SlideShare a Scribd company logo
IT AA 2008 Overview
Nanda Mohan Shenoy D
CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in
EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empanelled CPE Trainer
Director
Agenda
• PART-A
–Why should we know the IT Act?
–Background & Evolution of IT Act 2000/8
–Important Provisions of IT ACT 2000/8
2
www.bestfitsolutions.co.in
Evolution of IT Act
• The United Nations General Assembly
adopted the Model Law on Electronic
Commerce on 30th Jan 1997-UNCITRAL
Model Law of E-Commerce
• Draft e-Commerce Act 1998 released for
public comments
• IT Bill in 1999
3
Incident-1
• I Love you virus-5th May 2000
• The IT Act 2000 enacted on
–17th May
– 9th June Presidential
–17th October Bill passed
• India became the 12th Nation
to have the same
4
Incident-2
• Dec 2004
• CEO was arrested
• Sale of CD with
objectionable material
• The then PM orders
review of the IT Act
• Expert committee gives
the comment in Aug
2005
• Amendment in 2006
5
Incident-3
6
Relation to IT Act 2008?
Dates
• December 23& 24 - 2008 the IT
Amendment Bill immediately after 26/11
–8 Bills in 17 Minutes
• Got Presidential Assent on Feb 5th 2009
• Notified for effectiveness on 27th October
2009 with the passing of the rules.
• Amended on 11th April 2011 43A,79,6A
7
2000 vs 2008
• 2000
–E-commerce
• 2008
–Security focused
–Data Protection
8
1
2000 Vs 2008
2000 2008
Chapters xiii xiv
Sections 94 119*
Schedules IV II
9
2
The last section in the
amended act is Sec 90
,then how come 119
Sections?
Related Amendments
• 2000( Schedules)
–Indian Penal Code 1860
–The Indian Evidence Act 1872
–The Bankers Book Evidence Act 1891
–The RBI Act 1934
• 2008(Part 3 and 4)
–Indian Penal Code 1860
–The Indian Evidence Act 1872
10
Chapter wise Sections
11
I-PRELIMINARY(2) 1,2
II-DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE(2) 3,3A
III-ELECTRONIC GOVERNANCE(10) 4,5,6,6A,7,7A,8,9,10,10A
IV-ATTRIBUTION, ACKNOWLEDGMENT AND DISPATCH OF
ELECTRONIC RECORDS(3)
11,12,13
V-SECURE ELECTRONIC RECORDS AND SECURE
ELECTRONIC SIGNATURES(3)
14,15,16
VI-REGULATION OF CERTIFYING AUTHORITIES(17) 17,18,19,20,21,22,23,24,25,26,27,2
8,29,30,31,32,33,34
VII-ELECTRONIC SIGNATURE CERTIFICATES(5) 35,36,37,38,39
Chapter wise Sections
12
VIII-DUTIES OF SUBSCRIBERS(4) 40,40A,41,42
IX-PENALTIES, COMPENSATION AND
ADJUDICATION(6)
43,43A,44,45,,46,,47
X-THE CYBER APPELLATE TRIBUNAL(21) 48,49,50,51,52,52A,52B,52C,52D,53,54,55,5
6,57,58,59,60,61,62,63,64
XI-OFFENCES(29) 65,66,66A,66B,66C,66D,66E,66F,67,67A,67B,
67C,68,69,69A,69B,70,70A,70B,71,72,72A,7
3,74,75,76,77,77A,77B,78
XII-INTERMEDIARIES NOT TO BE LIABLE IN
CERTAIN CASES(1)
79
XIIA-EXAMINER OF ELECTRONIC EVIDENCE(1) 79A
XIII-MISCELLANEOUS(15) 80,81,81A,,82,83,84,84A,84B,84C,85,86,87,
88,89,90,91,92,93,94
Exceptions-Schedule-I
• Documents or Transactions to which the Act
shall not apply
– A negotiable instrument (other than a cheque) as defined in sec
13 of the NI Act ,1881
– A power of Attorney as defined in Sec1 A of the Power of Attorney
Act 1882
– A Trust as defined in Sec 3 of the Indian Trust Act ,1882
– A will as defined in clause (h) of the Sec 2 of the Indian
Succession Act ,1925
– Any contract for sale or conveyance of immovable property or any
interest in such property
– Any such class of documents or transaction notified by Central
Government
13
Chapter-III-Sec 3
3. Authentication of Electronic Records
(1) Subject to the provisions of this section
any subscriber may authenticate an
electronic record by affixing his Digital
Signature.
(2) The authentication of the electronic
record shall be effected by the use of
asymmetric crypto system and hash
function which envelop and transform the
initial electronic record into another
electronic record.
14
Chapter-III-Sec 3A
3-A. Electronic Signature
(1) Notwithstanding anything contained in
section 3, but subject to the provisions of
sub-section(2), a subscriber may
authenticate any electronic record by such
electronic signature or electronic
authentication technique which -
(a) Is considered reliable; and
(b) May be specified in the Second
Schedule
15
Chapter-III-Sec 3A
(2) For the purposes of this section any electronic signature or
electronic authentication technique shall be considered reliable if-
(a) the signature creation data or the authentication data are,
within the context in which they are used, linked to the signatory
or, as the case may be, the authenticator and of no other
person;
(b)The signature creation data or the authentication data were, at
the time of signing, under the control of the signatory or, as the
case may be, the authenticator and of no other person;
(c) Any alteration to the electronic signature made after affixing
such signature is detectable;
(d) Any alteration to the information made after its authentication
by electronic signature is detectable; and
(e) It fulfills such other conditions which may be prescribed.
16
Chapter-III-Sec 3A
(3) The Central Government may prescribe the
procedure for the purpose of ascertaining
whether electronic signature is that of the
person by whom it is purported to have been
affixed or authenticated.
(4) The Central Government may, by
notification in the Official Gazette, add to or
omit any electronic signature or electronic
authentication technique and the procedure
for affixing such signature from the Second
Schedule;
17
Schedule-II
• Schedule II of the IT Act 2000 defined the
various types of Electronic Signature
• Schedule II was empty when amended in
2008
• Government vide it's Gazzette notification
dated 27th January 2015 has issued
"Electronic Signature or Electronic
Authentication Technique and Procedure
Rules, 2015” under which e-authentication
technique using Aadhaar e-KYC services
is a valid electronic signature
18
How E-sign Looks
19
Screen Shot
20
Chapter-III-Sec 4
Legal Recognition of Electronic Records.
Where any law provides that information or any
other matter shall be in writing or in the
typewritten or printed form, then, notwithstanding
anything contained in such law, such
requirement shall be deemed to have been
satisfied if such information or matter is -
(a) Rendered or made available in an electronic
form; and
(b)accessible so as to be usable for a subsequent
reference
21
Chapter-III Sec 5
Legal recognition of Electronic Signature.
Where any law provides that information or any
other matter shall be authenticated by affixing the
signature or any document should be signed or
bear the signature of any person then, not
withstanding anything contained in such law, such
requirement shall be deemed to have been
satisfied, if such information or matter is
authenticated by means of electronic signature
affixed in such manner as may be prescribed by the
Central Government.
22
Chapter-III Sec-7
Retention of Electronic Records -
(1) Where any law provides that documents,
records or information shall be retained for
any specific period, then, that requirement
shall be deemed to have been satisfied if
such documents, records or information
are retained in the electronic form, if -
(a) the information contained therein
remains accessible so as to be usable
for a subsequent reference;
23
Chapter-III Sec-7 contd..
(b)the electronic record is retained in the
format in which it was originally
generated, sent or received or in a format
which can be demonstrated to represent
accurately the information originally
