceeding
fifty thousands Rupees.
(2) Any person who fails to maintain duly any book, register, records
or account and in a secured manner to be maintained duly and in a secured
manner under this Act or Rules framed hereunder shall be liable to the
punishment with a fine not exceeding fifty thousands Rupees.
52. To commit computer fraud: If any person, with an intention to commit any
fraud or any other illegal act, creates, publishes or otherwise provides digital
signature certificate or acquires benefit from the payment of any bill, balance
amount of any one's account, any inventory or ATM card in connivance of or
otherwise by committing any fraud, amount of the financial benefit so acquired
shall be recovered from the offender and be given to the person concerned and
such an offender shall be liable to the punishment with a fine not exceeding one
hundred thousand Rupees or with an imprisonment not exceeding two years or
with both.
53. Abetment to commit computer related offence: A person who abets
other to commit an offence relating to computer under this Act or who attempts
or is involved in the conspiracy to commit such an offence shall be liable to the
28. 28
punishment with a fine not exceeding fifty thousand Rupees or with
imprisonment not exceeding six months or with both, depending on the degree
of the offence.
54. Punishment to the Accomplice: A person who assists others to commit
any offence under this Act or acts as accomplice, by any means shall be liable
to one half of the punishment for which the principal is liable.
55. Punishment in an offence committed outside Nepal: Notwithstanding
anything contained in the prevailing laws, if any person commits any act which
constitutes an offence under this Act and which involves the computer,
computer system or computer network system located in Nepal, even though
such an act is committed while residing outside Nepal, a case may be filed
against such a person and shall be punished accordingly.
56. Confiscation: Any computer, computer system, floppy, compact disks, tape
drivers, softwares or any other accessory devices used to commit any act
deemed to be an offence relating to computer under this Act shall be liable to
confiscation.
57. Offences Committed by a corporate body: (1) If any act is done by a
corporate body which deems an offence under this Act, such an offence shall
be deemed to have been committed by a person who was responsible as chief
for the operation of the corporate body at the time of committing such an
offence.
Provided that, if the person who was responsible as a chief for the
operation of such a corporate body proves that such an offence was committed
without his/her knowledge or that he/she exercised all reasonable efforts to
prevent such an offence, he/she shall not be liable to the guilty.
(2) Notwithstanding anything contained in Sub-section (1), if it is
proved that any offence under this Act committed by a corporate body with the
consent or in knowledge or by the reason of negligence of a director, manager,
secretary or any other responsible person of such corporate body, such an
29. 29
offence shall be deemed to have been committed by such a corporate body and
by a director, manager, secretary or other responsible person of such a
corporate body.
58. Other Punishment: If any violation of this Act or Rules framed hereunder
has been committed, for which no penalty has been separately provided, such a
violator shall be liable to the punishment with a fine not exceeding fifty
thousand Rupees, or with an imprisonment not exceeding six months or with
both.
59. No Hindrance to Punish Under the Laws prevailing: If any act deemed to be
an offence under this Act shall also be deemed to be another offence under the
laws prevailing, it shall not be deemed to have been hindered by this Act to file
a separate case and punish accordingly.
Chapter-10
Provisions Relating to Information Technology Tribunal
60. Constitution of a Tribunal: (1) Government of Nepal shall, in order to
initiate the proceedings and adjudicate the offences concerning computer as
referred to in Chapter -9, constitute a three member Information Technology
Tribunal consisting of one member each of law, Information Technology and
Commerce by notification in the Nepal Gazette from amongst the persons who
are qualified under section 60.
(2) The Law Member shall be the chairperson of the Tribunal.
(3) The Tribunal shall exercise its jurisdiction as prescribed.
(4) Any person aggrieved by an order or a decision made by Tribunal
may appeal to the Appellate Tribunal within thirty five days from the date of
such order or decision, as the case may be.
61. Qualification of the Member of the Tribunal: (1) Any person who has
the knowledge in information technology and, who is or who has been or who
30. 30
is qualified to be a judge in the District Court, shall be eligible to be a law
member of the Tribunal.
(2) A Nepalese citizen who holds at least master degree in computer
science or information technology and who has at least three years experience
in the field of electronic transactions, information technology or electronic
communication, shall be eligible to be a information technology member of the
Tribunal.
(3) A Nepali citizen who holds at least master degree in management
or commerce and who has specialization in the field of electronic transaction
and who has at least three years experience in the related field shall be eligible
to be a commerce member of the Tribunal.