generated, sent or received;
(c)the details which will facilitate the
identification of the origin, destination,
date and time of dispatch or receipt of
such electronic record are available in the
electronic record:
24
Chapter-III Sec-7A
Audit of Documents etc in Electronic
form -
Where in any law for the time being in force,
there is a provision for audit of documents,
records or information, that provision shall
also be applicable for audit of documents,
records or information processed and
maintained in electronic form.
25
Chapter-III Sec- 9
Sections 6, 7 and 8 Not to Confer Right to insist
document should be accepted in electronic form -
• Nothing contained in sections 6, 7 and 8 shall confer a
right upon any person to insist that any Ministry or
Department of the Central Government or the State
Government or any authority or body established by or
under any law or controlled or funded by the Central or
State Government should accept, issue, create, retain
and preserve any document in the form of electronic
records or effect any monetary transaction in the
electronic form.
26
Chapter-III Sec- 10 A
Validity of contracts formed through electronic
means.-
• Where in a contract formation, the
communication of proposals, the acceptance of
proposals, the revocation of proposals and
acceptances, as the case may be, are
expressed in electronic form or by means of an
electronic record, such contract shall not be
deemed to be unenforceable solely on the
ground that such electronic form or means was
used for that purpose.
27
Chapter-III
• Sec-13
–Desptach
–Timing
–Place
• Sec 12
–Acknowledgment
28
Chapter-V-Sec 15
Secure Electronic Signature. -
• An electronic signature shall be deemed to
be a secure electronic signature if-
– (i) The signature creation data, at the time of affixing
signature, was under the exclusive control of
signatory and no other person; and
– (ii) The signature creation data was stored and
affixed in such exclusive manner as may be
prescribed.
– Explanation - In case of digital signature, the
"signature creation data" means the private key of the
subscriber
40
Chapter-IX
• Section 43
–Penalty and Compensation for damage
to computer, computer system,
etc(Amended vide ITAA-2008)- how
much not stipulated in this section
• Section 43-A
–Compensation for failure to protect data.
41
Chapter-IX-Sec 43
If any person without permission of the owner or
any other person who is in charge of a
computer, computer system or computer
network, -
(a) Accesses or secures access to such
computer, computer system or computer
network or computer resource;
(b)downloads, copies or extracts any data,
computer data base or information from such
computer, computer system or computer
network including information or data held or
stored in any removable storage medium;
42
Chapter-IX-Sec43
(c) Introduces or causes to be introduced any
computer contaminant or computer virus into
any computer, computer system or computer
network
(d)damages or causes to be damaged any
computer, computer system or computer
network, data, computer data base or any
other programs residing in such computer,
computer system or computer network;
(e)Disrupts or causes disruption of any computer,
computer system or computer network;
43
What is damage ?
(f)Denies or causes the denial of access to any person
authorised to access any computer, computer system
or computer network by any means;
(g)provides any assistance to any person to facilitate
access to a computer, computer system or computer
network in contravention of the provisions of this Act,
rules or regulations made there under;
(h)Charges the services availed of by a person to the
account of another person by tampering with or
manipulating any computer, computer system, or
computer network;
44
What is damage ?
(i)destroys, deletes or alters any information
residing in a computer resource or diminishes
its value or utility or affects it injuriously by
any means;
(j) Steals, conceals, destroys or alters or
causes any person to steal, conceal, destroy
or alter any computer source code used for
a computer resource with an intention to
cause damage;
he shall be liable to pay damages by way of
compensation to the person so affected
45
Sec-43 A
• Where a body corporate, possessing,
dealing or handling any sensitive personal
data or information in a computer resource
which it owns, controls or operates, is
negligent in implementing and maintaining
reasonable security practices and
procedures and thereby causes wrongful loss
or wrongful gain to any person, such body
corporate shall be liable to pay damages by
way of compensation, to the person so
affected. (Change vide ITAA 2008)
46
Sec 43 A- Explanation
"Body corporate" means any
company and includes a firm, sole
proprietorship or other association
of individuals engaged in
commercial or professional
activities;
47
SPDI
"sensitive personal data or
information" means such
personal information as may
be prescribed by the Central
Government in consultation
with such professional bodies
or associations as it may deem
fit.
48
SPDI
It is defined in the
• THE INFORMATION TECHNOLOGY
(REASONABLE SECURITY PRACTICES
AND PROCEDURES AND SENSITIVE
PERSONAL DATA OR INFORMATION)
RULES, 2011
49
Sec3-SPDI -Rules
(i)Password
(ii)Financial information such as bank
account, credit card, debit card or other
payment instrument details
(iii)Physical, physiological and mental health
condition
(iv)Sexual orientation
(v)Medical records and history
(vi)Biometric information
50
Sec3-SPDI –Rules contd..
(vii) any detail relating to the above clauses as
provided to body corporate for providing service;
and
(viii) any of the information received under above
clauses by body corporate for processing, stored
or processed under lawful contract or otherwise:
provided that, any information that is freely
available or accessible in public domain or
furnished under the Right to Information Act,
2005 or any other law for the time being in force
shall not be regarded as sensitive personal data
or information for the purposes of these rules.
51
Biometrics
• PID Block
• Signer Certificate at server level
52
3
In what format is the biometric
information stored in the
computer
Reasonable Security Practices &
Procedures
• Security practices and procedures designed to protect
such information from unauthorized access, damage,
use, modification, disclosure or impairment, as may be
specified in an agreement between the parties or in
any law for the time being in force and in the absence
of such agreement or any law, such reasonable
security practices and procedures, as may be
prescribed by the Central Government in consultation
with such professional bodies or associations as it
may deem fit.
53
Reasonable Security Practices
Defined in the
• THE INFORMATION TECHNOLOGY
(REASONABLE SECURITY PRACTICES
AND PROCEDURES AND SENSITIVE
PERSONAL DATA OR INFORMATION)
RULES, 2011
54
Rules
(1) if they have implemented such security practices and
standards and have a comprehensive documented
information security programme and information security
policies that contain managerial, technical,operational and
physical security control measures that are commensurate
with the information assets being protected with the nature
of business.
In the event of an information security breach, it shall be
required to demonstrate, as and when called upon to do
so by the agency mandated under the law, that they have
implemented security control measures as per their
documented information security programme and
information security policies.
55
Rules-contd
(2) The International Standard IS/ISO/IEC 27001 on
“Information Technology – Security Techniques –
Information Security Management System – Requirements”
is one such standard referred to in sub-rule (1).
(3) Any industry association or an entity formed by such an
association, whose members are self-regulating by
following other than IS/ISO/IEC codes of best practices for
data protection as per sub-rule(1), shall get its codes of
best practices duly approved and notified by the Central
Government for effective implementation.
(4) The body corporate or a person on its behalf who have
implemented either IS/ISO/IEC
56
Rules-contd
(4) Those who have implemented either IS/ISO/IEC
27001 standard or the codes of best practices for data
protection as approved and notified under sub-rule (3)
shall be deemed to have complied with reasonable
security practices and procedures provided that such
standard or the codes of best practices have been
certified or audited on a regular basis by entities
through independent auditor, duly approved by the
Central Government. The audit of reasonable
security practices and procedures shall be carried out
by an auditor at least once a year or as and when
significant up gradation of its process and computer
resource
57
Chapter-XI Offences
Imprisonment
Fines
58
Chapter-XI
59
Offence Sec
Years Lac
Tampering with computer Source documents 65 3 2
Computer Related Offences to be read with Sec 43 66 3 5
Punishment for dishonestly receiving stolen
computer resource or communication device.(akin
to Sec 411 of IPC)
66B 3 1
Punishment for identity theft. 66C 3 1
Punishment for cheating by personation by using
computer resource
66D 3 1
Punishment for violation of privacy. 66E 3 2
Cyber Terrorism
66F
Life
Chapter-XI
60
Offence Sec
Years Lac
Transmission of obscene material in
electronic form in addition to publishing.
67 3(5) 5(10)
Punishment for publishing or transmitting of
material containing sexually explicit act in
electronic form
67A 5(7) 10(10)
Punishment for publishing or transmitting of
material depicting children in sexually explicit act in
electronic form
67B 5(7) 10(10)
Preservation and Retention of information by
intermediaries
67C 3 Not
defined
Non Compliance to the directions of the Controller 68 2 1
Failure to assist the agency seeking for interception
or monitoring or decryption of any information
through any computer resource
69 7 Not
defined
Sec 67A
61
4
Provided that the provisions of section 67, section 67-A and this section does not extend to any book, pamphlet, paper,
writing, drawing, painting, representation or figure in electronic form-
(i) The publication of which is proved to be justified as being for the public good on the ground that such book,
pamphlet, paper writing, drawing, painting, representation or figure is in the interest of science, literature, art or learning or
other objects of general concern; or
(ii) Which is kept or used for bonafide heritage or religious purposes.
Chapter-XI
62
Offence Sec
Years Lac
Any person who secures access or attempts to
secure access to a protected system
70 10 Not
Defined
Penalty for misrepresentation to Controller/CA 71 2 1
Penalty for breach of confidentiality and privacy.- 72 2 1
Punishment for Disclosure of information in breach
of lawful contract
72A 3 5
Penalty for publishing electronic Signature
Certificate false in certain particulars
73 2 1
Use of Electronic Signature Certificate for any
fraudulent or unlawful purpose
74 2 1
Type of Offence
• Cognizable
>= 3 Lac
• Bailable
<= 3Lac
What is the liability under Sec 43A?
63
5
ISO 27001 Vs IT(A)A-2008
64
IT Act Section Annexure A Controls for the Section
Section 43: Penalty for damage to
computer, computer system, etc.
A.8.1.3 Acceptable Use of Assets
Section 65: Tampering with computer
source documents
A.8.1.3 Acceptable Use of Assets
A.8.2.3 Handling of Assets
A.9.1.1 Access control policy
Section 66: Hacking with computer
system
A.8.1.3 Acceptable Use of Assets
A.9.1.2 Access to networks and
network devices
A.13.1.1 Network Controls
A.13.1.2 Security of network
services
Section 67:,67A,67B,67C Publishing of
information which is obscene in
electronic form
A.8.1.3 Acceptable Use of Assets
A.13.2.1Information transfer
policies and procedures
A.13.2.3 Electronic messaging
ISO 27001 Vs IT(A)A-2008
65
IT Act Section Annexure A Controls for the Section
Section 72 & 72A : Penalty for breach
of confidentiality and privacy
A.8.1.3 Acceptable Use of Assets
A.9.1.1 Access control policy
A.9.2.3 Management of privileged access rights.
A.9.4.2 Secure log-on procedures
A.12.4.1 Event logging
A.12.4.2 Protection of log information
A.12.4.3 Administrator and operator logs
A.12.6 Technical vulnerability management
A.9.1.2 Access to networks and network devices
A.13.1.1 Network Controls
A.13.1.2 Security of Network Services
Section 85: Offences by companies A.5.1 Policies on Information Security
A.8.1.3 Acceptable Use of Assets
A.13.2.1Information transfer policies and
procedures
A.13.2.3 Electronic messaging
• Take the Online Quiz now
66
Evaluation & Feedback
• https://goo.gl/forms/E2JKPumUjh4h5k2
w1
• https://goo.gl/forms/vtx10YCC8GF1PQMM
2
67
List of Rules-1
• Information Technology (Certifying Authorities)
Rules, 2000.
• Information Technology (IT) Security Guidelines
Rule 19 (2)
• Security Guidelines For Certifying Authorities
Rule 19 (2)
• Form For Application For Issue Of Digital
Signature Certificate Rule 23
• The Cyber Regulations Appellate Tribunal
(Procedure) Rules, 2000
List of Rules-2
• Information Technology (Certifying Authority)
Regulations, 2001
• Cyber Regulations Appellate Tribunal
(Procedure For Investigation Of Misbehaviour or
Incapacity Of Presiding Officer) Rules, 2003
• Information Technology (Other Powers Of Civil
Court Vested In Cyber Appellate Tribunal) Rules
2003
• Information Technology (Other Standards)
Rules, 2003.
List of Rules-3
• The Information Technology (Qualification and
Experience of Adjudicating Officers and Manner
of Holding Enquiry) Rules, 2003
• The Cyber Regulations Appellate Tribunal
(Salary, Allowance and other Terms and
Conditions of Service of Presiding Officer)
Rules, 2003.
• Information Technology (Use Of Electronic
Records And Digital Signatures) Rules, 2004
• The Information Technology (Security
Procedure) Rules, 2004
List of Rules-4
• Blocking Of Websites Ministry Of
Communication And Information
Technology
• The information technology (reasonable
security practices and procedures and
sensitive personal data or information)
rules, 2011
ISACA and Cyber Framework
• Securing Sensitive Personal Data or
Information Under India’s IT Act Using
COBIT 5
• Securing Mobile Devices Using COBIT 5
for Information Security’
• Transforming Cybersecurity Using COBIT
5’
• Responding To Targeted Cyberattacks
• Advanced Persistent Threats: How To
Manage The Risk To Your Business
References
• http://www.cyberforensics.in/
• http://www.naavi.org/wp/
• http://www.cyberlawconsulting.com/
• http://www.cert-in.org.in/
• https://www.dsci.in/
90
nmdshenoy@yahoo.com,
09820409261
ধন্যবাদ
നന്ദിநன்றி
धन्यवाद
91
Search on ISACA Security Quiz-
www.bestfitsolutions.co.in