62. Terms of office, remuneration and conditions of service of the
Member of Tribunal: (1) The term of office of a member of the Tribunal
shall be of five years and he/she shall be eligible for reappointment.
(2) Remuneration and the terms and conditions of the service of a
Member of the Tribunal shall as prescribed.
(3) Every Member of the Tribunal shall, before assuming his/her
office, take the oath of his/her office and secrecy before the Chief Judge of
Appellate Court in a format and in a manner as prescribed.
63. Circumstances under which office shall be fallen vacant and filling
up of vacancy: (1) Office of a Member of the Tribunal shall be fallen
vacant in the following circumstances:
a) On expiry of terms of office,
b) On attainment of sixty three years of age.
c) On death,
d) If one tenders resignation,
e) If one is convicted by a court on any criminal offence involving
moral turpitude, or
31. 31
f) If it is proved that one has misbehavior or has become
incompetent to perform one's duty while making an inquiry by
Government of Nepal on the charge that one has misbehavior
against one's office or has become incompetent to perform one's
duty.
Provided that, a Member of the Tribunal charged under this
Clause shall given a reasonable opportunity to defense his/her case.
(2) Notwithstanding anything contained in Clause (f), if the
law member of the Tribunal is a sitting judge, while making such an
inquiry, it shall be done in accordance with the prevailing law
concerning his/her terms of service.
(3) The procedure of inquiry, for the purpose of Clause (f) of
Sub-section Sub-section (1), shall be as prescribed.
(4) Government of Nepal shall, in case of vacancy of the
office of any member of Tribunal under Sub-section (1), fulfill such
vacancy from among the persons who are qualified under section 61 for
remaining term of office of such a member.
64. Staff of the Tribunal: (1) Government of Nepal shall make available
necessary staff to the Tribunal to perform its functions.
(2) Other provisions regarding the staff of the Tribunal shall be as
prescribed.
65. Procedures to be followed by the Tribunal: The Tribunal shall, while
initiating proceedings and adjudicating the case under section 60, shall follow
the procedures as prescribed.
Chapter-11
Provisions Relating to Information Technology Appellate Tribunal
66. Establishment and formation of the Appellate Tribunal: (1)
Government of Nepal shall, in order to hear the appeal against the order or the
32. 32
decision made by the Tribunal and to hear the appeal against the decision or
order made by the Controller or by the Certifying Authority, as the case may
be, under this Act, by notification in the Nepal Gazette, establish a three
member Information Technology Appellate Tribunal consisting of one member
each of law, information technology and commerce from among the persons
who are qualified under section 67,
(2) Law Member shall be the chairperson of the Appellate Tribunal.
(3) Exercise of the jurisdiction of Appellate Tribunal shall be as
prescribed.
67. Qualification of the Member of Appellate Tribunal: (1) A person who
has the knowledge in information technology and who is or who has already
been or who is qualified to be a judge in the Appellate Court shall be eligible to
be a law member of the Appellate Tribunal.
(2) A Nepali citizen who holds at least master degree in computer
science or information technology and who has at least five years experience in
the electronic transaction, information technology or electronic communication
shall be eligible to be an information technology member of the Tribunal.
(3) A Nepali citizen who holds at least master degree in management
or commerce and who has specialization in the field of electronic transactions
and who has at least five years experience in the relevant field, shall be eligible
to be a commerce member.
68. Terms of Office, Remuneration and Terms & Conditions of the
service of the Member of Appellate Tribunal: (1) The term of office of
the member of the Appellate Tribunal shall be of five years and he/she shall be
eligible for reappointment.
(2) Remuneration and other terms and conditions of the services of
the members of the Appellate Tribunal shall as prescribed.
33. 33
(3) A member of the Appellate Tribunal shall, before assuming
his/her office after appointment, take the oath of his/her office and secrecy
before the Chief Justice of the Supreme Court.
69. Conditions of Vacancy of Office and filling up of such Vacancy: (1)
Office of a Member of Appellate Tribunal shall be fallen vacant in the
following circumstances:
(a) On expiry of terms of office,
(b) On attainment of sixty three years age,
(c) On death,
(d) If one tenders resignation
(e) If one is convicted by a court on any criminal offence involving
moral turpitude, and,
(f) If it is proved that one has misbehavior or has become
incompetent to perform one's duty, while making an inquiry by
Government of Nepal on the charge that one has misbehavior
against one's office or has become incompetent to perform one's
duty.
Provided that, a member of the Appellate Tribunal charged under this
Clause shall be given a reasonable opportunity to defense his/her case.