More Related Content

What's hot

Introduction to Cyber Crimes
Introduction to Cyber CrimesIntroduction to Cyber Crimes
Introduction to Cyber Crimes
atuljaybhaye
 
It Amendments Act
It Amendments ActIt Amendments Act
It Amendments Act
anthony4web
 
Information technology act
Information technology actInformation technology act
Information technology act
AKSHAY KHATRI
 
Cyber appellate tribunal
Cyber appellate tribunalCyber appellate tribunal
Cyber appellate tribunal
Ankita Sharma
 
Indian it act 2000
Indian it act 2000Indian it act 2000
Indian it act 2000
Avinash Katariya
 
It act law ppt
It act law pptIt act law ppt
It act law ppt
Vishesh Dalal
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.avi
avinashmsy
 
It act 2000
It act 2000It act 2000
It act 2000
Vidhu Arora
 
Electronic evidence
Electronic evidenceElectronic evidence
Electronic evidence
Talwant Singh
 
Information technology ACT - 2000 (Legal Aspect of Business)
Information technology ACT - 2000 (Legal Aspect of Business)Information technology ACT - 2000 (Legal Aspect of Business)
Information technology ACT - 2000 (Legal Aspect of Business)
Parth Patel
 
Unit 5 Intellectual Property Protection in Cyberspace
Unit 5  Intellectual Property Protection in CyberspaceUnit 5  Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in Cyberspace
Tushar Rajput
 
It act ppt ( 1111)
It act ppt ( 1111)It act ppt ( 1111)
It act ppt ( 1111)
Yogendra Wagh
 
Privacy right under it act, 2000 and under other law
Privacy right under it act, 2000 and under other lawPrivacy right under it act, 2000 and under other law
Privacy right under it act, 2000 and under other law
Nitya Nand Pandey
 
Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000
V'vek Sharma
 
Cyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptCyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and concept
gagan deep
 
IT Act 2000
IT Act 2000IT Act 2000
IT Act 2000
Pradeep Tomar
 
Information technology Act with Cyber offences .pptx
Information technology Act with Cyber offences .pptxInformation technology Act with Cyber offences .pptx
Information technology Act with Cyber offences .pptx
Rahul Bharati
 
Cyber law
Cyber lawCyber law
Information Technology Act 2000 - Santosh K Pathak
Information Technology Act 2000 - Santosh K PathakInformation Technology Act 2000 - Santosh K Pathak
Information Technology Act 2000 - Santosh K Pathak
Dipayan Sarkar
 
Cyber law – it act 2000,it act 2008
Cyber law – it act 2000,it act 2008Cyber law – it act 2000,it act 2008
Cyber law – it act 2000,it act 2008
ATHULYARAJDS
 

What's hot (20)

Introduction to Cyber Crimes
Introduction to Cyber CrimesIntroduction to Cyber Crimes
Introduction to Cyber Crimes
 
It Amendments Act
It Amendments ActIt Amendments Act
It Amendments Act
 
Information technology act
Information technology actInformation technology act
Information technology act
 
Cyber appellate tribunal
Cyber appellate tribunalCyber appellate tribunal
Cyber appellate tribunal
 
Indian it act 2000
Indian it act 2000Indian it act 2000
Indian it act 2000
 
It act law ppt
It act law pptIt act law ppt
It act law ppt
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.avi
 
It act 2000
It act 2000It act 2000
It act 2000
 
Electronic evidence
Electronic evidenceElectronic evidence
Electronic evidence
 
Information technology ACT - 2000 (Legal Aspect of Business)
Information technology ACT - 2000 (Legal Aspect of Business)Information technology ACT - 2000 (Legal Aspect of Business)
Information technology ACT - 2000 (Legal Aspect of Business)
 
Unit 5 Intellectual Property Protection in Cyberspace
Unit 5  Intellectual Property Protection in CyberspaceUnit 5  Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in Cyberspace
 
It act ppt ( 1111)
It act ppt ( 1111)It act ppt ( 1111)
It act ppt ( 1111)
 
Privacy right under it act, 2000 and under other law
Privacy right under it act, 2000 and under other lawPrivacy right under it act, 2000 and under other law
Privacy right under it act, 2000 and under other law
 
Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000Cyber Crime & Information technology Act 2000
Cyber Crime & Information technology Act 2000
 
Cyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and conceptCyberspace jurisdiction meaning and concept
Cyberspace jurisdiction meaning and concept
 
IT Act 2000
IT Act 2000IT Act 2000
IT Act 2000
 
Information technology Act with Cyber offences .pptx
Information technology Act with Cyber offences .pptxInformation technology Act with Cyber offences .pptx
Information technology Act with Cyber offences .pptx
 
Cyber law
Cyber lawCyber law
Cyber law
 
Information Technology Act 2000 - Santosh K Pathak
Information Technology Act 2000 - Santosh K PathakInformation Technology Act 2000 - Santosh K Pathak
Information Technology Act 2000 - Santosh K Pathak
 
Cyber law – it act 2000,it act 2008
Cyber law – it act 2000,it act 2008Cyber law – it act 2000,it act 2008
Cyber law – it act 2000,it act 2008
 

Similar to Information Technology Amendment Act 2008

Electronic governance
Electronic governanceElectronic governance
Electronic governance
Vibhor Agarwal
 
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptxINFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
akshitarathi77
 
E governance
E governanceE governance
E governance
Dr. Arun Verma
 
Class it act
Class it actClass it act
Class it act
Aryan Ajmer
 
Information Technology Act 2008
Information Technology Act 2008Information Technology Act 2008
Information Technology Act 2008
Mohit Goswami
 
Cyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studiesCyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studies
Sneha J Chouhan
 
Validity Of E singnature In India
Validity Of E singnature In IndiaValidity Of E singnature In India
Validity Of E singnature In India
Rohit6699
 
Indian IT Act 2000
Indian IT Act 2000Indian IT Act 2000
Indian IT Act 2000
Dr. Prashant Vats
 
E-signing-3
E-signing-3E-signing-3
E-signing-3
Pawan Laddha
 
It act 2000
It act 2000It act 2000
It act 2000
Rishav Mishra
 
Cyber law/Business law
Cyber law/Business lawCyber law/Business law
Cyber law/Business law
shrinivas kulkarni
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Anirban Mandal
 
Cyber crime 1
Cyber crime 1Cyber crime 1
Cyber crime 1
Anirban Mandal
 
The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
Naveen Kumar C
 
The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
Naveen Kumar C
 
Information Technology Act 2000 An Overview
Information Technology Act 2000  An OverviewInformation Technology Act 2000  An Overview
Information Technology Act 2000 An Overview
Anubhav
 
electronic_records_article.pdf
electronic_records_article.pdfelectronic_records_article.pdf
electronic_records_article.pdf
DharmendraRai32
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
Gururaj H L
 
Electronic commerce act of 2000
Electronic commerce act of 2000Electronic commerce act of 2000
Electronic commerce act of 2000
Justine Casilana
 
INDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITYINDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITY
pattok
 

Similar to Information Technology Amendment Act 2008 (20)

Electronic governance
Electronic governanceElectronic governance
Electronic governance
 
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptxINFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
 
E governance
E governanceE governance
E governance
 
Class it act
Class it actClass it act
Class it act
 
Information Technology Act 2008
Information Technology Act 2008Information Technology Act 2008
Information Technology Act 2008
 
Cyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studiesCyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studies
 
Validity Of E singnature In India
Validity Of E singnature In IndiaValidity Of E singnature In India
Validity Of E singnature In India
 
Indian IT Act 2000
Indian IT Act 2000Indian IT Act 2000
Indian IT Act 2000
 
E-signing-3
E-signing-3E-signing-3
E-signing-3
 
It act 2000
It act 2000It act 2000
It act 2000
 
Cyber law/Business law
Cyber law/Business lawCyber law/Business law
Cyber law/Business law
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime 1
Cyber crime 1Cyber crime 1
Cyber crime 1
 
The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
 
The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
 
Information Technology Act 2000 An Overview
Information Technology Act 2000  An OverviewInformation Technology Act 2000  An Overview
Information Technology Act 2000 An Overview
 
electronic_records_article.pdf
electronic_records_article.pdfelectronic_records_article.pdf
electronic_records_article.pdf
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
 
Electronic commerce act of 2000
Electronic commerce act of 2000Electronic commerce act of 2000
Electronic commerce act of 2000
 
INDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITYINDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITY
 

More from Nanda Mohan Shenoy

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
Nanda Mohan Shenoy
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
Nanda Mohan Shenoy
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
Nanda Mohan Shenoy
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
Nanda Mohan Shenoy
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
Nanda Mohan Shenoy
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
Nanda Mohan Shenoy
 
Digitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedbackDigitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedback
Nanda Mohan Shenoy
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
Nanda Mohan Shenoy
 

More from Nanda Mohan Shenoy (20)

Srimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdfSrimadbhagavata_parayanam_v3.pdf
Srimadbhagavata_parayanam_v3.pdf
 
D07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdfD07_SVCMahatmyam_v1.pdf
D07_SVCMahatmyam_v1.pdf
 
D06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdfD06_SVCMahatmyam_v1.pdf
D06_SVCMahatmyam_v1.pdf
 
D05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdfD05_SVCMahatmyam_v1.pdf
D05_SVCMahatmyam_v1.pdf
 
D04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdfD04_SVCMahatmyam_v1.pdf
D04_SVCMahatmyam_v1.pdf
 
D03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdfD03_SVCMahatmyam_v1.pdf
D03_SVCMahatmyam_v1.pdf
 
D02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdfD02_SVCMahatmyam_v1.pdf
D02_SVCMahatmyam_v1.pdf
 
D01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdfD01_SVCMahatmyam_v1.pdf
D01_SVCMahatmyam_v1.pdf
 
09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf09_Sundara Kandam_v3.pdf
09_Sundara Kandam_v3.pdf
 
08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf08_Sundara Kandam_v3.pdf
08_Sundara Kandam_v3.pdf
 
07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf07_Sundara Kandam_v3.pdf
07_Sundara Kandam_v3.pdf
 
06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf06_Sundara Kandam_v3.pdf
06_Sundara Kandam_v3.pdf
 
05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf05_Sundara Kandam_v3.pdf
05_Sundara Kandam_v3.pdf
 
04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx04_Sundara Kandam_v3.pptx
04_Sundara Kandam_v3.pptx
 
03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf03_Sundara Kandam-v3.pdf
03_Sundara Kandam-v3.pdf
 
02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf02_Sundara Kandam_v3.pdf
02_Sundara Kandam_v3.pdf
 
01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf01_Sundara Kandam_v3.pdf
01_Sundara Kandam_v3.pdf
 
CEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdfCEPAR Conference _20230204.pdf
CEPAR Conference _20230204.pdf
 
Digitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedbackDigitial Personal Data Bill 2022 feedback
Digitial Personal Data Bill 2022 feedback
 
IS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptxIS17428_ISACA_Chennai_20220910.pptx
IS17428_ISACA_Chennai_20220910.pptx
 

Recently uploaded

Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
Bhajan Mehta
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
ldtexsolbl
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
janagijoythi
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
Ivanti
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
Integrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecaseIntegrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecase
shyamraj55
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
Priyanka Aash
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
Zaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdfZaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdf
AmandaCheung15
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
DianaGray10
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
BrainSell Technologies
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 