(2) Notwithstanding anything contained in Clause (f), if the law
member of the Tribunal is a sitting judge, while making such an inquiry, it shall
be done in accordance with the prevailing law concerning his/her terms of
service.
(3) The procedure of inquiry, for the purpose of Clause (f) of Sub-
section (1), shall as prescribed.
(4) Government of Nepal shall, in case of vacancy of the office of
any member of Tribunal under Sub-section (1), fulfill such vacancy from
34. 34
amongst the persons who are qualified under section 67 for remaining term of
office of such a member.
70. Staff of the Appellate Tribunal: (1) Government of Nepal shall make
available necessary staff to Appellate Tribunal to perform its functions.
(2) Other provisions regarding the staff of the Appellate Tribunal
shall be as prescribed.
71. Procedures to be followed by the Appellate Tribunal: The Tribunal
shall, while initiating proceedings and adjudicating the appeal filed before it,
shall follow the procedures as prescribed.
Chapter-12
Miscellaneous
72. Provision may be made by an Agreement: The parties involved to the
work for creating, transmitting, receiving, storage or for processing through
any other means, of any electronic record may make the provision by an
agreement, not to apply any or all provisions of the Chapter 3 or to alter some
of the provisions referred to in the said Chapter in course of their business and
may make the provisions to regulate their activities accordingly.
73. Government of Nepal may issue Directives: Government of Nepal may, in
regard to the implementation of this Act, issue necessary directives to the
Controller or Certifying Authority, and in such a case, it shall be a duty of the
Controller or Certifying Authority, as the case may be, to comply with such
directives.
74. Time Limitation to file a Complaint: If a violation of this Act or Rules
framed hereunder has been occurred or if any act deemed to be an offence
under this Act has been committed, first information report in regard to such a
violation or an offence shall have to file within thirty five days of the
information on which such a violation has been occurred or an offence has
been committed.
35. 35
75. Government of Nepal to be a Plaintiff: (1) Any case deemed to be an
offence under this Act shall be initiated by Government of Nepal as plaintiff
and such a case shall be deemed have been included in Schedule 1 of the
Government Cases Act, 1992 (2049).
(2) While conducting investigation of a case under Sub-section (1),
the police has to take assistance of the Controller or other concerned expert, as
the case may be.
76. Compensation to be Recovered: If any loss or damage has been caused to
any person by the reason of offence committed under this Act, the
compensation of such loss or damage shall also be recovered from the offender.
77. This Act shall not Apply: (1) Notwithstanding anything contained elsewhere
in this Act, this Act shall not be applied in the following matters:
(a) Negotiable Instruments as referred to in the Negotiable
Instruments Act, 2034 (1977).
(b) Deed of will, deed of mortgage, bond, deed of conveyance,
partition or any such deed related with transfer of the title in any
immovable property,
(c) Any other document which demonstrates title or ownership in
any immovable property,
(d) Power of Attorney, statement of claim, statement of defense or
any such other documents as may be used in courts proceedings,
(e) Statement of claim, counter-claim, statement of defense or any
such other document as may be submitted in writing in the
proceedings of any Arbitration,
(f) Documents as prescribed by the prevailing law that requires not
to retain in electronic form.
36. 36
(2) Notwithstanding anything contained in Sub-section (1)
Government of Nepal may, by notification in the Nepal Gazette, alter the
documents referred to in Sub-section (1).
78. Power to Frame Rules: Government of Nepal may in order to fulfill the
objective of this Act, frame necessary Rules.
79. To Frame and Enforce the Directives: Government of Nepal may, in
order to achieve the objective of this Act, frame and enforce necessary
directives, subject to this Act and Rules framed hereunder.
80. Effect of inoperativeness of The Electronic Transactions Ordinance,
2063 (2008): With the Electronic Transactions Ordinance, 2063 (2008) being
inoperative, unless a different intention appears, the inoperativeness shall not,
(a) Revive anything not prevailing or existing at the time, at which
the Ordinance became inoperative,
(b) Affect the matter in operation as per the Ordinance or anything
duly done or any punishment suffered there under,
(c) Affect any right, privilege, obligation or liability acquired,
accrued or incurred under the Ordinance,
(d) Affect any penalty, punishment or forfeiture incurred under the
Ordinance,
(e) Affect any action or remedy made or taken in respect of any such
right, privilege, obligation, liability, penalty or punishment as
aforesaid; and any such legal proceeding or remedy may be
instituted, continued or enforced as if the Ordinance were in
force.