Recently uploaded (20)

Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
 
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
Integrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecaseIntegrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecase
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
(CISOPlatform Summit & SACON 2024) Orientation by CISO Platform_ Using CISO P...
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
Zaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdfZaitechno Handheld Raman Spectrometer.pdf
Zaitechno Handheld Raman Spectrometer.pdf
 
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision MakingConnector Corner: Leveraging Snowflake Integration for Smarter Decision Making
Connector Corner: Leveraging Snowflake Integration for Smarter Decision Making
 
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdfAcumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
Acumatica vs. Sage Intacct vs. NetSuite _ NOW CFO.pdf
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
Girls call Kolkata 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 

Information Technology Amendment Act 2008

  • 1. IT AA 2008 Overview Nanda Mohan Shenoy D CAIIB,DBM-Part I,, NSE Certified Market Professional Level-1 ,P G Diploma in IRPM, PG Diploma in EDP and Computer Management, DIM,LA ISO 9001,LA ISO 27001 NISM empanelled CPE Trainer Director
  • 2. Agenda • PART-A –Why should we know the IT Act? –Background & Evolution of IT Act 2000/8 –Important Provisions of IT ACT 2000/8 2 www.bestfitsolutions.co.in
  • 3. Evolution of IT Act • The United Nations General Assembly adopted the Model Law on Electronic Commerce on 30th Jan 1997-UNCITRAL Model Law of E-Commerce • Draft e-Commerce Act 1998 released for public comments • IT Bill in 1999 3
  • 4. Incident-1 • I Love you virus-5th May 2000 • The IT Act 2000 enacted on –17th May – 9th June Presidential –17th October Bill passed • India became the 12th Nation to have the same 4
  • 5. Incident-2 • Dec 2004 • CEO was arrested • Sale of CD with objectionable material • The then PM orders review of the IT Act • Expert committee gives the comment in Aug 2005 • Amendment in 2006 5
  • 7. Dates • December 23& 24 - 2008 the IT Amendment Bill immediately after 26/11 –8 Bills in 17 Minutes • Got Presidential Assent on Feb 5th 2009 • Notified for effectiveness on 27th October 2009 with the passing of the rules. • Amended on 11th April 2011 43A,79,6A 7
  • 8. 2000 vs 2008 • 2000 –E-commerce • 2008 –Security focused –Data Protection 8 1
  • 9. 2000 Vs 2008 2000 2008 Chapters xiii xiv Sections 94 119* Schedules IV II 9 2 The last section in the amended act is Sec 90 ,then how come 119 Sections?
  • 10. Related Amendments • 2000( Schedules) –Indian Penal Code 1860 –The Indian Evidence Act 1872 –The Bankers Book Evidence Act 1891 –The RBI Act 1934 • 2008(Part 3 and 4) –Indian Penal Code 1860 –The Indian Evidence Act 1872 10
  • 11. Chapter wise Sections 11 I-PRELIMINARY(2) 1,2 II-DIGITAL SIGNATURE AND ELECTRONIC SIGNATURE(2) 3,3A III-ELECTRONIC GOVERNANCE(10) 4,5,6,6A,7,7A,8,9,10,10A IV-ATTRIBUTION, ACKNOWLEDGMENT AND DISPATCH OF ELECTRONIC RECORDS(3) 11,12,13 V-SECURE ELECTRONIC RECORDS AND SECURE ELECTRONIC SIGNATURES(3) 14,15,16 VI-REGULATION OF CERTIFYING AUTHORITIES(17) 17,18,19,20,21,22,23,24,25,26,27,2 8,29,30,31,32,33,34 VII-ELECTRONIC SIGNATURE CERTIFICATES(5) 35,36,37,38,39
  • 12. Chapter wise Sections 12 VIII-DUTIES OF SUBSCRIBERS(4) 40,40A,41,42 IX-PENALTIES, COMPENSATION AND ADJUDICATION(6) 43,43A,44,45,,46,,47 X-THE CYBER APPELLATE TRIBUNAL(21) 48,49,50,51,52,52A,52B,52C,52D,53,54,55,5 6,57,58,59,60,61,62,63,64 XI-OFFENCES(29) 65,66,66A,66B,66C,66D,66E,66F,67,67A,67B, 67C,68,69,69A,69B,70,70A,70B,71,72,72A,7 3,74,75,76,77,77A,77B,78 XII-INTERMEDIARIES NOT TO BE LIABLE IN CERTAIN CASES(1) 79 XIIA-EXAMINER OF ELECTRONIC EVIDENCE(1) 79A XIII-MISCELLANEOUS(15) 80,81,81A,,82,83,84,84A,84B,84C,85,86,87, 88,89,90,91,92,93,94
  • 13. Exceptions-Schedule-I • Documents or Transactions to which the Act shall not apply – A negotiable instrument (other than a cheque) as defined in sec 13 of the NI Act ,1881 – A power of Attorney as defined in Sec1 A of the Power of Attorney Act 1882 – A Trust as defined in Sec 3 of the Indian Trust Act ,1882 – A will as defined in clause (h) of the Sec 2 of the Indian Succession Act ,1925 – Any contract for sale or conveyance of immovable property or any interest in such property – Any such class of documents or transaction notified by Central Government 13
  • 14. Chapter-III-Sec 3 3. Authentication of Electronic Records (1) Subject to the provisions of this section any subscriber may authenticate an electronic record by affixing his Digital Signature. (2) The authentication of the electronic record shall be effected by the use of asymmetric crypto system and hash function which envelop and transform the initial electronic record into another electronic record. 14
  • 15. Chapter-III-Sec 3A 3-A. Electronic Signature (1) Notwithstanding anything contained in section 3, but subject to the provisions of sub-section(2), a subscriber may authenticate any electronic record by such electronic signature or electronic authentication technique which - (a) Is considered reliable; and (b) May be specified in the Second Schedule 15
  • 16. Chapter-III-Sec 3A (2) For the purposes of this section any electronic signature or electronic authentication technique shall be considered reliable if- (a) the signature creation data or the authentication data are, within the context in which they are used, linked to the signatory or, as the case may be, the authenticator and of no other person; (b)The signature creation data or the authentication data were, at the time of signing, under the control of the signatory or, as the case may be, the authenticator and of no other person; (c) Any alteration to the electronic signature made after affixing such signature is detectable; (d) Any alteration to the information made after its authentication by electronic signature is detectable; and (e) It fulfills such other conditions which may be prescribed. 16
  • 17. Chapter-III-Sec 3A (3) The Central Government may prescribe the procedure for the purpose of ascertaining whether electronic signature is that of the person by whom it is purported to have been affixed or authenticated. (4) The Central Government may, by notification in the Official Gazette, add to or omit any electronic signature or electronic authentication technique and the procedure for affixing such signature from the Second Schedule; 17
  • 18. Schedule-II • Schedule II of the IT Act 2000 defined the various types of Electronic Signature • Schedule II was empty when amended in 2008 • Government vide it's Gazzette notification dated 27th January 2015 has issued "Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015” under which e-authentication technique using Aadhaar e-KYC services is a valid electronic signature 18
  • 21. Chapter-III-Sec 4 Legal Recognition of Electronic Records. Where any law provides that information or any other matter shall be in writing or in the typewritten or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is - (a) Rendered or made available in an electronic form; and (b)accessible so as to be usable for a subsequent reference 21
  • 22. Chapter-III Sec 5 Legal recognition of Electronic Signature. Where any law provides that information or any other matter shall be authenticated by affixing the signature or any document should be signed or bear the signature of any person then, not withstanding anything contained in such law, such requirement shall be deemed to have been satisfied, if such information or matter is authenticated by means of electronic signature affixed in such manner as may be prescribed by the Central Government. 22
  • 23. Chapter-III Sec-7 Retention of Electronic Records - (1) Where any law provides that documents, records or information shall be retained for any specific period, then, that requirement shall be deemed to have been satisfied if such documents, records or information are retained in the electronic form, if - (a) the information contained therein remains accessible so as to be usable for a subsequent reference; 23
  • 24. Chapter-III Sec-7 contd.. (b)the electronic record is retained in the format in which it was originally generated, sent or received or in a format which can be demonstrated to represent accurately the information originally generated, sent or received; (c)the details which will facilitate the identification of the origin, destination, date and time of dispatch or receipt of such electronic record are available in the electronic record: 24
  • 25. Chapter-III Sec-7A Audit of Documents etc in Electronic form - Where in any law for the time being in force, there is a provision for audit of documents, records or information, that provision shall also be applicable for audit of documents, records or information processed and maintained in electronic form. 25
  • 26. Chapter-III Sec- 9 Sections 6, 7 and 8 Not to Confer Right to insist document should be accepted in electronic form - • Nothing contained in sections 6, 7 and 8 shall confer a right upon any person to insist that any Ministry or Department of the Central Government or the State Government or any authority or body established by or under any law or controlled or funded by the Central or State Government should accept, issue, create, retain and preserve any document in the form of electronic records or effect any monetary transaction in the electronic form. 26
  • 27. Chapter-III Sec- 10 A Validity of contracts formed through electronic means.- • Where in a contract formation, the communication of proposals, the acceptance of proposals, the revocation of proposals and acceptances, as the case may be, are expressed in electronic form or by means of an electronic record, such contract shall not be deemed to be unenforceable solely on the ground that such electronic form or means was used for that purpose. 27
  • 29. Chapter-V-Sec 15 Secure Electronic Signature. - • An electronic signature shall be deemed to be a secure electronic signature if- – (i) The signature creation data, at the time of affixing signature, was under the exclusive control of signatory and no other person; and – (ii) The signature creation data was stored and affixed in such exclusive manner as may be prescribed. – Explanation - In case of digital signature, the "signature creation data" means the private key of the subscriber 40
  • 30. Chapter-IX • Section 43 –Penalty and Compensation for damage to computer, computer system, etc(Amended vide ITAA-2008)- how much not stipulated in this section • Section 43-A –Compensation for failure to protect data. 41
  • 31. Chapter-IX-Sec 43 If any person without permission of the owner or any other person who is in charge of a computer, computer system or computer network, - (a) Accesses or secures access to such computer, computer system or computer network or computer resource; (b)downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium; 42
  • 32. Chapter-IX-Sec43 (c) Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network (d)damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programs residing in such computer, computer system or computer network; (e)Disrupts or causes disruption of any computer, computer system or computer network; 43
  • 33. What is damage ? (f)Denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means; (g)provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made there under; (h)Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network; 44
  • 34. What is damage ? (i)destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means; (j) Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage; he shall be liable to pay damages by way of compensation to the person so affected 45
  • 35. Sec-43 A • Where a body corporate, possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation, to the person so affected. (Change vide ITAA 2008) 46
  • 36. Sec 43 A- Explanation "Body corporate" means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities; 47
  • 37. SPDI "sensitive personal data or information" means such personal information as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit. 48
  • 38. SPDI It is defined in the • THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011 49
  • 39. Sec3-SPDI -Rules (i)Password (ii)Financial information such as bank account, credit card, debit card or other payment instrument details (iii)Physical, physiological and mental health condition (iv)Sexual orientation (v)Medical records and history (vi)Biometric information 50
  • 40. Sec3-SPDI –Rules contd.. (vii) any detail relating to the above clauses as provided to body corporate for providing service; and (viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules. 51
  • 41. Biometrics • PID Block • Signer Certificate at server level 52 3 In what format is the biometric information stored in the computer
  • 42. Reasonable Security Practices & Procedures • Security practices and procedures designed to protect such information from unauthorized access, damage, use, modification, disclosure or impairment, as may be specified in an agreement between the parties or in any law for the time being in force and in the absence of such agreement or any law, such reasonable security practices and procedures, as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit. 53
  • 43. Reasonable Security Practices Defined in the • THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011 54
  • 44. Rules (1) if they have implemented such security practices and standards and have a comprehensive documented information security programme and information security policies that contain managerial, technical,operational and physical security control measures that are commensurate with the information assets being protected with the nature of business. In the event of an information security breach, it shall be required to demonstrate, as and when called upon to do so by the agency mandated under the law, that they have implemented security control measures as per their documented information security programme and information security policies. 55
  • 45. Rules-contd (2) The International Standard IS/ISO/IEC 27001 on “Information Technology – Security Techniques – Information Security Management System – Requirements” is one such standard referred to in sub-rule (1). (3) Any industry association or an entity formed by such an association, whose members are self-regulating by following other than IS/ISO/IEC codes of best practices for data protection as per sub-rule(1), shall get its codes of best practices duly approved and notified by the Central Government for effective implementation. (4) The body corporate or a person on its behalf who have implemented either IS/ISO/IEC 56
  • 46. Rules-contd (4) Those who have implemented either IS/ISO/IEC 27001 standard or the codes of best practices for data protection as approved and notified under sub-rule (3) shall be deemed to have complied with reasonable security practices and procedures provided that such standard or the codes of best practices have been certified or audited on a regular basis by entities through independent auditor, duly approved by the Central Government. The audit of reasonable security practices and procedures shall be carried out by an auditor at least once a year or as and when significant up gradation of its process and computer resource 57
  • 48. Chapter-XI 59 Offence Sec Years Lac Tampering with computer Source documents 65 3 2 Computer Related Offences to be read with Sec 43 66 3 5 Punishment for dishonestly receiving stolen computer resource or communication device.(akin to Sec 411 of IPC) 66B 3 1 Punishment for identity theft. 66C 3 1 Punishment for cheating by personation by using computer resource 66D 3 1 Punishment for violation of privacy. 66E 3 2 Cyber Terrorism 66F Life
  • 49. Chapter-XI 60 Offence Sec Years Lac Transmission of obscene material in electronic form in addition to publishing. 67 3(5) 5(10) Punishment for publishing or transmitting of material containing sexually explicit act in electronic form 67A 5(7) 10(10) Punishment for publishing or transmitting of material depicting children in sexually explicit act in electronic form 67B 5(7) 10(10) Preservation and Retention of information by intermediaries 67C 3 Not defined Non Compliance to the directions of the Controller 68 2 1 Failure to assist the agency seeking for interception or monitoring or decryption of any information through any computer resource 69 7 Not defined
  • 50. Sec 67A 61 4 Provided that the provisions of section 67, section 67-A and this section does not extend to any book, pamphlet, paper, writing, drawing, painting, representation or figure in electronic form- (i) The publication of which is proved to be justified as being for the public good on the ground that such book, pamphlet, paper writing, drawing, painting, representation or figure is in the interest of science, literature, art or learning or other objects of general concern; or (ii) Which is kept or used for bonafide heritage or religious purposes.
  • 51. Chapter-XI 62 Offence Sec Years Lac Any person who secures access or attempts to secure access to a protected system 70 10 Not Defined Penalty for misrepresentation to Controller/CA 71 2 1 Penalty for breach of confidentiality and privacy.- 72 2 1 Punishment for Disclosure of information in breach of lawful contract 72A 3 5 Penalty for publishing electronic Signature Certificate false in certain particulars 73 2 1 Use of Electronic Signature Certificate for any fraudulent or unlawful purpose 74 2 1
  • 52. Type of Offence • Cognizable >= 3 Lac • Bailable <= 3Lac What is the liability under Sec 43A? 63 5
  • 53. ISO 27001 Vs IT(A)A-2008 64 IT Act Section Annexure A Controls for the Section Section 43: Penalty for damage to computer, computer system, etc. A.8.1.3 Acceptable Use of Assets Section 65: Tampering with computer source documents A.8.1.3 Acceptable Use of Assets A.8.2.3 Handling of Assets A.9.1.1 Access control policy Section 66: Hacking with computer system A.8.1.3 Acceptable Use of Assets A.9.1.2 Access to networks and network devices A.13.1.1 Network Controls A.13.1.2 Security of network services Section 67:,67A,67B,67C Publishing of information which is obscene in electronic form A.8.1.3 Acceptable Use of Assets A.13.2.1Information transfer policies and procedures A.13.2.3 Electronic messaging
  • 54. ISO 27001 Vs IT(A)A-2008 65 IT Act Section Annexure A Controls for the Section Section 72 & 72A : Penalty for breach of confidentiality and privacy A.8.1.3 Acceptable Use of Assets A.9.1.1 Access control policy A.9.2.3 Management of privileged access rights. A.9.4.2 Secure log-on procedures A.12.4.1 Event logging A.12.4.2 Protection of log information A.12.4.3 Administrator and operator logs A.12.6 Technical vulnerability management A.9.1.2 Access to networks and network devices A.13.1.1 Network Controls A.13.1.2 Security of Network Services Section 85: Offences by companies A.5.1 Policies on Information Security A.8.1.3 Acceptable Use of Assets A.13.2.1Information transfer policies and procedures A.13.2.3 Electronic messaging
  • 55. • Take the Online Quiz now 66
  • 56. Evaluation & Feedback • https://goo.gl/forms/E2JKPumUjh4h5k2 w1 • https://goo.gl/forms/vtx10YCC8GF1PQMM 2 67
  • 57. List of Rules-1 • Information Technology (Certifying Authorities) Rules, 2000. • Information Technology (IT) Security Guidelines Rule 19 (2) • Security Guidelines For Certifying Authorities Rule 19 (2) • Form For Application For Issue Of Digital Signature Certificate Rule 23 • The Cyber Regulations Appellate Tribunal (Procedure) Rules, 2000
  • 58. List of Rules-2 • Information Technology (Certifying Authority) Regulations, 2001 • Cyber Regulations Appellate Tribunal (Procedure For Investigation Of Misbehaviour or Incapacity Of Presiding Officer) Rules, 2003 • Information Technology (Other Powers Of Civil Court Vested In Cyber Appellate Tribunal) Rules 2003 • Information Technology (Other Standards) Rules, 2003.
  • 59. List of Rules-3 • The Information Technology (Qualification and Experience of Adjudicating Officers and Manner of Holding Enquiry) Rules, 2003 • The Cyber Regulations Appellate Tribunal (Salary, Allowance and other Terms and Conditions of Service of Presiding Officer) Rules, 2003. • Information Technology (Use Of Electronic Records And Digital Signatures) Rules, 2004 • The Information Technology (Security Procedure) Rules, 2004
  • 60. List of Rules-4 • Blocking Of Websites Ministry Of Communication And Information Technology • The information technology (reasonable security practices and procedures and sensitive personal data or information) rules, 2011
  • 61. ISACA and Cyber Framework • Securing Sensitive Personal Data or Information Under India’s IT Act Using COBIT 5 • Securing Mobile Devices Using COBIT 5 for Information Security’ • Transforming Cybersecurity Using COBIT 5’ • Responding To Targeted Cyberattacks • Advanced Persistent Threats: How To Manage The Risk To Your Business
  • 62. References • http://www.cyberforensics.in/ • http://www.naavi.org/wp/ • http://www.cyberlawconsulting.com/ • http://www.cert-in.org.in/ • https://www.dsci.in/ 90

Editor's Notes

  1. Civil liabiliites 5 crores
  2. Provided that the Central Government may, by notification in the Official Gazette, amend the First Schedule by way of addition or deletion of entries thereto.
  3. Section 197(12)
  4. Complexity can increase and offendors can be booked under multiple sections and multiple offences.